URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Submission: On January 17 via manual from US — Scanned from DE

Summary

This website contacted 95 IPs in 13 countries across 54 domains to perform 471 HTTP transactions. The main IP is 158.101.178.245, located in Frankfurt am Main, Germany and belongs to ORACLE-BMC-31898, US. The main domain is thesun.my. The Cisco Umbrella rank of the primary domain is 612705.
TLS certificate: Issued by R3 on November 7th 2023. Valid for: 3 months.
This is the only time thesun.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
47 158.101.178.245 31898 (ORACLE-BM...)
3 2606:4700:21:... 13335 (CLOUDFLAR...)
14 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
5 52.219.40.37 16509 (AMAZON-02)
1 52.219.40.242 16509 (AMAZON-02)
20 23.212.201.53 16625 (AKAMAI-AS)
11 2a00:1450:400... 15169 (GOOGLE)
2 13.32.99.21 16509 (AMAZON-02)
54 151.101.65.44 54113 (FASTLY)
4 47.254.199.63 45102 (ALIBABA-C...)
4 2001:4860:480... 15169 (GOOGLE)
7 2001:4860:480... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 7 2a02:2638:3::c 44788 (ASN-CRITE...)
1 65.9.66.97 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 104.18.35.167 13335 (CLOUDFLAR...)
16 2a02:2638:3::3 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 54.75.58.229 16509 (AMAZON-02)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
2 141.95.98.65 16276 (OVH)
2 34.98.64.218 396982 (GOOGLE-CL...)
4 2a00:1450:400... 15169 (GOOGLE)
4 8.218.26.252 45102 (ALIBABA-C...)
4 47.250.11.143 45102 (ALIBABA-C...)
7 23.35.236.201 16625 (AKAMAI-AS)
2 12 47.243.203.231 45102 (ALIBABA-C...)
6 35.157.107.95 16509 (AMAZON-02)
1 193.47.76.44 35167 (PROTEC)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:3::12 44788 (ASN-CRITE...)
2 185.64.190.78 62713 (AS-PUBMATIC)
3 2a00:1450:400... 15169 (GOOGLE)
2 178.250.1.6 44788 (ASN-CRITE...)
16 141.226.228.48 200478 (TABOOLA-AS)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
36 2a02:2638:3::10 44788 (ASN-CRITE...)
4 2a02:2638:3::1a 44788 (ASN-CRITE...)
4 151.101.1.44 54113 (FASTLY)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 15.197.193.217 16509 (AMAZON-02)
3 2a05:d018:d29... 16509 (AMAZON-02)
2 151.101.129.55 54113 (FASTLY)
1 13.32.27.75 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
3 2400:52e0:150... 200325 (BUNNYCDN)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
2 193.108.153.18 20940 (AKAMAI-ASN1)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
3 88.221.125.39 16625 (AKAMAI-AS)
1 2600:9000:218... 16509 (AMAZON-02)
3 108.138.1.25 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 46.228.174.115 56396 (AMOBEE)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 4 37.252.171.85 29990 (ASN-APPNEX)
3 54.171.230.28 16509 (AMAZON-02)
1 2602:803:c003... 26667 (RUBICONPR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
25 81.17.55.160 60781 (LEASEWEB-...)
10 99.80.55.123 16509 (AMAZON-02)
10 2a02:6b8::90 13238 (YANDEX)
1 35.186.253.211 15169 (GOOGLE)
1 104.18.36.155 13335 (CLOUDFLAR...)
1 18.185.180.173 16509 (AMAZON-02)
1 99.86.4.128 16509 (AMAZON-02)
1 108.138.9.235 16509 (AMAZON-02)
1 2.16.97.41 16625 (AKAMAI-AS)
2 2.18.161.51 16625 (AKAMAI-AS)
1 65.9.66.92 16509 (AMAZON-02)
6 2600:9000:215... 16509 (AMAZON-02)
1 52.49.23.84 16509 (AMAZON-02)
1 141.226.224.32 200478 (TABOOLA-AS)
2 151.101.65.55 54113 (FASTLY)
1 35.157.101.217 ()
1 184.30.20.22 ()
1 151.101.193.108 ()
2 184.30.22.30 ()
1 13.248.245.213 ()
1 104.18.38.76 ()
1 69.173.144.138 ()
471 95
Apex Domain
Subdomains
Transfer
75 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1024
trc.taboola.com — Cisco Umbrella Rank: 646
trc-events.taboola.com — Cisco Umbrella Rank: 2085
vidstat.taboola.com — Cisco Umbrella Rank: 3158
am-trc-events.taboola.com — Cisco Umbrella Rank: 14648
images.taboola.com — Cisco Umbrella Rank: 1693
imprammp.taboola.com — Cisco Umbrella Rank: 15384
am-match.taboola.com — Cisco Umbrella Rank: 15903
wf.taboola.com — Cisco Umbrella Rank: 2974
am-vid-events.taboola.com — Cisco Umbrella Rank: 15154
vidstatb.taboola.com — Cisco Umbrella Rank: 4631
pips.taboola.com — Cisco Umbrella Rank: 1652
cds.taboola.com — Cisco Umbrella Rank: 1817
am-wf.taboola.com
1 MB
56 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9386
csm.eu.criteo.net — Cisco Umbrella Rank: 8850
609 KB
43 thesun.my
thesun.my — Cisco Umbrella Rank: 612705
2 MB
25 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 9507
8 KB
24 innity.com
as.innity.com — Cisco Umbrella Rank: 28871
optimize.innity.com — Cisco Umbrella Rank: 44882
optimize2.innity.com — Cisco Umbrella Rank: 44234
avd.innity.com — Cisco Umbrella Rank: 33189
13 KB
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
462 KB
20 innity.net
cdn.innity.net — Cisco Umbrella Rank: 39110
ssl-avd.innity.net — Cisco Umbrella Rank: 52355
avd.innity.net — Cisco Umbrella Rank: 47496
media.innity.net — Cisco Umbrella Rank: 63744
61 KB
20 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
312 KB
14 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 423
mug.criteo.com — Cisco Umbrella Rank: 3123
ads.eu.criteo.com — Cisco Umbrella Rank: 8778
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10462
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15457
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15704
bidder.criteo.com — Cisco Umbrella Rank: 679
135 KB
13 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2616
www.google.com — Cisco Umbrella Rank: 2
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
121 KB
10 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 11423
2 KB
10 smaato.net
prebid.ad.smaato.net — Cisco Umbrella Rank: 5103
4 KB
10 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 4337
buttons-config.sharethis.com — Cisco Umbrella Rank: 4843
count-server.sharethis.com — Cisco Umbrella Rank: 10926
platform-cdn.sharethis.com — Cisco Umbrella Rank: 9588
l.sharethis.com
54 KB
10 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 535
image6.pubmatic.com — Cisco Umbrella Rank: 805
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
198 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
610 KB
6 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1434
sync.teads.tv — Cisco Umbrella Rank: 1376
t.teads.tv — Cisco Umbrella Rank: 3052
136 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
871 B
6 google.de
www.google.de — Cisco Umbrella Rank: 6518
767 B
6 amazonaws.com
s3.ap-southeast-1.amazonaws.com
s3-ap-southeast-1.amazonaws.com
355 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
acdn.adnxs.com
20 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
75 KB
5 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1736
google-bidout-d.openx.net — Cisco Umbrella Rank: 1735
rtb.openx.net — Cisco Umbrella Rank: 625
adasia-d.openx.net
1 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2029
42 KB
5 thesundaily.my
www.thesundaily.my — Cisco Umbrella Rank: 635213
ssfpc.thesundaily.my
346 KB
4 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
eus.rubiconproject.com
token.rubiconproject.com
16 KB
4 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 863
313 B
4 adbro.me
tag.adbro.me — Cisco Umbrella Rank: 24451
apis.adbro.me — Cisco Umbrella Rank: 29644
12 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
195 KB
3 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1535
2 KB
3 b-cdn.net
propsid.b-cdn.net — Cisco Umbrella Rank: 56051
8 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
1 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
445 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
195 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 857
id5-sync.com — Cisco Umbrella Rank: 425
30 KB
3 iterwebcms.com
cdn.iterwebcms.com — Cisco Umbrella Rank: 105527
33 KB
2 adasiaholdings.com
adnetwork.adasiaholdings.com — Cisco Umbrella Rank: 52873
450 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 581
eb2.3lift.com
773 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1229
contextual.media.net
9 KB
2 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 10545
72 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
216 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
93 KB
2 anymind360.com
anymind360.com — Cisco Umbrella Rank: 19087
197 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
7 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
3 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
12 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
3 KB
1 indexww.com
js-sec.indexww.com
2 KB
1 ltmsphrcl.net
c.ltmsphrcl.net — Cisco Umbrella Rank: 5000
313 B
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
548 B
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 46
3 KB
1 protecmedia.com
mas.protecmedia.com — Cisco Umbrella Rank: 118698
153 B
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1299
5 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1833
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2948
3 KB
471 54
Domain Requested by
43 thesun.my thesun.my
36 images.taboola.com thesun.my
36 imageproxy.eu.criteo.net ads.eu.criteo.com
25 prg-apac.smartadserver.com anymind360.com
16 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
anymind360.com
static.criteo.net
13 securepubads.g.doubleclick.net thesun.my
securepubads.g.doubleclick.net
as.innity.com
b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
www.googletagservices.com
anymind360.com
propsid.b-cdn.net
12 avd.innity.com 2 redirects thesun.my
avd.innity.net
b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
10 bs.yandex.ru anymind360.com
10 prebid.ad.smaato.net anymind360.com
10 am-trc-events.taboola.com thesun.my
cdn.taboola.com
10 tpc.googlesyndication.com b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
10 cdn.taboola.com thesun.my
cdn.taboola.com
10 cdn.innity.net thesun.my
cdn.innity.net
b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
as.innity.com
8 pagead2.googlesyndication.com thesun.my
pagead2.googlesyndication.com
media.innity.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
8 www.googletagmanager.com thesun.my
www.googletagmanager.com
propsid.b-cdn.net
www.google-analytics.com
7 ads.pubmatic.com thesun.my
ads.pubmatic.com
anymind360.com
propsid.b-cdn.net
7 region1.analytics.google.com www.googletagmanager.com
6 platform-cdn.sharethis.com
6 x.bidswitch.net thesun.my
b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
imprammp.taboola.com
am-match.taboola.com
6 gum.criteo.com 1 redirects cdn.taboola.com
static.criteo.net
anymind360.com
6 www.google.de thesun.my
6 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 s3.ap-southeast-1.amazonaws.com thesun.my
4 ib.adnxs.com 1 redirects anymind360.com
4 targeting.unrulymedia.com anymind360.com
4 csm.eu.criteo.net ads.eu.criteo.com
4 ssl-avd.innity.net thesun.my
4 optimize2.innity.com thesun.my
b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
4 optimize.innity.com thesun.my
b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
4 b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 as.innity.com cdn.innity.net
4 www.thesundaily.my thesun.my
3 g2.gumgum.com anymind360.com
3 c.amazon-adsystem.com anymind360.com
c.amazon-adsystem.com
3 a.teads.tv thesun.my
a.teads.tv
anymind360.com
3 propsid.b-cdn.net thesun.my
propsid.b-cdn.net
3 pr-bh.ybp.yahoo.com imprammp.taboola.com
am-match.taboola.com
3 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
3 media.innity.net as.innity.com
cdn.innity.net
3 www.googletagservices.com b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
3 avd.innity.net ssl-avd.innity.net
3 www.google.com thesun.my
tpc.googlesyndication.com
3 cdn.iterwebcms.com thesun.my
cdn.iterwebcms.com
2 eus.rubiconproject.com anymind360.com
eus.rubiconproject.com
2 adnetwork.adasiaholdings.com ced.sascdn.com
2 t.teads.tv
2 apis.adbro.me 1 redirects tag.adbro.me
2 tag.adbro.me thesun.my
2 ced.sascdn.com anymind360.com
thesun.my
2 www.facebook.com
2 connect.facebook.net thesun.my
connect.facebook.net
2 anymind360.com thesun.my
anymind360.com
2 am-vid-events.taboola.com thesun.my
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 fonts.gstatic.com thesun.my
2 fonts.googleapis.com cdn.taboola.com
2 cat.nl3.eu.criteo.com ads.eu.criteo.com
2 trc.taboola.com cdn.taboola.com
2 image6.pubmatic.com ads.pubmatic.com
2 ads.eu.criteo.com b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
2 www.gstatic.com cdn.iterwebcms.com
2 id5-sync.com cdn.id5-sync.com
2 oajs.openx.net 1 redirects thesun.my
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
anymind360.com
2 sb.scorecardresearch.com thesun.my
1 am-wf.taboola.com vidstat.taboola.com
1 token.rubiconproject.com eus.rubiconproject.com
1 adasia-d.openx.net anymind360.com
1 js-sec.indexww.com anymind360.com
1 eb2.3lift.com anymind360.com
1 acdn.adnxs.com anymind360.com
1 contextual.media.net anymind360.com
1 l.sharethis.com platform-api.sharethis.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 c.ltmsphrcl.net tag.adbro.me
1 count-server.sharethis.com platform-api.sharethis.com
1 sync.teads.tv a.teads.tv
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 tlx.3lift.com anymind360.com
1 htlb.casalemedia.com anymind360.com
1 rtb.openx.net anymind360.com
1 hbopenbid.pubmatic.com anymind360.com
1 fastlane.rubiconproject.com anymind360.com
1 prebid.media.net anymind360.com
1 bidder.criteo.com anymind360.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 ssfpc.thesundaily.my anymind360.com
1 platform-api.sharethis.com thesun.my
1 vidstatb.taboola.com thesun.my
1 imprammp.taboola.com vidstat.taboola.com
1 lh3.googleusercontent.com thesun.my
1 rtb.fr3.eu.criteo.com b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
1 rtb.nl3.eu.criteo.com b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
1 trc-events.taboola.com cdn.taboola.com
1 mas.protecmedia.com thesun.my
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com thesun.my
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 s3-ap-southeast-1.amazonaws.com thesun.my
471 112
Subject Issuer Validity Valid
www.thesundaily.my
R3
2023-11-07 -
2024-02-05
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-06-06 -
2024-06-05
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.s3-ap-southeast-1.amazonaws.com
Amazon RSA 2048 M01
2023-10-10 -
2024-09-25
a year crt.sh
*.innity.net
DigiCert TLS RSA SHA256 2020 CA1
2023-12-29 -
2025-01-03
a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA
2023-12-11 -
2024-12-10
a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-05 -
2025-01-04
a year crt.sh
www.google.de
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
cdn.prod.uidapi.com
R3
2023-11-02 -
2024-01-31
3 months crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-11-24 -
2024-02-22
3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-09-30
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-15 -
2024-03-10
3 months crt.sh
www.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.id5-sync.com
R3
2024-01-01 -
2024-03-31
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-26 -
2024-11-26
a year crt.sh
mas.protecmedia.com
R3
2023-12-19 -
2024-03-18
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
*.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-03 -
2024-02-28
3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-27 -
2024-03-21
3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-08 -
2024-03-03
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2024-01-10 -
2024-06-26
6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
anymind360.com
R3
2023-12-24 -
2024-03-23
3 months crt.sh
sharethis.com
Amazon RSA 2048 M02
2023-05-20 -
2024-06-17
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-10-26 -
2024-01-24
3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA
2023-11-05 -
2024-11-11
a year crt.sh
ssfpc.thesundaily.my
GTS CA 1D4
2023-11-25 -
2024-02-23
3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1
2023-07-14 -
2024-07-17
a year crt.sh
tag.adbro.me
Sectigo RSA Domain Validation Secure Server CA
2023-12-18 -
2024-12-18
a year crt.sh
teads.tv
R3
2023-11-03 -
2024-02-01
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
adbro.me
GTS CA 1P5
2023-12-10 -
2024-03-09
3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA
2023-05-10 -
2024-05-10
a year crt.sh
prebid.media.net
GTS CA 1D4
2023-12-24 -
2024-03-23
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01
2023-07-17 -
2024-08-14
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
smaato.net
Sectigo ECC Domain Validation Secure Server CA
2023-08-25 -
2024-08-24
a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018
2023-09-24 -
2024-03-24
6 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2023-02-20 -
2024-03-20
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
*.ltmsphrcl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-06
a year crt.sh
*.google.de
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
adnetwork.adasiaholdings.com
R3
2024-01-09 -
2024-04-08
3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2023-03-27 -
2024-04-26
a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3
2023-09-05 -
2024-09-03
a year crt.sh

This page contains 34 frames:

Primary Page: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Frame ID: 4CFE7A04E2CF755A318E006C04567173
Requests: 316 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=thesun.my
Frame ID: 49255F1DCC95FC8A5E6C4ECC446927D9
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 826FCFB2658FC405E7B2E99234C6B249
Requests: 1 HTTP requests in this frame

Frame: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 06E684E34D9DBB284D0BB1EF91322B60
Requests: 1 HTTP requests in this frame

Frame: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Frame ID: C5F5D453E396FFEDC6A5BB627355291E
Requests: 6 HTTP requests in this frame

Frame: https://ssl-avd.innity.net/1/container_549927e79bd1fa1a040041a9.js
Frame ID: DFFDEE999B618F63B646241AAEDCFD87
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20190131/zrt_lookup_fy2021.html
Frame ID: D512F40E065AC7199EFD86DE13449A42
Requests: 1 HTTP requests in this frame

Frame: https://avd.innity.com/uidsync/init/?idsr=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D1381%26g%3D204%26j%3D0&c=HK&itmcb=1705507742928
Frame ID: BC98F4C1AF077B2F358A46EB8E1A6D9C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.innity.net/admanager.js
Frame ID: 99A1ADCFED64363AFEF0AD5634D293EE
Requests: 6 HTTP requests in this frame

Frame: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1DF51353F37A2B3D098DF89347C3F241
Requests: 14 HTTP requests in this frame

Frame: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6A234F3FCC02B031DE9647F459CA39F9
Requests: 8 HTTP requests in this frame

Frame: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8C560A8801D0FC1DA55A8EDB52B4E7B0
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: FD5BF1342F29D39539A429861640D582
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs4Hg6d6AAVrzDj7O3ZwOdeWBfZNQA&u=%7CEzVrkB%2FwlVazBnoJWPIEkmyUlAkPEFgDCu6Hve9TBv8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZUj23gMW68cEzRZjxX3avG5aa7FJU_bspXKmxF6gNz9f-JLH4qNII0rlOsKLmPZCOsfj_kAiwPZz1SX_vbkiQnlWJnP1UuZApnwa8ePasUDBikhb9QHtPtpUAi3CWvI7Xo8D8nedW2sFwLR6oZq98HpCW8C6bz2fWhiudBYxQwGzR_XlacyMDpOVvTz7OyeJKaWisptU_Ti8SIW142neHj3WwhjgSXedOmgW_55ckKe4eB_G_clZaCSwgCeFsOPSlJdAErGgz9nArquhWB9que3E0bTDHgrEMW_zi9buoQwt_3fTh0-_5FcgOFvjwNbLh5vjhYto35zs9fuAEc4EyAqzJdrGzIwTJNBYQH0q8CNmTu-3ZwAWy0BkpnSe7xQeo318FA8-QAMvHXsyGAx1PoyGRsbmo5v59nq1aPz5tgD0zWYggDqPWJF1gWjLf9M2Wvte5o1ZIRpkk5ltjOxcy97By7C2SD527CrmdUqDmYs-bQIZCuR0cza6HYRQb_rIBGXR5AhL7DsXP4qwK-tT-st3rDiTQbM8jvFXcyiXOY_MUwcRDLASuskPUZnbbGpiJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaBJEnvunZc6tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgThAk_Q2MKEuMlFxGNIQ36w3y5b-JvjqJoYsEd1XKuPMiy8P15G0WOeQbrubkxNuPi6soiPjaOdj0_77-OK0L2-XuFD6oNXjFuSrp5l_Y3Q44SXKA_V7Cw7fQn9SA6i1w1ty3iMuJ0I1_JjnivkaELUj2mK2KJTcntyraCO6400GX4IFO1dEhx5TIiYfHpeuZ_ZsllqOeRGYP5fCZefbspLmmJBPksZIWY1JrGLoZUn6gn_wMKbNCkOXFLWR4b_EJbkjrmstLps5l33HbN5WIft8Gz0hUPmWESjvhbNW5EtSORu_VeXAu7ylAmHwFFA00lVvsdLD_blL9aECXaR_Qy_OVYFTExwLlmUmzC9lZ7vkidtlTLHohLzPYFY6JDcaMcXIQDBGnOSnZQtbxhHF7Di6XTmW7Cau6vpa42B6CnTZ5BVKSNWjy91FsK-Ko_sLkvoLNTSiZxvfaSf2Hq7bKAghYk94AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiGhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_1HLLolqtq85nHzW8b0DDms_HBROw%26client%3Dca-pub-6480054480478840%26adurl%3D
Frame ID: 6DB3BBDE3967DCE23B8B1F96D3F92B93
Requests: 16 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Frame ID: 6D555917243C856BDDD163C1C15595C3
Requests: 42 HTTP requests in this frame

Frame: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Frame ID: E92D7E25017CD52050B0185D49E03EAD
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 553D3266A447697A746CF89CE6703F87
Requests: 2 HTTP requests in this frame

Frame: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Frame ID: E7244C3BFBDB6726F3C2B0687B90EA69
Requests: 6 HTTP requests in this frame

Frame: https://avd.innity.com/uidsync/init/?idsr=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D1381%26g%3D204%26j%3D0&c=HK&itmcb=1705507744598
Frame ID: 826A9585153DC1E06C4D4E35EC3E3D8D
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&cmcv=&pix=undefined&cb=1705507744629&uv=3373&tms=1705507744629&abt=adxsub-out_vA!adxsub-out_vB!eidc_vB!esv_vA!pl152588-649_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=e44a44c4-e029-49ab-a6fb-4ac51fd65c92&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 512008EA52C04488E6E464E2671F7B90
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: C3D723B710E6CA89FC10070B956945BC
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: 606CDB1770ED760D1ED940D4D52D7B09
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 37515687AC0CF519B1F3CA3D13307AE4
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FE11DA53ABE0CC8C8C9D677367C35973
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1FD3CA0A45688A646D84F30FAD588270
Requests: 2 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: EA8244AEAE9317BD2DC89E0B9F7EFA59
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Frame ID: 1D61B89BD456F64055277A796371B69F
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3VM41V&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 9AB708AF38CD043A97CE732EE7E05A22
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 37B1A15D3BA3EEED86E1D3F772971F9B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2F453B5CE82BC501688205981F5FE80F
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 4EF5758DA4808BC424D8D9EF532CF405
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AD854C45F853BC3AF761997FD0970701
Requests: 1 HTTP requests in this frame

Frame: https://adasia-d.openx.net/w/1.0/pd
Frame ID: CE292C4D37452199A649CCEF97BA9066
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=thesun.my&gdpr=1&gdpr_consent=
Frame ID: F4E7FD6EA18DBE9C69ABD33684C36DBD
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Gnanaraja’s RM19m cheating case classified as NFA: DPPClickable ImageClickable ImageClickable ImageGroup 3Group 3Group 3Group 3

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

471
Requests

99 %
HTTPS

41 %
IPv6

54
Domains

112
Subdomains

95
IPs

13
Countries

7515 kB
Transfer

17946 kB
Size

48
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&rid=esp&cc=1
Request Chain 71
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=thesun.my&sn=ChromeSyncframe&so=0&topUrl=thesun.my&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=lIp5DXxxTlJ5NjN6OGlubDhBWEFmZGxLOHMxd0tZR0RLQ2VyMHJ4VXJvcUV3enFGTjJBVE4xdllrTXlLclFPT1B6MEF3UWxiVERtRGVsT3hVejNrdSs0V3JZdHF5cFVBMmhuSDdPN0pkak9KQlh2ZnhweEZnQ29vSFByYVJwbkNjR2svSUVQbnJwM09xc29MMkUxem82aEp4VTdnanU3VDN4eTNpeXNhUythMlZWL01EaGxCNW94ZlBEMnY5TEMrckZyMFRBdlVqT1B2TmxSRHpnSksyNURVOFR1b0Y2WGs0VnZhN2FXRlBUdHNjcWNyTWp5RWNnT09vMDN4ZDVrRDNLZzBnWmV2elJITDA4VG00RytVT2VKajBCQT09fA&cppv=2
Request Chain 101
  • https://avd.innity.com/uidsync/getuid/?idsr=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fssp%3Dinnity%26user_id%3D%24UID&itmcb=1705507742928 HTTP 302
  • https://x.bidswitch.net/sync?ssp=innity&user_id=eee5a53396bec803fac54f48b9927b16
Request Chain 282
  • https://avd.innity.com/uidsync/getuid/?idsr=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fssp%3Dinnity%26user_id%3D%24UID&itmcb=1705507744598 HTTP 302
  • https://x.bidswitch.net/sync?ssp=innity&user_id=eee5a53396bec803fac54f48b9927b16
Request Chain 424
  • https://apis.adbro.me/api/v2/advertising/cookie_sync?uid=5b62732a-91b5-4dfd-b112-6dce1eb6058d&r=eazg6f HTTP 302
  • https://x.bidswitch.net/sync?ssp=adbro&user_id=5b62732a-91b5-4dfd-b112-6dce1eb6058d
Request Chain 468
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

471 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
thesun.my/home_news/
83 KB
16 KB
Document
General
Full URL
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
f2a1dc03557016dae46b9b57e5abffb9c674fbd2f6a983e89f2b0a5b876db883

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
15708
content-type
text/html
date
Wed, 17 Jan 2024 16:09:01 GMT
server
nginx/1.14.0
vary
Accept-Encoding
2c6ac3d61cbdeb5f814241c786a872d0.css
thesun.my/base-portlet/webrsrc/theme/
71 KB
12 KB
Stylesheet
General
Full URL
https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
c24b5bb44b2f3b368af8dd409ecd821ca7c7eda49203d1cd39be2c026d920b4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"84846a23"
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
11712
expires
Sat, 28 Dec 2024 15:50:02 GMT
452b4f5ae1fb2ae11fbe1178f331b93c.js
thesun.my/base-portlet/webrsrc/
480 KB
143 KB
Script
General
Full URL
https://thesun.my/base-portlet/webrsrc/452b4f5ae1fb2ae11fbe1178f331b93c.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
e7791dbb0dadfb45f9b1438c94ab8e0a8574eaae376cdff6d793ae097d0d7d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"76bc3816"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
146438
expires
Sat, 28 Dec 2024 15:49:51 GMT
mas-tracker-min.js
cdn.iterwebcms.com/_proxy_https_/mas.protecmedia.com/
14 KB
5 KB
Script
General
Full URL
https://cdn.iterwebcms.com/_proxy_https_/mas.protecmedia.com/mas-tracker-min.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:cc59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ac28f060464a9c2a7beea74360934edf0fc235d344a76a3037a790a4c822ae8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-log
https://mas.protecmedia.com/mas-tracker-min.js
date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1694
x-node
mas1
last-modified
Sat, 06 Feb 2021 21:37:59 GMT
server
cloudflare
etag
W/"3883-5bab1c0225545-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glxzBoIykA0SLUIJUDAuwfGPN%2BFXOh2Pol5TEcZuFdcZHr9WLAUpHG0rAIO13%2F8GVSFCXVfB44aLL0UewY3ytgtY1Gwuky7Rt7220%2B72dhqmghEt%2FyIUomy91W9T4Rzfdh822EvsiF3BvYd%2FAsA5Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
846fdc39ee23c25e-VIE
mas-push-min.js
cdn.iterwebcms.com/_proxy_https_/mas.protecmedia.com/
9 KB
4 KB
Script
General
Full URL
https://cdn.iterwebcms.com/_proxy_https_/mas.protecmedia.com/mas-push-min.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:cc59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c830b9091377eee7ca4d99a12784e19e1edb55bc327eaa977f8811a50fec979b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-log
https://mas.protecmedia.com/mas-push-min.js
date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1694
x-node
mas1
last-modified
Mon, 10 Oct 2022 13:31:42 GMT
server
cloudflare
etag
W/"25eb-5eaae2e182a20-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BO2euG2LkZ79Q9bOjupa8pilUCJmJbZKn9v90EIandfx8k%2FK6cngVQ8sLyRldXj4xNBCaFL4nSatiFesDnTagcbil%2F2IiKAe%2FX7V4GMenpbkLyxeUyZyaEmJK0gopiagErgqsuQo%2BeUoDfjDBZwNcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
846fdc39ee25c25e-VIE
iter-util-cookie.js
thesun.my/html/js/iter-libraries/
1 KB
843 B
Script
General
Full URL
https://thesun.my/html/js/iter-libraries/iter-util-cookie.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
8b4b20f6dc2dc175957b8f2c82124fe8d9d7aa39f74b5f518a807a107df1c984

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"d48e47a9"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
accept-ranges
bytes
content-length
624
expires
Sat, 28 Dec 2024 15:48:34 GMT
iter-konami.js
thesun.my/html/js/iter-libraries/
461 B
554 B
Script
General
Full URL
https://thesun.my/html/js/iter-libraries/iter-konami.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
684644849f4a1bd1cf92ecd86a521c183c1afbf95ce55b6a6cdbaa65a217005e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"64846ca5"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
accept-ranges
bytes
content-length
335
expires
Sat, 28 Dec 2024 15:50:04 GMT
iter-util-url.js
thesun.my/html/js/iter-libraries/
2 KB
1011 B
Script
General
Full URL
https://thesun.my/html/js/iter-libraries/iter-util-url.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
ec415ac8686169413c9f0796e31dfdd983fc132dec728380c9584a60c0ebf717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"799f4598"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
accept-ranges
bytes
content-length
792
expires
Sat, 28 Dec 2024 15:49:31 GMT
iter-util-http.js
thesun.my/html/js/iter-libraries/
601 B
566 B
Script
General
Full URL
https://thesun.my/html/js/iter-libraries/iter-util-http.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
eee6d6cc4d888c51bfdd240608d0de62e555ee4a610acd51abb18ab37f2fb48b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"562e09f4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
accept-ranges
bytes
content-length
347
expires
Sat, 28 Dec 2024 15:49:07 GMT
iter-statistics.js
thesun.my/html/js/iter-libraries/
957 B
651 B
Script
General
Full URL
https://thesun.my/html/js/iter-libraries/iter-statistics.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
33dcbe05f569c958c84d28f3b2a2b4d8af48176b4973806b7ebcca422f64b58b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"4365fb55"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
accept-ranges
bytes
content-length
432
expires
Sat, 28 Dec 2024 15:47:50 GMT
iter-util-event.js
thesun.my/html/js/iter-libraries/
390 B
450 B
Script
General
Full URL
https://thesun.my/html/js/iter-libraries/iter-util-event.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
d60ecff8aee39b4ea3fd8d02ea0426d4099e4e593c964f054d2bc9a21d2a8116

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"1419ae21"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
accept-ranges
bytes
content-length
232
expires
Sat, 28 Dec 2024 15:47:57 GMT
iter-reading.js
thesun.my/html/js/iter-libraries/
1 KB
908 B
Script
General
Full URL
https://thesun.my/html/js/iter-libraries/iter-reading.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
8c53499e806502865188f4744c53ad5cbf60140fe197254ffb9fd6a2d4fc5fa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"913695b9"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
accept-ranges
bytes
content-length
689
expires
Sat, 28 Dec 2024 15:48:42 GMT
iter-util-message.js
thesun.my/html/js/iter-libraries/
854 B
613 B
Script
General
Full URL
https://thesun.my/html/js/iter-libraries/iter-util-message.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
6f018dc4df655753e7b942b8bb3f6eb04a6b7d6e162f184529a97c8ddd209204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"d7a48bbd"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
accept-ranges
bytes
content-length
394
expires
Sat, 28 Dec 2024 15:49:22 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
97 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb3abc90628dc46498869365df7c81fa012d69f80058fe6e0a9f8fa89f41a5aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29752
x-xss-protection
0
server
cafe
etag
443 / 19739 / m202401100101 / config-hash: 17283158720879652238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 16:09:01 GMT
js
www.googletagmanager.com/gtag/
133 KB
51 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-23981916-1
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
830cb3da1985ac08108018d9698b526e6f93ad075193bd1a142555cf70bcb308
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51927
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Jan 2024 16:09:01 GMT
theSun-logo-NEW.png
s3.ap-southeast-1.amazonaws.com/thesun-epaper.com/images/MastHead/
6 KB
6 KB
Image
General
Full URL
https://s3.ap-southeast-1.amazonaws.com/thesun-epaper.com/images/MastHead/theSun-logo-NEW.png
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.40.37 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
56bb17daa81fb37aab5dc53cee8886f9d7676490058e430f249b138a4485a6da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:03 GMT
Last-Modified
Fri, 17 Nov 2023 20:14:00 GMT
Server
AmazonS3
x-amz-request-id
PJANWJZ0QZQG6EXC
ETag
"6632f7279c46768e41538e5d276bb2ec"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5676
x-amz-id-2
o+x1HB4zI+nrQXn9CHD/RF/H4tpk+B+bNVD1X57zhnygMWnQUvgzAm8DWJGcgjEQ81tRtyGDDIg=
6a3c83769a5542d0e8d718945472e1fd.png
www.thesundaily.my/base-portlet/webrsrc/theme/
171 KB
172 KB
Image
General
Full URL
https://www.thesundaily.my/base-portlet/webrsrc/theme/6a3c83769a5542d0e8d718945472e1fd.png
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
a600ef03752b6b35f4e7b8aaecf122b8a29c2d5e5be5dda1466e64ca2bdae52c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
server
nginx/1.14.0
etag
"5c953150"
content-type
image/png;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
175568
expires
Fri, 03 Jan 2025 03:35:17 GMT
1356918d4f0b1a1dc442556ee21ba521.png
www.thesundaily.my/base-portlet/webrsrc/theme/
540 B
799 B
Image
General
Full URL
https://www.thesundaily.my/base-portlet/webrsrc/theme/1356918d4f0b1a1dc442556ee21ba521.png
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
480c1b1d6d8bd16724ea60900ff424216ca8ba42cfc1133bdcd4197e7254dc35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
server
nginx/1.14.0
etag
"b1a79459"
content-type
image/png;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
540
expires
Fri, 03 Jan 2025 03:35:35 GMT
whatsapp-image-2019-04-03-at-12-00-50-284476-20190403120321_2698821_20221019161429.jpg
thesun.my/binrepository/
42 KB
43 KB
Image
General
Full URL
https://thesun.my/binrepository/whatsapp-image-2019-04-03-at-12-00-50-284476-20190403120321_2698821_20221019161429.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
1893cec2a38d07dabe9feea27795448865129c9ed4a79569b3f92610650aef57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
server
nginx/1.14.0
etag
"db56b6aa"
content-type
image/jpeg
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
43323
expires
Mon, 13 Jan 2025 11:23:58 GMT
ipaper.png
s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/ePaper+Images/
184 KB
184 KB
Image
General
Full URL
https://s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/ePaper+Images/ipaper.png
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.40.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
62b1f88090a5c27653ef2592252bb360fd75b303b5c1aec81ffb3c053161d195

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:03 GMT
Last-Modified
Tue, 16 Jan 2024 18:42:58 GMT
Server
AmazonS3
x-amz-request-id
PJAHMFBAW08NAYYB
ETag
"c0ad1941bec742459b2850a87835a875"
x-amz-server-side-encryption
AES256
x-amz-meta-origin-date-iso8601
2024-01-16T18:41:53.536Z
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
188083
x-amz-id-2
kWgBNSEqG1OUGKNxdmV6KFGsFCz0JyfkJqnOLxFR51Ti4QMRxqsZbpYUiUZtm23LpKJoxAMl9lE=
Education_Ad_2024.png
s3.ap-southeast-1.amazonaws.com/thesun-epaper.com/images/ads/
33 KB
34 KB
Image
General
Full URL
https://s3.ap-southeast-1.amazonaws.com/thesun-epaper.com/images/ads/Education_Ad_2024.png
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.40.37 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
36a8bc93c6d4a7cba80814f615030e5dd17c2583a07b2a9866df9ba43e830143

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:03 GMT
Last-Modified
Thu, 04 Jan 2024 08:30:09 GMT
Server
AmazonS3
x-amz-request-id
PJAPSSGRJF7W6HEK
ETag
"f297347d3c789b7dceb01ddc1c43a037"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
34238
x-amz-id-2
YT0KcK80SWVsVu4PYGNy4aWYAF/821rp1K17aTeLXrzxzx07EK616k68QeaQH/7FsIqdBlwIH2Y=
yayasan.jpg
s3.ap-southeast-1.amazonaws.com/thesun-epaper.com/images/
66 KB
66 KB
Image
General
Full URL
https://s3.ap-southeast-1.amazonaws.com/thesun-epaper.com/images/yayasan.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.40.37 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
058062d4aed2b18b02c66fa39195cdb5024a2d404bb8a52fde083a59fd5f89ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:03 GMT
Last-Modified
Mon, 06 Nov 2023 18:34:54 GMT
Server
AmazonS3
x-amz-request-id
PJAK0ADK8N47DCMK
ETag
"9a083b664b759ca3b42fde7339d08f2c"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
67313
x-amz-id-2
xwa6bO1LZUy+3HS4xHpZuSZe8HZdEcnnDncHafD64NKFR7Pc6OLFXELuBQQXAd+pG/fskLQV/Ms=
Subcribe-Now-AD-New.jpg
s3.ap-southeast-1.amazonaws.com/thesun-epaper.com/images/
59 KB
59 KB
Image
General
Full URL
https://s3.ap-southeast-1.amazonaws.com/thesun-epaper.com/images/Subcribe-Now-AD-New.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.40.37 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
351730eb707be16c49853b8c1cd1f8784bd1266a780b4eaa3c2a852f4b6d2a2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:03 GMT
Last-Modified
Thu, 09 Nov 2023 07:12:15 GMT
Server
AmazonS3
x-amz-request-id
PJAQWNK8P48G0GF6
ETag
"0c6e6ee96ae288b2d331707b8422d42f"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
60485
x-amz-id-2
ZKUPrEP7/mZqCdYNH08SZJuK/n57qiM24PjiWD/79106uMjuoLriTdTYmEZnVWKgUb1nzkjbux4=
admanager.js
cdn.innity.net/
12 KB
4 KB
Script
General
Full URL
https://cdn.innity.net/admanager.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e9d627b37bb2437e38e178e2c5776d50a3163be9b0976526b4ab133922a34963

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Nov 2023 09:17:20 GMT
Server
Apache
ETag
"2e2f-6097852320800-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3929
Expires
Thu, 18 Jan 2024 16:09:01 GMT
648x432
thesun.my/placeholder/svg/viewbox/
63 B
267 B
Image
General
Full URL
https://thesun.my/placeholder/svg/viewbox/648x432
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
eb682082174a781d6cf6e9471c42889e642bcac4791548d6ad89956facaa47d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"b0b756a6"
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
cache-control
max-age=31536000
content-length
82
expires
Sat, 28 Dec 2024 15:51:47 GMT
768x390
thesun.my/placeholder/svg/viewbox/
63 B
266 B
Image
General
Full URL
https://thesun.my/placeholder/svg/viewbox/768x390
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
7492a07a34ea15ef1f53a62f24747b2b851e21da4c08b47e7b641cbc3149a02c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"9ec9f720"
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
cache-control
max-age=31536000
content-length
82
expires
Thu, 16 Jan 2025 09:53:21 GMT
628x432
thesun.my/placeholder/svg/viewbox/
63 B
266 B
Image
General
Full URL
https://thesun.my/placeholder/svg/viewbox/628x432
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
e847fd556512e5b37f566ef6f5579fa6f2aea6383fa67a6377eb08d23dcca188

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"a61033cf"
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
cache-control
max-age=31536000
content-length
82
expires
Sat, 11 Jan 2025 10:19:09 GMT
591x432
thesun.my/placeholder/svg/viewbox/
63 B
267 B
Image
General
Full URL
https://thesun.my/placeholder/svg/viewbox/591x432
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
4457ffa97145d2b7fd35811a71cb5e04cfa0c1a09b01015985d252e42f352e2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"f3e63289"
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
cache-control
max-age=31536000
content-length
82
expires
Thu, 16 Jan 2025 09:30:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
148 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6999968698827395
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb8d6dd71a47968d46badb8033c0ccccde6f4395761a44a7cb6e5930519c5d29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thesun.my/
Origin
https://thesun.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51487
x-xss-protection
0
server
cafe
etag
14116195317653130696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 16:09:01 GMT
admanager-async.js
cdn.innity.net/
5 KB
2 KB
Script
General
Full URL
https://cdn.innity.net/admanager-async.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b70ef18da644509d958df364541738ac6b910f8fbe3c2d33a52ac29ec2be4f1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Nov 2023 00:39:09 GMT
Server
Apache
ETag
"138d-60b2ba5894540-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1657
Expires
Thu, 18 Jan 2024 16:09:01 GMT
118b3bfb89c9a020ac39fd8b4c66afa6.js
thesun.my/base-portlet/webrsrc/
29 KB
8 KB
Script
General
Full URL
https://thesun.my/base-portlet/webrsrc/118b3bfb89c9a020ac39fd8b4c66afa6.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
1ecae7ee37f515d53d8f9442c2c730393b55cd07411adc3ff046ea59f44f717f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"2acb0750"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
7492
expires
Sat, 28 Dec 2024 15:47:42 GMT
be680d9447e50cf0335d07daaa542435.js
thesun.my/base-portlet/webrsrc/theme/
4 KB
2 KB
Script
General
Full URL
https://thesun.my/base-portlet/webrsrc/theme/be680d9447e50cf0335d07daaa542435.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
04ada7181cd14d118a5ff75a6e27fd9d140ded3aa8910ac0392a125486cfe957

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"149f4131"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
1299
expires
Fri, 10 Jan 2025 13:50:14 GMT
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:25:09 GMT
content-encoding
gzip
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
50334
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
QaJl5-_snjGwM8WC6Eys9Ct2imy84anwE5YGL5B50Mx5RZvwn-2Q7Q==
gtm.js
www.googletagmanager.com/
185 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WWT74N
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb0d5ee963c4d984ef47af7cd3a2bd39294479bb3596cdeb28b4d2df5f953c76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68332
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 Jan 2024 16:09:01 GMT
loader.js
cdn.taboola.com/libtrc/thesundaily/
672 KB
57 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/thesundaily/loader.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0faef7215ac77c2d6a48dfa91a9c801267f9bd11dceed69733eadc6a15735c88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
KJz46vP6sgPBDdZiDWa31ISM4rZdUzj0
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 Jan 2024 16:09:01 GMT
x-amz-request-id
NTP7451NKVAEGJ7G
age
2000
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
57576
x-amz-id-2
h891lfgnZFd1ThThGQDBsM15sskrnDdzK4G+KXMG/pe1xYBaeYEsxP7ypJmwwTPc6z348FkNeiE=
x-served-by
cache-fra-etou8220103-FRA
last-modified
Tue, 16 Jan 2024 11:08:58 GMT
server
AmazonS3
x-timer
S1705507742.782026,VS0,VE1
etag
"facb68ce85c5e884fcc5e5f42d4ed00e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
98
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
509ce75b370d3b7256e55a9e823a5b91.png
thesun.my/base-portlet/webrsrc/theme/
5 KB
5 KB
Image
General
Full URL
https://thesun.my/base-portlet/webrsrc/theme/509ce75b370d3b7256e55a9e823a5b91.png
Requested by
Host: thesun.my
URL: https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
d9e9dcce4aab9694f3289223a7e5489e166f265498c7109e5a4f021f953b31ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
server
nginx/1.14.0
etag
"851051bc"
content-type
image/png;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
5069
expires
Sat, 28 Dec 2024 15:50:27 GMT
80a1c0f07aada9d439214125f64f5751.ttf
thesun.my/base-portlet/webrsrc/theme/
499 KB
276 KB
Font
General
Full URL
https://thesun.my/base-portlet/webrsrc/theme/80a1c0f07aada9d439214125f64f5751.ttf
Requested by
Host: thesun.my
URL: https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
8c9e788a177a5d3163318c3e2aa7cfc5671c363f7c58429d5c01db287f1c0e3d

Request headers

Referer
https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
Origin
https://thesun.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"304bffe5"
vary
Accept-Encoding
content-type
application/x-font-ttf;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
281515
expires
Sat, 28 Dec 2024 15:48:34 GMT
0bf140f7a033f72b96e6429c8ec9c427.png
thesun.my/base-portlet/webrsrc/theme/
7 KB
7 KB
Image
General
Full URL
https://thesun.my/base-portlet/webrsrc/theme/0bf140f7a033f72b96e6429c8ec9c427.png
Requested by
Host: thesun.my
URL: https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
1c1a6037f2f27ee6b37ff438c5cabf1a23cce7cce2aa5bf1e8a9de014a660bb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
server
nginx/1.14.0
etag
"770fd8eb"
content-type
image/png;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
7291
expires
Sat, 28 Dec 2024 15:50:27 GMT
797f0004f32aaadc1aac9e4ffa5b9c5c.png
thesun.my/base-portlet/webrsrc/theme/
2 KB
3 KB
Image
General
Full URL
https://thesun.my/base-portlet/webrsrc/theme/797f0004f32aaadc1aac9e4ffa5b9c5c.png
Requested by
Host: thesun.my
URL: https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
cefb1aaba3d3802e8abdfa1eb82bea0bdbd02ffe6ee6c6096ab1b705bf51dcc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
server
nginx/1.14.0
etag
"f87bf50c"
content-type
image/png;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
2355
expires
Sat, 28 Dec 2024 15:47:51 GMT
67159e2e4fc35f7552236c242d6413e8.png
thesun.my/base-portlet/webrsrc/theme/
10 KB
10 KB
Image
General
Full URL
https://thesun.my/base-portlet/webrsrc/theme/67159e2e4fc35f7552236c242d6413e8.png
Requested by
Host: thesun.my
URL: https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
3b0d9f22f5fb1317e8b9a3a98b10e28dd253c81f807745d964a45b34fac6a600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
server
nginx/1.14.0
etag
"dffe213f"
content-type
image/png;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
10182
expires
Sat, 28 Dec 2024 15:48:34 GMT
7401e50d22a4c36cbc7e4b0539f6b153.png
thesun.my/base-portlet/webrsrc/theme/
12 KB
12 KB
Image
General
Full URL
https://thesun.my/base-portlet/webrsrc/theme/7401e50d22a4c36cbc7e4b0539f6b153.png
Requested by
Host: thesun.my
URL: https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
19d7405b9856b0dd6b4aed0b4054ff8c855865c62be73e52bf519f894df29ab8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
server
nginx/1.14.0
etag
"e4c25bfe"
content-type
image/png;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
12464
expires
Sat, 28 Dec 2024 15:47:51 GMT
6472772a8971440c359566495f12f350.png
thesun.my/base-portlet/webrsrc/theme/
2 KB
2 KB
Image
General
Full URL
https://thesun.my/base-portlet/webrsrc/theme/6472772a8971440c359566495f12f350.png
Requested by
Host: thesun.my
URL: https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
de1b0f9ba87e29d9261e3b7d08f591436b83ebca54cf3e58d33b8df004a4f713

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
server
nginx/1.14.0
etag
"9846b345"
content-type
image/png;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
1918
expires
Sat, 28 Dec 2024 15:50:27 GMT
7306cf82262cb912b107ec03f458a473.png
thesun.my/base-portlet/webrsrc/theme/
9 KB
9 KB
Image
General
Full URL
https://thesun.my/base-portlet/webrsrc/theme/7306cf82262cb912b107ec03f458a473.png
Requested by
Host: thesun.my
URL: https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
3d55fabeaf35b51f02912561c2bed1dd5abc574536f5bf4d3e4b72950e5ac14e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
server
nginx/1.14.0
etag
"cd50db29"
content-type
image/png;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
9051
expires
Sat, 28 Dec 2024 15:50:27 GMT
5d54942b1f61e0b83545fbac4d992dab.png
thesun.my/base-portlet/webrsrc/theme/
5 KB
5 KB
Image
General
Full URL
https://thesun.my/base-portlet/webrsrc/theme/5d54942b1f61e0b83545fbac4d992dab.png
Requested by
Host: thesun.my
URL: https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
47008fbad7ca668c75006404b38653e743a3d711b493b22a3997411d86d48622

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
server
nginx/1.14.0
etag
"528f203b"
content-type
image/png;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
5294
expires
Sat, 28 Dec 2024 15:50:27 GMT
5a708aa5993ec7d80e3124e2855a4021.ttf
thesun.my/base-portlet/webrsrc/theme/
846 KB
472 KB
Font
General
Full URL
https://thesun.my/base-portlet/webrsrc/theme/5a708aa5993ec7d80e3124e2855a4021.ttf
Requested by
Host: thesun.my
URL: https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
4d3fd7b54daa426fbfea320bbaaa7c63920a099a55009e9ee951ecc567ff7b9c

Request headers

Referer
https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
Origin
https://thesun.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"94140650"
vary
Accept-Encoding
content-type
application/x-font-ttf;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
482854
expires
Sat, 28 Dec 2024 15:50:02 GMT
/
as.innity.com/synd/
1 KB
1 KB
Script
General
Full URL
https://as.innity.com/synd/?cb=1705507741775&ver=1&pub=1f9b616faddedc02339603f3b37d196c&zone=65042&output=js&flash=0&url=thesun.my&width=300&height=250&vpw=1600&vph=1200&auction=68d5f0a-b44377f&u=aHR0cHM6Ly90aGVzdW4ubXkvaG9tZV9uZXdzL2duYW5hcmFqYS1zLXJtMTltLWNoZWF0aW5nLWNhc2UtY2xhc3NpZmllZC1hcy1uZmEtZHBwLUdCMTAwMDc0NjM%3D
Requested by
Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.199.63 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
c076552073e3280941ecbe50f83104765b9b30970316a206585fe9f7446fbb6f

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 16:09:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Jan 2024 16:09:02 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Length
645
Expires
Sat, 03 Sep 1983 02:00:00 GMT
js
www.googletagmanager.com/gtag/
219 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KL5X26DVW5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-23981916-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d5eac7b8dff91f6617a89f76b08184277c22ec9b8939912b9f03f0002ccd46a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81607
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Jan 2024 16:09:01 GMT
js
www.googletagmanager.com/gtag/
276 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SY4JJ4KEW8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-23981916-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf36d17237615ce95ed79ee386d22d47d96782c3d77b9ca35beda3878e516c9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94206
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Jan 2024 16:09:01 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-23981916-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 Jan 2024 15:26:34 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2547
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 17 Jan 2024 17:26:34 GMT
impl.20240116-10-RELEASE.js
cdn.taboola.com/libtrc/
835 KB
173 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20240116-10-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thesundaily/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
72afec3698db07b794eebd045a464c969c7e4a0fbbd7cacc64ea63a41c2554f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
ahsTRc8v7lZn4KaIkAvcEZ3Y7tqK1kIf
content-encoding
br
via
1.1 varnish
date
Wed, 17 Jan 2024 16:09:01 GMT
x-amz-request-id
81T0MVTP66YYNE8F
age
20047
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
176756
x-amz-id-2
V0h9yQK69NT8vsKksVVL/FAYtycwZJ9i3j94g1XLKHV2e1AXmntywTIToMbHuqBB0OJd0dKzahQ=
x-served-by
cache-fra-etou8220103-FRA
last-modified
Tue, 16 Jan 2024 10:34:55 GMT
server
AmazonS3-br
x-timer
S1705507742.825768,VS0,VE0
etag
"c6f23726d4c9c98b8637964ab9544d5c"
vary
Accept-Encoding
content-type
application/javascript
abp
1
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
65661
b
sb.scorecardresearch.com/
0
226 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=18518498&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1705507741824&ns_c=UTF-8&c7=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&c8=Gnanaraja%E2%80%99s%20RM19m%20cheating%20case%20classified%20as%20NFA%3A%20DPP&c9=
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-21.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
y5yKOzCOk3X9r0QoRp0dWQI3hu2uqjvGXSfzincOS4rwhgUz3N7DUw==
x-cache
Miss from cloudfront
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/
438 KB
138 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f689a26dae9b3d64d05a61dafe9a94f7e05e9a949dfe2330b879d532b441843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
4572
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140824
x-xss-protection
0
server
cafe
etag
1760809391848743662
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 16 Jan 2025 14:52:49 GMT
collect
www.google-analytics.com/j/
2 B
203 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1271963802&t=pageview&_s=1&dl=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&ul=en-us&de=UTF-8&dt=Gnanaraja%E2%80%99s%20RM19m%20cheating%20case%20classified%20as%20NFA%3A%20DPP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACgAI~&jid=918379594&gjid=864621213&cid=1369426925.1705507742&tid=UA-23981916-1&_gid=1461412138.1705507742&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1810665400
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
250 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-SY4JJ4KEW8&gtm=45je41a0v888596538&_p=1705507741698&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1369426925.1705507742&ecid=1449357186&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&_eu=AAAI&_s=1&sid=1705507741&sct=1&seg=0&dl=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&dt=Gnanaraja%E2%80%99s%20RM19m%20cheating%20case%20classified%20as%20NFA%3A%20DPP&en=page_view&_fv=2&_ss=1&_c=1&tfd=1046
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SY4JJ4KEW8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
56 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SY4JJ4KEW8&cid=1369426925.1705507742&gtm=45je41a0v888596538&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SY4JJ4KEW8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SY4JJ4KEW8&cid=1369426925.1705507742&gtm=45je41a0v888596538&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2137108794
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
250 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KL5X26DVW5&gtm=45je41a0&_p=1705507741698&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1369426925.1705507742&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1705507741&sct=1&seg=0&dl=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&dt=Gnanaraja%E2%80%99s%20RM19m%20cheating%20case%20classified%20as%20NFA%3A%20DPP&en=page_view&_fv=2&_ss=1&tfd=1062
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KL5X26DVW5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
345 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-23981916-1&cid=1369426925.1705507742&jid=918379594&gjid=864621213&_gid=1461412138.1705507742&_u=YEBAAUAAAAAAACgAI~&z=284640811
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 17 Jan 2024 16:09:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
gum.criteo.com/
46 B
288 B
Script
General
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240116-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
266009
expires
60
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 05:37:13 GMT
content-encoding
gzip
via
1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
37910
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Le5aTjaCsf4GL4hASnetnJT-KoscrMIU9hvEt_oPIh38TjZpyJEjxw==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20956
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v57Cm%2FBdzRJxtI7U0uC0xIrUcoNgFDRGpNjAnJBK42Xb0qy6HMuMD3A4Alo%2F3lpogKJTIWlI1yqVYz3%2F2NBZp70f86Uw%2FZ07NmiEwX5eBjmLsuqlWQaSQyS2JGsDKtpUcx%2Fna6Ctx37sW62MBjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
846fdc3c082d3723-FRA
uid2SecureSignal.js
cdn.prod.uidapi.com/
3 KB
3 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:6a00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Wed, 17 Jan 2024 09:17:41 GMT
Via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
24682
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
69mJ9mKzgezo7VkvMPf6nkGYfRvgDZA1JAzKdXXv6Y9osXP2DnHgxQ==
esp.js
cdn.id5-sync.com/api/1.0/
114 KB
28 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
N304YW6RQAY41PHP
age
2198
etag
W/"3732dd6fc229ed015d7d7eddf157953f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
846fdc3bf83739d9-FRA
x-amz-id-2
Q6i9vGkP7V7oafzrmdawHfnkiHEuno16fPl59IXsr634XdVpxKNpAXys/m81MErZtH15YVlFMsA=
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 18:20:42 GMT
content-encoding
gzip
age
1028900
x-guploader-uploadid
ABPtcPrGkX9WdEfraM_2GOgvO4XFku4h6LV8hSZGRCBWDldVHkLv6s4LjI-J4Ekw5y2K4Y2B5aE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 04 Jan 2025 18:20:42 GMT
ob.js
cdn-ima.33across.com/
11 KB
5 KB
Script
General
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:40 GMT
server
cloudflare
age
590617
etag
W/"65833ec4-2d18"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
846fdc3c0cdb65a9-FRA
expires
Sat, 20 Jan 2024 16:09:02 GMT
publishertag.ids.js
static.criteo.net/js/ld/
41 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3dd103ba888c627706f31656287652d5fceb9ef7a7099eec5a07aac2f7d397dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 10 Jan 2024 15:13:35 GMT
server
nginx
etag
W/"659eb41f-a585"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 16:09:02 GMT
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-23981916-1&cid=1369426925.1705507742&jid=918379594&_u=YEBAAUAAAAAAACgAI~&z=589304832
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-23981916-1&cid=1369426925.1705507742&jid=918379594&_u=YEBAAUAAAAAAACgAI~&z=589304832
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/
60 B
330 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.58.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-58-229.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
0c01cf3f9e7cb6c3b93b590ad2e77146f4dcae1434d72ed0ae9740c1c1262d46

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:02 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://thesun.my
cache-control
no-cache
x-server
10.45.24.23
access-control-allow-credentials
true
content-length
60
expires
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&rid=esp&cc=1
85 B
193 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&rid=esp&cc=1
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
006a1f60603edcfbe8bf89915ffa4b14d0fbe12b5b58a0901fdb6f51ded5fc85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-woVeA3w7YXWc1hs9OMTnuNnNOHQ"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thesun.my
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 17 Jan 2024 16:09:02 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://thesun.my
location
/esp?url=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
syncframe
gum.criteo.com/ Frame 4925
14 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=thesun.my
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 16:09:01 GMT
server
Kestrel
server-processing-duration-in-ticks
323477
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
increment
id5-sync.com/api/esp/
0
225 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thesun.my
date
Wed, 17 Jan 2024 16:09:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
sid
mug.criteo.com/ Frame 4925
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=thesun.my&sn=ChromeSyncframe&so=0&topUrl=thesun.my&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=lIp5DXxxTlJ5NjN6OGlubDhBWEFmZGxLOHMxd0tZR0RLQ2VyMHJ4VXJvcUV3enFGTjJBVE4xdllrTXlLclFPT1B6MEF3UWxiVERtRGVsT3hVejNrdSs0V3JZdHF5cFVBMmhuSDdPN0pkak9KQlh2ZnhweEZnQ29vSFByYV...
433 B
649 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=lIp5DXxxTlJ5NjN6OGlubDhBWEFmZGxLOHMxd0tZR0RLQ2VyMHJ4VXJvcUV3enFGTjJBVE4xdllrTXlLclFPT1B6MEF3UWxiVERtRGVsT3hVejNrdSs0V3JZdHF5cFVBMmhuSDdPN0pkak9KQlh2ZnhweEZnQ29vSFByYVJwbkNjR2svSUVQbnJwM09xc29MMkUxem82aEp4VTdnanU3VDN4eTNpeXNhUythMlZWL01EaGxCNW94ZlBEMnY5TEMrckZyMFRBdlVqT1B2TmxSRHpnSksyNURVOFR1b0Y2WGs0VnZhN2FXRlBUdHNjcWNyTWp5RWNnT09vMDN4ZDVrRDNLZzBnWmV2elJITDA4VG00RytVT2VKajBCQT09fA&cppv=2
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
130a89b5c917a8d2b7fe8f2550131d51a36848690604003e20a471ace373337a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:02 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1444873
expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=lIp5DXxxTlJ5NjN6OGlubDhBWEFmZGxLOHMxd0tZR0RLQ2VyMHJ4VXJvcUV3enFGTjJBVE4xdllrTXlLclFPT1B6MEF3UWxiVERtRGVsT3hVejNrdSs0V3JZdHF5cFVBMmhuSDdPN0pkak9KQlh2ZnhweEZnQ29vSFByYVJwbkNjR2svSUVQbnJwM09xc29MMkUxem82aEp4VTdnanU3VDN4eTNpeXNhUythMlZWL01EaGxCNW94ZlBEMnY5TEMrckZyMFRBdlVqT1B2TmxSRHpnSksyNURVOFR1b0Y2WGs0VnZhN2FXRlBUdHNjcWNyTWp5RWNnT09vMDN4ZDVrRDNLZzBnWmV2elJITDA4VG00RytVT2VKajBCQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
331602
content-length
0
expires
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 826F
199 B
298 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Wed, 17 Jan 2024 16:09:02 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
analytics.js
cdn.innity.net/
301 B
547 B
Script
General
Full URL
https://cdn.innity.net/analytics.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
03d0e8a81b76b97330c387401f890774b9d88750ea2d7b7d85da4851ca2ef3ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Oct 2023 08:05:30 GMT
Server
Apache
ETag
"12d-606df78894680-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
175
Expires
Thu, 18 Jan 2024 16:09:02 GMT
ads
securepubads.g.doubleclick.net/gampad/
141 KB
23 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2786640189912667&correlator=437917720478609&eid=31080256%2C31065644%2C31068897&output=ldjh&gdfp_req=1&vrg=202401100101&ptt=17&impl=fifs&iu_parts=56509919%2CBottomAd%2CThesundaily&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2&prev_iu_szs=728x90%2C1170x240%7C970x250%2C728x90%2C300x250%2C300x600%7C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705507742661&lmt=1705507742&adxs=-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&tos=~~~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1369426925.1705507742&ga_sid=1705507743&ga_hid=1271963802&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYg8K7wdExSABSAghkEhsKDDMzYWNyb3NzLmNvbRiDwrvB0TFIAFICCGQSGQoKcHViY2lkLm9yZxjIw7vB0TFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YhsK7wdExSABSAghkEhkKCnVpZGFwaS5jb20Yg8K7wdExSABSAghkEj4KBW9wZW54EixleUpwSWpvaVpsSmlPRlpDWWxWVWRpdG9kamxGYW00eGVuRlJVVDA5SW4wPRjXxbvB0TFIABIbCgxpZDUtc3luYy5jb20Y-8O7wdExSABSAghq&dlt=1705507741633&idt=300&prev_scp=%7Cpos%3DBillboard%7Cpos%3DLeaderboard%7Cpos%3DRectangle2%7Cpos%3DRectangle3&adks=868829535%2C3154283803%2C2651473827%2C2916017630%2C846607975&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38acc03107871fdca4db68bed1060c563f60faf56b3fa457d912af43cd70fc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23501
x-xss-protection
0
google-lineitem-id
5257448829,-2,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138461794963,-2,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thesun.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
558 B
311 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2786640189912667&correlator=437917720478609&eid=31080256%2C31065644%2C31068897&output=ldjh&gdfp_req=1&vrg=202401100101&ptt=17&impl=fifs&iu_parts=182251254%2Cthesundaily.my_300x250_65042&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705507742669&lmt=1705507742&adxs=1078&adys=1183&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&vis=1&psz=300x250&msz=300x250&fws=0&ohw=0&ga_vid=1369426925.1705507742&ga_sid=1705507743&ga_hid=1271963802&ga_fc=true&dlt=1705507741633&idt=300&adks=3851802172&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2abeca61dc6cb9b1e029ef52739f91c22a586b7cb0dde9a72290cfd47cd045b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thesun.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 06E6
6 KB
3 KB
Document
General
Full URL
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 16:09:02 GMT
expires
Thu, 16 Jan 2025 16:09:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
01732af7a342a19bf95a7ce46bc74f43.ttf
thesun.my/base-portlet/webrsrc/theme/
789 KB
456 KB
Font
General
Full URL
https://thesun.my/base-portlet/webrsrc/theme/01732af7a342a19bf95a7ce46bc74f43.ttf
Requested by
Host: thesun.my
URL: https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
2ad84feb65f95dd25941c0e5cbffc09ff01b2475109123cbff2a25cabbbd391a

Request headers

Referer
https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
Origin
https://thesun.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"8677a3b7"
vary
Accept-Encoding
content-type
application/x-font-ttf;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
465744
expires
Sat, 28 Dec 2024 15:48:16 GMT
/
as.innity.com/synd/
3 KB
2 KB
Script
General
Full URL
https://as.innity.com/synd/?cb=1705507742684&ver=1&pub=1f9b616faddedc02339603f3b37d196c&zone=65046&output=js&flash=0&url=thesun.my&width=160&height=600&vpw=1600&vph=1200&auction=68d5f0a-b44377f&u=aHR0cHM6Ly90aGVzdW4ubXkvaG9tZV9uZXdzL2duYW5hcmFqYS1zLXJtMTltLWNoZWF0aW5nLWNhc2UtY2xhc3NpZmllZC1hcy1uZmEtZHBwLUdCMTAwMDc0NjM%3D
Requested by
Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.199.63 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
c1c5c7e983fbdafe64a32a6c98d1ab75895b3100504c9f73f46b5fba6187f681

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 16:09:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Jan 2024 16:09:02 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Length
1031
Expires
Sat, 03 Sep 1983 02:00:00 GMT
/
optimize.innity.com/
43 B
452 B
Image
General
Full URL
https://optimize.innity.com/?pubid=4428&zoneid=65042&cb=1705507742685
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.218.26.252 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 16:09:03 GMT
Last-Modified
Wed, 17 Jan 2024 16:09:03 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Sat, 03 Sep 1983 02:00:00 GMT
/
optimize2.innity.com/
43 B
347 B
Image
General
Full URL
https://optimize2.innity.com/?pubid=4428&zoneid=65042&cb=1705507742685
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.250.11.143 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/ PHP/8.2.5
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:03 GMT
last-modified
Wed, 17 Jan 2024 16:09:03 GMT
x-powered-by
PHP/8.2.5
content-type
image/gif
p3p
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Sat, 03 Sep 1983 02:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
97 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: as.innity.com
URL: https://as.innity.com/synd/?cb=1705507742684&ver=1&pub=1f9b616faddedc02339603f3b37d196c&zone=65046&output=js&flash=0&url=thesun.my&width=160&height=600&vpw=1600&vph=1200&auction=68d5f0a-b44377f&u=aHR0cHM6Ly90aGVzdW4ubXkvaG9tZV9uZXdzL2duYW5hcmFqYS1zLXJtMTltLWNoZWF0aW5nLWNhc2UtY2xhc3NpZmllZC1hcy1uZmEtZHBwLUdCMTAwMDc0NjM%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eaa38e4cddb8cbb0440e3c8bfadfb6b2bf35ee5836b8b85d23cd0b3a0f6122a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29740
x-xss-protection
0
server
cafe
etag
51 / 19739 / m202401100101 / config-hash: 17283158720879652238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 16:09:02 GMT
container_576b5a051c51b1c0244bca09.js
ssl-avd.innity.net/1/ Frame C5F5
11 KB
4 KB
Script
General
Full URL
https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
nginx/1.24.0 /
Resource Hash
fcbfe3701531c9c0a1cdf0f9adaf43370498a8a46185ec0639f844a14f1f5541

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Oct 2023 07:45:31 GMT
Server
nginx/1.24.0
ETag
"6528f59b-2aa5-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2395891
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3678
Expires
Wed, 14 Feb 2024 09:40:33 GMT
container_549927e79bd1fa1a040041a9.js
ssl-avd.innity.net/1/ Frame DFFD
7 KB
3 KB
Script
General
Full URL
https://ssl-avd.innity.net/1/container_549927e79bd1fa1a040041a9.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6d82e21331aeb7b154ce45f18bc4a76893c17b1e2db85c4b40397fabfc0b023e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Aug 2020 05:09:27 GMT
Server
nginx/1.18.0
ETag
"5f45ee87-1dd4-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2369771
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2863
Expires
Wed, 14 Feb 2024 02:25:13 GMT
analytics.js
cdn.innity.net/
301 B
547 B
Script
General
Full URL
https://cdn.innity.net/analytics.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
03d0e8a81b76b97330c387401f890774b9d88750ea2d7b7d85da4851ca2ef3ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Oct 2023 08:05:30 GMT
Server
Apache
ETag
"12d-606df78894680-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
175
Expires
Thu, 18 Jan 2024 16:09:02 GMT
ads
securepubads.g.doubleclick.net/gampad/
326 B
176 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2786640189912667&correlator=437917720478609&eid=31080256%2C31065644%2C31068897&output=ldjh&gdfp_req=1&vrg=202401100101&ptt=17&impl=fifs&iu_parts=182251254%2Cthesundaily.my_160x600_65046&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=7&sfv=1-0-40&sc=1&cookie=ID%3Dce3483d5f27a7d83%3AT%3D1705507742%3ART%3D1705507742%3AS%3DALNI_Mbc3maxD6MUg_H5QIC4EQwUIbF1XQ&gpic=UID%3D00000d43742b0ffe%3AT%3D1705507742%3ART%3D1705507742%3AS%3DALNI_MYvvAYODy0nlhA0vomKokhbv54nnw&abxe=1&dt=1705507742880&lmt=1705507742&adxs=1148&adys=2088&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&vis=1&psz=160x600&msz=160x600&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1369426925.1705507742&ga_sid=1705507743&ga_hid=1271963802&ga_fc=true&dlt=1705507741633&idt=300&adks=3577625354&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fbaa9ddf70a56787147f1f65d0a351c344a9fdf4f64aa45ad608d53b63174eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thesun.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
admanager.js
cdn.innity.net/
12 KB
4 KB
Script
General
Full URL
https://cdn.innity.net/admanager.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e9d627b37bb2437e38e178e2c5776d50a3163be9b0976526b4ab133922a34963

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Nov 2023 09:17:20 GMT
Server
Apache
ETag
"2e2f-6097852320800-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3929
Expires
Thu, 18 Jan 2024 16:09:02 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/
402 KB
136 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6999968698827395&plah=thesun.my&bust=31080430
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6999968698827395
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ed44be97f6447d195f104e84e8b0e41012c37b7910b0c98663f1434f5dec66b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139400
x-xss-protection
0
server
cafe
etag
8919499897665210152
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 16:09:02 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240116/r20190131/ Frame D512
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240116/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6999968698827395
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84918
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 16:33:44 GMT
etag
9219409622527106327
expires
Tue, 30 Jan 2024 16:33:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
optimize.innity.com/
43 B
452 B
Image
General
Full URL
https://optimize.innity.com/?pubid=4428&zoneid=65046&cb=1705507742916
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.218.26.252 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 16:09:03 GMT
Last-Modified
Wed, 17 Jan 2024 16:09:03 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Sat, 03 Sep 1983 02:00:00 GMT
/
optimize2.innity.com/
43 B
348 B
Image
General
Full URL
https://optimize2.innity.com/?pubid=4428&zoneid=65046&cb=1705507742916
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.250.11.143 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/ PHP/8.2.5
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:03 GMT
last-modified
Wed, 17 Jan 2024 16:09:03 GMT
x-powered-by
PHP/8.2.5
content-type
image/gif
p3p
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Sat, 03 Sep 1983 02:00:00 GMT
648x432
thesun.my/placeholder/svg/viewbox/
63 B
267 B
Image
General
Full URL
https://thesun.my/placeholder/svg/viewbox/648x432
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
eb682082174a781d6cf6e9471c42889e642bcac4791548d6ad89956facaa47d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"b0b756a6"
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
cache-control
max-age=31536000
content-length
82
expires
Sat, 28 Dec 2024 15:51:47 GMT
768x390
thesun.my/placeholder/svg/viewbox/
63 B
266 B
Image
General
Full URL
https://thesun.my/placeholder/svg/viewbox/768x390
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
7492a07a34ea15ef1f53a62f24747b2b851e21da4c08b47e7b641cbc3149a02c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"9ec9f720"
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
cache-control
max-age=31536000
content-length
82
expires
Thu, 16 Jan 2025 09:53:21 GMT
628x432
thesun.my/placeholder/svg/viewbox/
63 B
266 B
Image
General
Full URL
https://thesun.my/placeholder/svg/viewbox/628x432
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
e847fd556512e5b37f566ef6f5579fa6f2aea6383fa67a6377eb08d23dcca188

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"a61033cf"
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
cache-control
max-age=31536000
content-length
82
expires
Sat, 11 Jan 2025 10:19:09 GMT
591x432
thesun.my/placeholder/svg/viewbox/
63 B
267 B
Image
General
Full URL
https://thesun.my/placeholder/svg/viewbox/591x432
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
4457ffa97145d2b7fd35811a71cb5e04cfa0c1a09b01015985d252e42f352e2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
content-encoding
gzip
server
nginx/1.14.0
etag
"f3e63289"
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
cache-control
max-age=31536000
content-length
82
expires
Thu, 16 Jan 2025 09:30:58 GMT
dc.js
avd.innity.net/lib/ Frame C5F5
20 KB
7 KB
Script
General
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: ssl-avd.innity.net
URL: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Oct 2021 06:40:46 GMT
Server
nginx/1.20.2
ETag
"61725cee-5149-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1338524
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6407
Expires
Fri, 02 Feb 2024 03:57:46 GMT
userSync.js
ads.pubmatic.com/AdServer/js/ Frame C5F5
7 KB
3 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bbfd11be8ef21e1c20fcbb1a97d6e90e07784a8b824d4ff3e76b2600527388f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:12:08 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=117846
accept-ranges
bytes
content-length
2416
expires
Fri, 19 Jan 2024 00:53:08 GMT
980939d5a9b8656a8c601ec879506e42.png
thesun.my/base-portlet/webrsrc/theme/
17 KB
18 KB
Image
General
Full URL
https://thesun.my/base-portlet/webrsrc/theme/980939d5a9b8656a8c601ec879506e42.png
Requested by
Host: thesun.my
URL: https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
8116a189a195c3a28dc5c7268f3c147f938f7abb26100eae3f93e7def362775e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
server
nginx/1.14.0
etag
"3a173ccf"
content-type
image/png;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
17663
expires
Sat, 28 Dec 2024 15:48:56 GMT
503e96730ee60c8bd591710d899bb9b1.png
thesun.my/base-portlet/webrsrc/theme/
17 KB
17 KB
Image
General
Full URL
https://thesun.my/base-portlet/webrsrc/theme/503e96730ee60c8bd591710d899bb9b1.png
Requested by
Host: thesun.my
URL: https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
22ae07cf2231ef7b8c676783c322d0eeedd6913e9f0910c2de8d10adf3074578

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
server
nginx/1.14.0
etag
"72d984ab"
content-type
image/png;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
17566
expires
Sat, 28 Dec 2024 15:49:54 GMT
ef42d55a70095e7e6192be26e9969101.png
thesun.my/base-portlet/webrsrc/theme/
8 KB
8 KB
Image
General
Full URL
https://thesun.my/base-portlet/webrsrc/theme/ef42d55a70095e7e6192be26e9969101.png
Requested by
Host: thesun.my
URL: https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
1ac0ce33552db923a7b55580a0cb05de9fabddd4054e9436afd9e259a09c177f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/base-portlet/webrsrc/theme/2c6ac3d61cbdeb5f814241c786a872d0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
server
nginx/1.14.0
etag
"1d14a2c2"
content-type
image/png;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
7694
expires
Sat, 28 Dec 2024 15:48:18 GMT
/
avd.innity.com/uidsync/init/ Frame BC98
43 B
581 B
Image
General
Full URL
https://avd.innity.com/uidsync/init/?idsr=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D1381%26g%3D204%26j%3D0&c=HK&itmcb=1705507742928
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 16:09:04 GMT
Last-Modified
Wed, 17 Jan 2024 16:09:04 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
sync
x.bidswitch.net/ Frame BC98
Redirect Chain
  • https://avd.innity.com/uidsync/getuid/?idsr=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fssp%3Dinnity%26user_id%3D%24UID&itmcb=1705507742928
  • https://x.bidswitch.net/sync?ssp=innity&user_id=eee5a53396bec803fac54f48b9927b16
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=innity&user_id=eee5a53396bec803fac54f48b9927b16
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Server
35.157.107.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-107-95.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 16:09:04 GMT
Last-Modified
Wed, 17 Jan 2024 16:09:04 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Location
https://x.bidswitch.net/sync?ssp=innity&user_id=eee5a53396bec803fac54f48b9927b16
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
qapcore.js
cdn.iterwebcms.com/_proxy_https_/mas.protecmedia.com/
68 KB
24 KB
Script
General
Full URL
https://cdn.iterwebcms.com/_proxy_https_/mas.protecmedia.com/qapcore.js
Requested by
Host: cdn.iterwebcms.com
URL: https://cdn.iterwebcms.com/_proxy_https_/mas.protecmedia.com/mas-tracker-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:cc59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a06c5a7910eed361c70a9cb9b1cd9d46383201166baf8532e05bef33c865b488

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-log
https://mas.protecmedia.com/qapcore.js
date
Wed, 17 Jan 2024 16:09:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5119
x-node
mas1
last-modified
Mon, 14 Dec 2020 14:31:58 GMT
server
cloudflare
etag
W/"10eed-5b66d81350f0a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdmsUdo%2BD7xYL5ePJBu0VmWTRv%2BPUrLNJKJ6SRHQTUXrLOqYe3AFmqvknHf1nh2KZ6ITRekt9hlHaxVfIrAczKjAV0Z5xSgp%2F56doTedw63Xa4twvCI9Qd0GbZCtFm%2BouEzkG3vexVuX3%2BFGbwG1Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
846fdc417bdac25e-VIE
visit.jsp
thesun.my/news-portlet/html/counter-portlet/
0
57 B
XHR
General
Full URL
https://thesun.my/news-portlet/html/counter-portlet/visit.jsp
Requested by
Host: thesun.my
URL: https://thesun.my/html/js/iter-libraries/iter-util-http.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
server
nginx/1.14.0
content-length
0
content-type
text/plain
admanager.js
cdn.innity.net/ Frame 99A1
12 KB
4 KB
Script
General
Full URL
https://cdn.innity.net/admanager.js
Requested by
Host: cdn.innity.net
URL: https://cdn.innity.net/admanager-async.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e9d627b37bb2437e38e178e2c5776d50a3163be9b0976526b4ab133922a34963

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Nov 2023 09:17:20 GMT
Server
Apache
ETag
"2e2f-6097852320800-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3929
Expires
Thu, 18 Jan 2024 16:09:02 GMT
switzerland-diplomacy-economy-summit-davos-104621_3809008_20240117175709.jpg
thesun.my/binrepository/648x432/0c0/0d0/none/11808/SFMK/
24 KB
24 KB
Image
General
Full URL
https://thesun.my/binrepository/648x432/0c0/0d0/none/11808/SFMK/switzerland-diplomacy-economy-summit-davos-104621_3809008_20240117175709.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
88d6496cf7f3cf09daa65d1d49d6fbcc9ac52121931779ed040fa7fe94fd98f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
server
nginx/1.14.0
etag
"c5238aa0"
content-type
image/jpeg
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
24672
expires
Thu, 16 Jan 2025 09:57:36 GMT
image-1_3808904_20240117175300.jpg
thesun.my/binrepository/768x390/0c0/0d0/none/11808/WMFN/
26 KB
26 KB
Image
General
Full URL
https://thesun.my/binrepository/768x390/0c0/0d0/none/11808/WMFN/image-1_3808904_20240117175300.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
e93cdb31b4ee57d013ecc7ce11ea97c9c8246302f5daaeb713412bacdd514dae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
server
nginx/1.14.0
etag
"d518fcb5"
content-type
image/jpeg
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
26353
expires
Thu, 16 Jan 2025 09:53:23 GMT
ptj05-11012024-kpdn_3808846_20240117173816.jpg
thesun.my/binrepository/628x432/0c0/0d0/none/11808/GHWW/
23 KB
23 KB
Image
General
Full URL
https://thesun.my/binrepository/628x432/0c0/0d0/none/11808/GHWW/ptj05-11012024-kpdn_3808846_20240117173816.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
d17dbbdee3e5aad95afa42ced9fb9c6f97b25e78af823d81d895f6edd2bfa286

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
server
nginx/1.14.0
etag
"e7b38b9f"
content-type
image/jpeg
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
23226
expires
Thu, 16 Jan 2025 09:39:36 GMT
/
avd.innity.com/dc/cb/ Frame C5F5
59 B
548 B
Script
General
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
1aba0ac1c69bba2a8057b9e9564b302bdcbd059b864e8f370874220e3d0af8ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 16:09:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Jan 2024 16:09:04 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
79
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
as.innity.com/synd/ Frame 99A1
1 KB
1 KB
Script
General
Full URL
https://as.innity.com/synd/?cb=1705507742987&ver=1&pub=1f9b616faddedc02339603f3b37d196c&zone=65665&output=js&flash=0&url=thesun.my&width=*&height=*&cat=NEWS,BUSINESS_FINANCE,LIFESTYLE&vpw=1600&vph=1200&auction=e629e7d-2ebd882&u=aHR0cHM6Ly90aGVzdW4ubXkvaG9tZV9uZXdzL2duYW5hcmFqYS1zLXJtMTltLWNoZWF0aW5nLWNhc2UtY2xhc3NpZmllZC1hcy1uZmEtZHBwLUdCMTAwMDc0NjM%3D
Requested by
Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.199.63 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
345c9e00e0c9e2af71228159d1bc6c36e8856b8e4df8325877211828fe858204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 16:09:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Jan 2024 16:09:03 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Length
752
Expires
Sat, 03 Sep 1983 02:00:00 GMT
container.html
b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1DF5
6 KB
3 KB
Document
General
Full URL
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 16:09:02 GMT
expires
Thu, 16 Jan 2025 16:09:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6A23
6 KB
3 KB
Document
General
Full URL
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 16:09:02 GMT
expires
Thu, 16 Jan 2025 16:09:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8C56
6 KB
3 KB
Document
General
Full URL
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 16:09:02 GMT
expires
Thu, 16 Jan 2025 16:09:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FD5B
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=161518
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 17 Jan 2024 16:09:03 GMT
expires
Fri, 19 Jan 2024 13:01:01 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
endpoint
mas.protecmedia.com/
43 B
153 B
Image
General
Full URL
https://mas.protecmedia.com/endpoint?action_name=Gnanaraja%E2%80%99s%20RM19m%20cheating%20case%20classified%20as%20NFA%3A%20DPP&send_image=1&idsite=076C0FICOSYDT&rec=1&r=744201&h=17&m=9&s=3&url=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&_id=6b389c94556e0595&_idts=1705507743&_idvc=1&_idn=0&_refts=0&_viewts=1705507743&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&dimension1=Article&dimension2=Article%3A%20GB10007463&data=%7B%22pv_epoch%22%3A1705507743109%2C%22metadata%22%3A%5B%5D%7D&gt_ms=20&pv_id=ZEF2ru
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.47.76.44 , Spain, ASN35167 (PROTEC, ES),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
cache-control
no-store
content-encoding
none
server
nginx
content-length
43
vary
Origin
content-type
image/gif
firebase-app.js
www.gstatic.com/firebasejs/5.10.0/
36 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/5.10.0/firebase-app.js
Requested by
Host: cdn.iterwebcms.com
URL: https://cdn.iterwebcms.com/_proxy_https_/mas.protecmedia.com/mas-push-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a115f817f2bd8c8be9c52fe5224dfab831aa8e68b3118c67bfa06f7b26eb4c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 17:40:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13240
x-xss-protection
0
last-modified
Thu, 18 Apr 2019 21:13:43 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jan 2025 17:40:11 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1DF5
24 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
453079
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 11 Jan 2025 10:17:44 GMT
admanager.js
cdn.innity.net/ Frame 1DF5
12 KB
4 KB
Script
General
Full URL
https://cdn.innity.net/admanager.js
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e9d627b37bb2437e38e178e2c5776d50a3163be9b0976526b4ab133922a34963

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Nov 2023 09:17:20 GMT
Server
Apache
ETag
"2e2f-6097852320800-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3929
Expires
Thu, 18 Jan 2024 16:09:03 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1DF5
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 16:09:03 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 6DB3
150 KB
50 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs4Hg6d6AAVrzDj7O3ZwOdeWBfZNQA&u=%7CEzVrkB%2FwlVazBnoJWPIEkmyUlAkPEFgDCu6Hve9TBv8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZUj23gMW68cEzRZjxX3avG5aa7FJU_bspXKmxF6gNz9f-JLH4qNII0rlOsKLmPZCOsfj_kAiwPZz1SX_vbkiQnlWJnP1UuZApnwa8ePasUDBikhb9QHtPtpUAi3CWvI7Xo8D8nedW2sFwLR6oZq98HpCW8C6bz2fWhiudBYxQwGzR_XlacyMDpOVvTz7OyeJKaWisptU_Ti8SIW142neHj3WwhjgSXedOmgW_55ckKe4eB_G_clZaCSwgCeFsOPSlJdAErGgz9nArquhWB9que3E0bTDHgrEMW_zi9buoQwt_3fTh0-_5FcgOFvjwNbLh5vjhYto35zs9fuAEc4EyAqzJdrGzIwTJNBYQH0q8CNmTu-3ZwAWy0BkpnSe7xQeo318FA8-QAMvHXsyGAx1PoyGRsbmo5v59nq1aPz5tgD0zWYggDqPWJF1gWjLf9M2Wvte5o1ZIRpkk5ltjOxcy97By7C2SD527CrmdUqDmYs-bQIZCuR0cza6HYRQb_rIBGXR5AhL7DsXP4qwK-tT-st3rDiTQbM8jvFXcyiXOY_MUwcRDLASuskPUZnbbGpiJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaBJEnvunZc6tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgThAk_Q2MKEuMlFxGNIQ36w3y5b-JvjqJoYsEd1XKuPMiy8P15G0WOeQbrubkxNuPi6soiPjaOdj0_77-OK0L2-XuFD6oNXjFuSrp5l_Y3Q44SXKA_V7Cw7fQn9SA6i1w1ty3iMuJ0I1_JjnivkaELUj2mK2KJTcntyraCO6400GX4IFO1dEhx5TIiYfHpeuZ_ZsllqOeRGYP5fCZefbspLmmJBPksZIWY1JrGLoZUn6gn_wMKbNCkOXFLWR4b_EJbkjrmstLps5l33HbN5WIft8Gz0hUPmWESjvhbNW5EtSORu_VeXAu7ylAmHwFFA00lVvsdLD_blL9aECXaR_Qy_OVYFTExwLlmUmzC9lZ7vkidtlTLHohLzPYFY6JDcaMcXIQDBGnOSnZQtbxhHF7Di6XTmW7Cau6vpa42B6CnTZ5BVKSNWjy91FsK-Ko_sLkvoLNTSiZxvfaSf2Hq7bKAghYk94AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiGhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_1HLLolqtq85nHzW8b0DDms_HBROw%26client%3Dca-pub-6480054480478840%26adurl%3D
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
725738f887a00d725239f9508e87e5e6019e4b092cd3fc778353df1d7d297c0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 16:09:03 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=mSh3Pq-nrMDNcxUUZnlIqQGoMNPP2h0qHCQHg002QDLDHaI-iuCm2stLq0yooPJDwUBz2zDJMCQzaP7ux_0qAFFY_c8-HSedZtkeqhua1bbVgjcnI8YvNxCab3CTvIb_MR-IleHHg12a940NnXRfdrADLuJ0SwMOhqWCi8okEYmKUEpNlKp1DeLLwXtz5wdmnM9X7xXQWyzNcAXfbYc-ayez2d5n8o13Iy5iEfjrK1WpCqCvKeQtpTxb6OEeGCWU8dUM-A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
50263706
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 6A23
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/window_focus_fy2021.js
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:53:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:53:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 6A23
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:00:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
4109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:00:34 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6A23
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
453079
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 11 Jan 2025 10:17:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6A23
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 16:09:03 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 6D55
351 KB
75 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cb3e3395d2b42ced908b66aa47fe64d6c3669963a4f653bab216b185d0c6bc33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 16:09:02 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=qFL9U6-nrMDNcxUU3AGRfJn3txI3DOQfe2S-x7lpUZyXcvUT2PIwjs6Hrp_ELiNq7rdvmSvrzvyVPSSZPtUn89kQB5qLek5SmxUzf7oOGMXeMo4KrPGkVOZSUGQ-bnsJWpiD8MHIGuxX9jXSo7Gd0Hq0jkTT2BdJXNpkuhgmSs6tIbYrfxfo3Oz3Vv5B8Zo-AoM3e9nukgIKcSMOznvKpc2kwOe9w5nm-LWsJQrwQM5uco0NTpa5_HIdSl42tBr3RxF_vA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
116197498
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 8C56
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/window_focus_fy2021.js
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:53:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:53:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 8C56
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:00:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
4109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:00:34 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8C56
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
453079
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 11 Jan 2025 10:17:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8C56
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 16:09:03 GMT
innity_blank.js
media.innity.net/adnetwork/default/ Frame 99A1
1 KB
841 B
Script
General
Full URL
https://media.innity.net/adnetwork/default/innity_blank.js
Requested by
Host: as.innity.com
URL: https://as.innity.com/synd/?cb=1705507742987&ver=1&pub=1f9b616faddedc02339603f3b37d196c&zone=65665&output=js&flash=0&url=thesun.my&width=*&height=*&cat=NEWS,BUSINESS_FINANCE,LIFESTYLE&vpw=1600&vph=1200&auction=e629e7d-2ebd882&u=aHR0cHM6Ly90aGVzdW4ubXkvaG9tZV9uZXdzL2duYW5hcmFqYS1zLXJtMTltLWNoZWF0aW5nLWNhc2UtY2xhc3NpZmllZC1hcy1uZmEtZHBwLUdCMTAwMDc0NjM%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
95767e63cd01709ecc9ba635292a11c5deb22f78cf4210a97698ab7c8392f112

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Sep 2021 01:54:04 GMT
Server
Apache
ETag
"52e-5cb49ec79a700-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
470
Expires
Wed, 17 Jan 2024 16:39:03 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame FD5B
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=22534744&p=163515&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
content-length
0
ca-pub-6999968698827395
fundingchoicesmessages.google.com/i/
182 KB
61 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-6999968698827395?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6999968698827395&plah=thesun.my&bust=31080430
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3c688736ecaf95c6c36b49c0eb05ea4e59bdb2cb74f049fcfb1e63f4856af8f9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-G9_jzdAppkY0f2SWIl0K_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-G9_jzdAppkY0f2SWIl0K_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
container_576b5a051c51b1c0244bca09.js
ssl-avd.innity.net/1/ Frame E92D
11 KB
4 KB
Script
General
Full URL
https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
nginx/1.24.0 /
Resource Hash
fcbfe3701531c9c0a1cdf0f9adaf43370498a8a46185ec0639f844a14f1f5541

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Oct 2023 07:45:31 GMT
Server
nginx/1.24.0
ETag
"6528f59b-2aa5-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2395890
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3678
Expires
Wed, 14 Feb 2024 09:40:33 GMT
analytics.js
cdn.innity.net/ Frame 99A1
301 B
547 B
Script
General
Full URL
https://cdn.innity.net/analytics.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
03d0e8a81b76b97330c387401f890774b9d88750ea2d7b7d85da4851ca2ef3ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Oct 2023 08:05:30 GMT
Server
Apache
ETag
"12d-606df78894680-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
175
Expires
Thu, 18 Jan 2024 16:09:03 GMT
json
trc.taboola.com/thesundaily/trc/3/
84 KB
24 KB
XHR
General
Full URL
https://trc.taboola.com/thesundaily/trc/3/json?tim=17%3A09%3A03.437&lti=deflated&data=%7B%22id%22%3A49%2C%22ii%22%3A%22%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-gb10007463%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1705403332057%2C%22vi%22%3A1705507743434%2C%22cv%22%3A%2220240116-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463%22%2C%22vpi%22%3A%22%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-gb10007463%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4598%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A20%2C%22uim%22%3A%22alternating-thumbnails-widget%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20Widget%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20Widget%22%2C%22cd%22%3A4325.734375%2C%22mw%22%3A0%2C%22amw%22%3A774.046875%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-gb10007463%2CBelow%20Article%20Thumbnails%20Widget%3Dalternating-thumbnails-widget%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240116-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5f57f565c4c7279430677734ceb821c0150a786fa2f370ae60072bb3d6e61cbe

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
283
date
Wed, 17 Jan 2024 16:09:03 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.648125
x-fastly-to-nlb-rtt
7511
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220103-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1705507743.459453,VS0,VE283
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://thesun.my
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
view
securepubads.g.doubleclick.net/pcs/ Frame 1DF5
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWv1Y3FwuQGX1XqElaN2vVp8KxklNT-ylQVXB_-N3nX1J4IQItN53BD0OdLdH1GV8FX3rvBqAFzaac20DMSfBlZMVlz-hdzuxdv-YQfmj53pB166WQYxKd1LZZRG_aV7ejZftpwJRZf14P2BB2rzOz3x7oH3cqPh6L0_CnR-oizEyMWjWaE6PJ3oTA__ifjfJ363ldDofPgDqCo4phJLI_pNgNhK-bGIWG3Tc87GmRNwwOOELNKUN-NkE-NbQfv03Sabzv2p9lRAYaGn3PdcyGEVE-A2jOYWKHYYo5w4wVYZgjLeVC-KH1J1Tb8B4VZKqMRFLX&sai=AMfl-YSMFRxi1Eug6z3yD46DIjf99bBENfxTzi31RhSOIEr6NYiyvE71W527hcWfZFkbpfgNaGrFrdT7bII7Sda2TBu8TV9JcSsBFjlBIV3EQouRs_GI3DncLT2r_BQjwelVdqhyw0dQf3p93xuyFY0WEZg8&sig=Cg0ArKJSzFiPik5Vy5coEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
as.innity.com/synd/ Frame 1DF5
2 KB
1 KB
Script
General
Full URL
https://as.innity.com/synd/?cb=1705507743442&ver=1&pub=1f9b616faddedc02339603f3b37d196c&zone=65662&output=js_framed&flash=0&url=thesun.my&width=728&height=90&sf=1&vpw=728&vph=90&auction=386cca4-8e915ad&u=aHR0cHM6Ly90aGVzdW4ubXkv
Requested by
Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.199.63 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
243c46ffeda13560879aa749f78df1a921a9c2a5ab147a8a69535aec40713d8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 16:09:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Jan 2024 16:09:03 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Length
845
Expires
Sat, 03 Sep 1983 02:00:00 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.10.0/
32 KB
9 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/5.10.0/firebase-messaging.js
Requested by
Host: cdn.iterwebcms.com
URL: https://cdn.iterwebcms.com/_proxy_https_/mas.protecmedia.com/mas-push-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
093f8d663a73e5760f8297b887f749520bb7540fd287e7f37c6969b0ee912a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 06:51:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8691
x-xss-protection
0
last-modified
Thu, 18 Apr 2019 21:13:43 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jan 2025 06:51:46 GMT
truncated
/ Frame 6A23
205 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25ab27d249ad15240f3da617e87d6fc002b7190ced7b123569f22a290df7083c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8C56
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adf19070c11a79abb5ad4d88f58c000ccb2960d282171a3cd91a45df6eb8009b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6DB3
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs4Hg6d6AAVrzDj7O3ZwOdeWBfZNQA&u=%7CEzVrkB%2FwlVazBnoJWPIEkmyUlAkPEFgDCu6Hve9TBv8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZUj23gMW68cEzRZjxX3avG5aa7FJU_bspXKmxF6gNz9f-JLH4qNII0rlOsKLmPZCOsfj_kAiwPZz1SX_vbkiQnlWJnP1UuZApnwa8ePasUDBikhb9QHtPtpUAi3CWvI7Xo8D8nedW2sFwLR6oZq98HpCW8C6bz2fWhiudBYxQwGzR_XlacyMDpOVvTz7OyeJKaWisptU_Ti8SIW142neHj3WwhjgSXedOmgW_55ckKe4eB_G_clZaCSwgCeFsOPSlJdAErGgz9nArquhWB9que3E0bTDHgrEMW_zi9buoQwt_3fTh0-_5FcgOFvjwNbLh5vjhYto35zs9fuAEc4EyAqzJdrGzIwTJNBYQH0q8CNmTu-3ZwAWy0BkpnSe7xQeo318FA8-QAMvHXsyGAx1PoyGRsbmo5v59nq1aPz5tgD0zWYggDqPWJF1gWjLf9M2Wvte5o1ZIRpkk5ltjOxcy97By7C2SD527CrmdUqDmYs-bQIZCuR0cza6HYRQb_rIBGXR5AhL7DsXP4qwK-tT-st3rDiTQbM8jvFXcyiXOY_MUwcRDLASuskPUZnbbGpiJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaBJEnvunZc6tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgThAk_Q2MKEuMlFxGNIQ36w3y5b-JvjqJoYsEd1XKuPMiy8P15G0WOeQbrubkxNuPi6soiPjaOdj0_77-OK0L2-XuFD6oNXjFuSrp5l_Y3Q44SXKA_V7Cw7fQn9SA6i1w1ty3iMuJ0I1_JjnivkaELUj2mK2KJTcntyraCO6400GX4IFO1dEhx5TIiYfHpeuZ_ZsllqOeRGYP5fCZefbspLmmJBPksZIWY1JrGLoZUn6gn_wMKbNCkOXFLWR4b_EJbkjrmstLps5l33HbN5WIft8Gz0hUPmWESjvhbNW5EtSORu_VeXAu7ylAmHwFFA00lVvsdLD_blL9aECXaR_Qy_OVYFTExwLlmUmzC9lZ7vkidtlTLHohLzPYFY6JDcaMcXIQDBGnOSnZQtbxhHF7Di6XTmW7Cau6vpa42B6CnTZ5BVKSNWjy91FsK-Ko_sLkvoLNTSiZxvfaSf2Hq7bKAghYk94AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiGhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_1HLLolqtq85nHzW8b0DDms_HBROw%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Jan 2025 16:09:03 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6DB3
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs4Hg6d6AAVrzDj7O3ZwOdeWBfZNQA&u=%7CEzVrkB%2FwlVazBnoJWPIEkmyUlAkPEFgDCu6Hve9TBv8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZUj23gMW68cEzRZjxX3avG5aa7FJU_bspXKmxF6gNz9f-JLH4qNII0rlOsKLmPZCOsfj_kAiwPZz1SX_vbkiQnlWJnP1UuZApnwa8ePasUDBikhb9QHtPtpUAi3CWvI7Xo8D8nedW2sFwLR6oZq98HpCW8C6bz2fWhiudBYxQwGzR_XlacyMDpOVvTz7OyeJKaWisptU_Ti8SIW142neHj3WwhjgSXedOmgW_55ckKe4eB_G_clZaCSwgCeFsOPSlJdAErGgz9nArquhWB9que3E0bTDHgrEMW_zi9buoQwt_3fTh0-_5FcgOFvjwNbLh5vjhYto35zs9fuAEc4EyAqzJdrGzIwTJNBYQH0q8CNmTu-3ZwAWy0BkpnSe7xQeo318FA8-QAMvHXsyGAx1PoyGRsbmo5v59nq1aPz5tgD0zWYggDqPWJF1gWjLf9M2Wvte5o1ZIRpkk5ltjOxcy97By7C2SD527CrmdUqDmYs-bQIZCuR0cza6HYRQb_rIBGXR5AhL7DsXP4qwK-tT-st3rDiTQbM8jvFXcyiXOY_MUwcRDLASuskPUZnbbGpiJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaBJEnvunZc6tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgThAk_Q2MKEuMlFxGNIQ36w3y5b-JvjqJoYsEd1XKuPMiy8P15G0WOeQbrubkxNuPi6soiPjaOdj0_77-OK0L2-XuFD6oNXjFuSrp5l_Y3Q44SXKA_V7Cw7fQn9SA6i1w1ty3iMuJ0I1_JjnivkaELUj2mK2KJTcntyraCO6400GX4IFO1dEhx5TIiYfHpeuZ_ZsllqOeRGYP5fCZefbspLmmJBPksZIWY1JrGLoZUn6gn_wMKbNCkOXFLWR4b_EJbkjrmstLps5l33HbN5WIft8Gz0hUPmWESjvhbNW5EtSORu_VeXAu7ylAmHwFFA00lVvsdLD_blL9aECXaR_Qy_OVYFTExwLlmUmzC9lZ7vkidtlTLHohLzPYFY6JDcaMcXIQDBGnOSnZQtbxhHF7Di6XTmW7Cau6vpa42B6CnTZ5BVKSNWjy91FsK-Ko_sLkvoLNTSiZxvfaSf2Hq7bKAghYk94AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiGhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_1HLLolqtq85nHzW8b0DDms_HBROw%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Jan 2025 16:09:03 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6DB3
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs4Hg6d6AAVrzDj7O3ZwOdeWBfZNQA&u=%7CEzVrkB%2FwlVazBnoJWPIEkmyUlAkPEFgDCu6Hve9TBv8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZUj23gMW68cEzRZjxX3avG5aa7FJU_bspXKmxF6gNz9f-JLH4qNII0rlOsKLmPZCOsfj_kAiwPZz1SX_vbkiQnlWJnP1UuZApnwa8ePasUDBikhb9QHtPtpUAi3CWvI7Xo8D8nedW2sFwLR6oZq98HpCW8C6bz2fWhiudBYxQwGzR_XlacyMDpOVvTz7OyeJKaWisptU_Ti8SIW142neHj3WwhjgSXedOmgW_55ckKe4eB_G_clZaCSwgCeFsOPSlJdAErGgz9nArquhWB9que3E0bTDHgrEMW_zi9buoQwt_3fTh0-_5FcgOFvjwNbLh5vjhYto35zs9fuAEc4EyAqzJdrGzIwTJNBYQH0q8CNmTu-3ZwAWy0BkpnSe7xQeo318FA8-QAMvHXsyGAx1PoyGRsbmo5v59nq1aPz5tgD0zWYggDqPWJF1gWjLf9M2Wvte5o1ZIRpkk5ltjOxcy97By7C2SD527CrmdUqDmYs-bQIZCuR0cza6HYRQb_rIBGXR5AhL7DsXP4qwK-tT-st3rDiTQbM8jvFXcyiXOY_MUwcRDLASuskPUZnbbGpiJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaBJEnvunZc6tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgThAk_Q2MKEuMlFxGNIQ36w3y5b-JvjqJoYsEd1XKuPMiy8P15G0WOeQbrubkxNuPi6soiPjaOdj0_77-OK0L2-XuFD6oNXjFuSrp5l_Y3Q44SXKA_V7Cw7fQn9SA6i1w1ty3iMuJ0I1_JjnivkaELUj2mK2KJTcntyraCO6400GX4IFO1dEhx5TIiYfHpeuZ_ZsllqOeRGYP5fCZefbspLmmJBPksZIWY1JrGLoZUn6gn_wMKbNCkOXFLWR4b_EJbkjrmstLps5l33HbN5WIft8Gz0hUPmWESjvhbNW5EtSORu_VeXAu7ylAmHwFFA00lVvsdLD_blL9aECXaR_Qy_OVYFTExwLlmUmzC9lZ7vkidtlTLHohLzPYFY6JDcaMcXIQDBGnOSnZQtbxhHF7Di6XTmW7Cau6vpa42B6CnTZ5BVKSNWjy91FsK-Ko_sLkvoLNTSiZxvfaSf2Hq7bKAghYk94AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiGhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_1HLLolqtq85nHzW8b0DDms_HBROw%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 11 Jan 2025 16:09:03 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6DB3
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs4Hg6d6AAVrzDj7O3ZwOdeWBfZNQA&u=%7CEzVrkB%2FwlVazBnoJWPIEkmyUlAkPEFgDCu6Hve9TBv8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZUj23gMW68cEzRZjxX3avG5aa7FJU_bspXKmxF6gNz9f-JLH4qNII0rlOsKLmPZCOsfj_kAiwPZz1SX_vbkiQnlWJnP1UuZApnwa8ePasUDBikhb9QHtPtpUAi3CWvI7Xo8D8nedW2sFwLR6oZq98HpCW8C6bz2fWhiudBYxQwGzR_XlacyMDpOVvTz7OyeJKaWisptU_Ti8SIW142neHj3WwhjgSXedOmgW_55ckKe4eB_G_clZaCSwgCeFsOPSlJdAErGgz9nArquhWB9que3E0bTDHgrEMW_zi9buoQwt_3fTh0-_5FcgOFvjwNbLh5vjhYto35zs9fuAEc4EyAqzJdrGzIwTJNBYQH0q8CNmTu-3ZwAWy0BkpnSe7xQeo318FA8-QAMvHXsyGAx1PoyGRsbmo5v59nq1aPz5tgD0zWYggDqPWJF1gWjLf9M2Wvte5o1ZIRpkk5ltjOxcy97By7C2SD527CrmdUqDmYs-bQIZCuR0cza6HYRQb_rIBGXR5AhL7DsXP4qwK-tT-st3rDiTQbM8jvFXcyiXOY_MUwcRDLASuskPUZnbbGpiJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaBJEnvunZc6tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgThAk_Q2MKEuMlFxGNIQ36w3y5b-JvjqJoYsEd1XKuPMiy8P15G0WOeQbrubkxNuPi6soiPjaOdj0_77-OK0L2-XuFD6oNXjFuSrp5l_Y3Q44SXKA_V7Cw7fQn9SA6i1w1ty3iMuJ0I1_JjnivkaELUj2mK2KJTcntyraCO6400GX4IFO1dEhx5TIiYfHpeuZ_ZsllqOeRGYP5fCZefbspLmmJBPksZIWY1JrGLoZUn6gn_wMKbNCkOXFLWR4b_EJbkjrmstLps5l33HbN5WIft8Gz0hUPmWESjvhbNW5EtSORu_VeXAu7ylAmHwFFA00lVvsdLD_blL9aECXaR_Qy_OVYFTExwLlmUmzC9lZ7vkidtlTLHohLzPYFY6JDcaMcXIQDBGnOSnZQtbxhHF7Di6XTmW7Cau6vpa42B6CnTZ5BVKSNWjy91FsK-Ko_sLkvoLNTSiZxvfaSf2Hq7bKAghYk94AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiGhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_1HLLolqtq85nHzW8b0DDms_HBROw%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 11 Jan 2025 16:09:03 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 6DB3
43 B
348 B
Image
General
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=2tVddJ3gPfgEnCaj6vwb1cS3pMqljTOR3gPuRXBmTYGBUUf9NloKnnca3Q0qybwcgrQV5LQxPvh6dYH3E731UBCfNb0qUhFVaTU619YshNNKpSfWuVS4qd8qZLjh32eiLCDo-WWxBI7aCFF7avMhK_5FCN4q8hAhLZP5e76zhsnsL4rGQ-kHglpthTf9n86Qn6lmfCJQBfX7oEKZijZHKxN3jBVdXkOivuePn_EF3VQmVJ72zI9_BFFZP9_gFD77Vp5IKk-x6aEUl5bWSKkI-2MrePLUIMFwLtK1EFtBimROOpNyBRcTXmUYQu7bYooTwBtesdmUI2O48BIE5oxzciK2AQU_7hpCRk-nyoLHWhskKe2QZ5-H9biOikZe7xgivFayi3bnagILpGYJolaYFyDoi6-dWtfYkq-WZ50CWt5mTrb3
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs4Hg6d6AAVrzDj7O3ZwOdeWBfZNQA&u=%7CEzVrkB%2FwlVazBnoJWPIEkmyUlAkPEFgDCu6Hve9TBv8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZUj23gMW68cEzRZjxX3avG5aa7FJU_bspXKmxF6gNz9f-JLH4qNII0rlOsKLmPZCOsfj_kAiwPZz1SX_vbkiQnlWJnP1UuZApnwa8ePasUDBikhb9QHtPtpUAi3CWvI7Xo8D8nedW2sFwLR6oZq98HpCW8C6bz2fWhiudBYxQwGzR_XlacyMDpOVvTz7OyeJKaWisptU_Ti8SIW142neHj3WwhjgSXedOmgW_55ckKe4eB_G_clZaCSwgCeFsOPSlJdAErGgz9nArquhWB9que3E0bTDHgrEMW_zi9buoQwt_3fTh0-_5FcgOFvjwNbLh5vjhYto35zs9fuAEc4EyAqzJdrGzIwTJNBYQH0q8CNmTu-3ZwAWy0BkpnSe7xQeo318FA8-QAMvHXsyGAx1PoyGRsbmo5v59nq1aPz5tgD0zWYggDqPWJF1gWjLf9M2Wvte5o1ZIRpkk5ltjOxcy97By7C2SD527CrmdUqDmYs-bQIZCuR0cza6HYRQb_rIBGXR5AhL7DsXP4qwK-tT-st3rDiTQbM8jvFXcyiXOY_MUwcRDLASuskPUZnbbGpiJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaBJEnvunZc6tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgThAk_Q2MKEuMlFxGNIQ36w3y5b-JvjqJoYsEd1XKuPMiy8P15G0WOeQbrubkxNuPi6soiPjaOdj0_77-OK0L2-XuFD6oNXjFuSrp5l_Y3Q44SXKA_V7Cw7fQn9SA6i1w1ty3iMuJ0I1_JjnivkaELUj2mK2KJTcntyraCO6400GX4IFO1dEhx5TIiYfHpeuZ_ZsllqOeRGYP5fCZefbspLmmJBPksZIWY1JrGLoZUn6gn_wMKbNCkOXFLWR4b_EJbkjrmstLps5l33HbN5WIft8Gz0hUPmWESjvhbNW5EtSORu_VeXAu7ylAmHwFFA00lVvsdLD_blL9aECXaR_Qy_OVYFTExwLlmUmzC9lZ7vkidtlTLHohLzPYFY6JDcaMcXIQDBGnOSnZQtbxhHF7Di6XTmW7Cau6vpa42B6CnTZ5BVKSNWjy91FsK-Ko_sLkvoLNTSiZxvfaSf2Hq7bKAghYk94AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiGhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_1HLLolqtq85nHzW8b0DDms_HBROw%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2399470
expires
Mon, 26 Jul 1997 05:00:00 GMT
bulk-metrics
trc-events.taboola.com/thesundaily/log/3/
0
243 B
XHR
General
Full URL
https://trc-events.taboola.com/thesundaily/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240116-10-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://thesun.my
pragma
no-cache
date
Wed, 17 Jan 2024 16:09:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
adview
securepubads.g.doubleclick.net/pagead/ Frame 8C56
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CIibYnvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTbAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPui3-3m8ebr6mTLaldglZ7Csjuzi9Q1hUowGIwQ3dhpSnL74SAh9m4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwOACgP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwGyFxwKGhIUcHViLTY0ODAwNTQ0ODA0Nzg4NDAYv8QS&sigh=7uUq1wpqRFk&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_bALN9Z7Q7P53cm2WnOLuch84gAHthy6vUpDWpYqIqOKrBgxMTvGv49qMht-E32MCqLW5rYWY3YEMIAl0lDHJwWZE2BV0Rzz28EsYAQ&cbvp=2&vis=1
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 8C56
0
126 B
Image
General
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=ko7EGI-lBKwC2ASdg2ICAgAAALWgPnyfd7wuCTmO2xCe-6dl0li0k3sSzcczHwAAEgAACgpBUVVCQVFFQkFR&wp=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&cbvp=2
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
179908
server
Kestrel
content-length
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6D55
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Jan 2025 16:09:03 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6D55
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Jan 2025 16:09:03 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6D55
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 11 Jan 2025 16:09:03 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6D55
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 11 Jan 2025 16:09:03 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 6D55
43 B
347 B
Image
General
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=hWPGoTxU0b6L-aiYPKSx240RYS--qlKEGw5SVUVn-GylqlTXH1PlPWiYumxjO1CrPBtfC5zTj5aUhc8ZzivhThwPsM0ofQauL-YJAvCrcTea_FJmgVk5mGeHAn5RSjKeDgWqI0dg-OPRUsRn77UaMb2y0aeTnV2hmc8T3EPCEbrP-y7lVOBfVjc5FsmHB8wu0K_WkBbspokBQYq0-p7atbwyGQvvqgJ9ep8bos5BCRtWqyHsHxggGV8iinMGasx2_dZLeymMr_WYcSPw_rwCO4ssdgDtYXQmFf9XkRmHEFs69zXiYvrATQZHWcC3r0HuFCNnFZHWx_YcSAxe4FbFcZCR__vaQWmbkP52tE-mSiyjiKnaqPg73beSQ7_ohi_hXY1rTYnDfTZOQ3nm8fZZq-g-SbUawd3iDk2NpXcSP6UFsSym
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2367289
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 6DB3
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs4Hg6d6AAVrzDj7O3ZwOdeWBfZNQA&u=%7CEzVrkB%2FwlVazBnoJWPIEkmyUlAkPEFgDCu6Hve9TBv8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZUj23gMW68cEzRZjxX3avG5aa7FJU_bspXKmxF6gNz9f-JLH4qNII0rlOsKLmPZCOsfj_kAiwPZz1SX_vbkiQnlWJnP1UuZApnwa8ePasUDBikhb9QHtPtpUAi3CWvI7Xo8D8nedW2sFwLR6oZq98HpCW8C6bz2fWhiudBYxQwGzR_XlacyMDpOVvTz7OyeJKaWisptU_Ti8SIW142neHj3WwhjgSXedOmgW_55ckKe4eB_G_clZaCSwgCeFsOPSlJdAErGgz9nArquhWB9que3E0bTDHgrEMW_zi9buoQwt_3fTh0-_5FcgOFvjwNbLh5vjhYto35zs9fuAEc4EyAqzJdrGzIwTJNBYQH0q8CNmTu-3ZwAWy0BkpnSe7xQeo318FA8-QAMvHXsyGAx1PoyGRsbmo5v59nq1aPz5tgD0zWYggDqPWJF1gWjLf9M2Wvte5o1ZIRpkk5ltjOxcy97By7C2SD527CrmdUqDmYs-bQIZCuR0cza6HYRQb_rIBGXR5AhL7DsXP4qwK-tT-st3rDiTQbM8jvFXcyiXOY_MUwcRDLASuskPUZnbbGpiJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaBJEnvunZc6tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgThAk_Q2MKEuMlFxGNIQ36w3y5b-JvjqJoYsEd1XKuPMiy8P15G0WOeQbrubkxNuPi6soiPjaOdj0_77-OK0L2-XuFD6oNXjFuSrp5l_Y3Q44SXKA_V7Cw7fQn9SA6i1w1ty3iMuJ0I1_JjnivkaELUj2mK2KJTcntyraCO6400GX4IFO1dEhx5TIiYfHpeuZ_ZsllqOeRGYP5fCZefbspLmmJBPksZIWY1JrGLoZUn6gn_wMKbNCkOXFLWR4b_EJbkjrmstLps5l33HbN5WIft8Gz0hUPmWESjvhbNW5EtSORu_VeXAu7ylAmHwFFA00lVvsdLD_blL9aECXaR_Qy_OVYFTExwLlmUmzC9lZ7vkidtlTLHohLzPYFY6JDcaMcXIQDBGnOSnZQtbxhHF7Di6XTmW7Cau6vpa42B6CnTZ5BVKSNWjy91FsK-Ko_sLkvoLNTSiZxvfaSf2Hq7bKAghYk94AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiGhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_1HLLolqtq85nHzW8b0DDms_HBROw%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Jan 2025 16:09:03 GMT
animejs.js
static.criteo.net/animejs/ Frame 6D55
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Jan 2025 16:09:03 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6DB3
9 KB
9 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?h=132&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Fde7bb98efd3a445e80511badf471eccc_eu_oveckarna_vertikalni_hneda.png&v=3&w=596&rid=4&s=tjTSKSsIG8TQAGicRvuOPnYH
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs4Hg6d6AAVrzDj7O3ZwOdeWBfZNQA&u=%7CEzVrkB%2FwlVazBnoJWPIEkmyUlAkPEFgDCu6Hve9TBv8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZUj23gMW68cEzRZjxX3avG5aa7FJU_bspXKmxF6gNz9f-JLH4qNII0rlOsKLmPZCOsfj_kAiwPZz1SX_vbkiQnlWJnP1UuZApnwa8ePasUDBikhb9QHtPtpUAi3CWvI7Xo8D8nedW2sFwLR6oZq98HpCW8C6bz2fWhiudBYxQwGzR_XlacyMDpOVvTz7OyeJKaWisptU_Ti8SIW142neHj3WwhjgSXedOmgW_55ckKe4eB_G_clZaCSwgCeFsOPSlJdAErGgz9nArquhWB9que3E0bTDHgrEMW_zi9buoQwt_3fTh0-_5FcgOFvjwNbLh5vjhYto35zs9fuAEc4EyAqzJdrGzIwTJNBYQH0q8CNmTu-3ZwAWy0BkpnSe7xQeo318FA8-QAMvHXsyGAx1PoyGRsbmo5v59nq1aPz5tgD0zWYggDqPWJF1gWjLf9M2Wvte5o1ZIRpkk5ltjOxcy97By7C2SD527CrmdUqDmYs-bQIZCuR0cza6HYRQb_rIBGXR5AhL7DsXP4qwK-tT-st3rDiTQbM8jvFXcyiXOY_MUwcRDLASuskPUZnbbGpiJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaBJEnvunZc6tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgThAk_Q2MKEuMlFxGNIQ36w3y5b-JvjqJoYsEd1XKuPMiy8P15G0WOeQbrubkxNuPi6soiPjaOdj0_77-OK0L2-XuFD6oNXjFuSrp5l_Y3Q44SXKA_V7Cw7fQn9SA6i1w1ty3iMuJ0I1_JjnivkaELUj2mK2KJTcntyraCO6400GX4IFO1dEhx5TIiYfHpeuZ_ZsllqOeRGYP5fCZefbspLmmJBPksZIWY1JrGLoZUn6gn_wMKbNCkOXFLWR4b_EJbkjrmstLps5l33HbN5WIft8Gz0hUPmWESjvhbNW5EtSORu_VeXAu7ylAmHwFFA00lVvsdLD_blL9aECXaR_Qy_OVYFTExwLlmUmzC9lZ7vkidtlTLHohLzPYFY6JDcaMcXIQDBGnOSnZQtbxhHF7Di6XTmW7Cau6vpa42B6CnTZ5BVKSNWjy91FsK-Ko_sLkvoLNTSiZxvfaSf2Hq7bKAghYk94AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiGhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_1HLLolqtq85nHzW8b0DDms_HBROw%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
69bd2df73c3c16a1a57407663d6598ffe1a349461a214c5e2aa816cb0fbcff44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
9479
expires
Mon, 06 Jan 2025 02:27:18 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6DB3
10 KB
10 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F8236_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=u33XSXyHuVIVHKM5y7bQsqKb&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs4Hg6d6AAVrzDj7O3ZwOdeWBfZNQA&u=%7CEzVrkB%2FwlVazBnoJWPIEkmyUlAkPEFgDCu6Hve9TBv8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZUj23gMW68cEzRZjxX3avG5aa7FJU_bspXKmxF6gNz9f-JLH4qNII0rlOsKLmPZCOsfj_kAiwPZz1SX_vbkiQnlWJnP1UuZApnwa8ePasUDBikhb9QHtPtpUAi3CWvI7Xo8D8nedW2sFwLR6oZq98HpCW8C6bz2fWhiudBYxQwGzR_XlacyMDpOVvTz7OyeJKaWisptU_Ti8SIW142neHj3WwhjgSXedOmgW_55ckKe4eB_G_clZaCSwgCeFsOPSlJdAErGgz9nArquhWB9que3E0bTDHgrEMW_zi9buoQwt_3fTh0-_5FcgOFvjwNbLh5vjhYto35zs9fuAEc4EyAqzJdrGzIwTJNBYQH0q8CNmTu-3ZwAWy0BkpnSe7xQeo318FA8-QAMvHXsyGAx1PoyGRsbmo5v59nq1aPz5tgD0zWYggDqPWJF1gWjLf9M2Wvte5o1ZIRpkk5ltjOxcy97By7C2SD527CrmdUqDmYs-bQIZCuR0cza6HYRQb_rIBGXR5AhL7DsXP4qwK-tT-st3rDiTQbM8jvFXcyiXOY_MUwcRDLASuskPUZnbbGpiJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaBJEnvunZc6tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgThAk_Q2MKEuMlFxGNIQ36w3y5b-JvjqJoYsEd1XKuPMiy8P15G0WOeQbrubkxNuPi6soiPjaOdj0_77-OK0L2-XuFD6oNXjFuSrp5l_Y3Q44SXKA_V7Cw7fQn9SA6i1w1ty3iMuJ0I1_JjnivkaELUj2mK2KJTcntyraCO6400GX4IFO1dEhx5TIiYfHpeuZ_ZsllqOeRGYP5fCZefbspLmmJBPksZIWY1JrGLoZUn6gn_wMKbNCkOXFLWR4b_EJbkjrmstLps5l33HbN5WIft8Gz0hUPmWESjvhbNW5EtSORu_VeXAu7ylAmHwFFA00lVvsdLD_blL9aECXaR_Qy_OVYFTExwLlmUmzC9lZ7vkidtlTLHohLzPYFY6JDcaMcXIQDBGnOSnZQtbxhHF7Di6XTmW7Cau6vpa42B6CnTZ5BVKSNWjy91FsK-Ko_sLkvoLNTSiZxvfaSf2Hq7bKAghYk94AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiGhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_1HLLolqtq85nHzW8b0DDms_HBROw%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
10070
expires
Fri, 02 Feb 2024 12:26:32 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6DB3
8 KB
9 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F7%2F8237_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=ZJKmhFR-95Yu-7xidx-HlUNe&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs4Hg6d6AAVrzDj7O3ZwOdeWBfZNQA&u=%7CEzVrkB%2FwlVazBnoJWPIEkmyUlAkPEFgDCu6Hve9TBv8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZUj23gMW68cEzRZjxX3avG5aa7FJU_bspXKmxF6gNz9f-JLH4qNII0rlOsKLmPZCOsfj_kAiwPZz1SX_vbkiQnlWJnP1UuZApnwa8ePasUDBikhb9QHtPtpUAi3CWvI7Xo8D8nedW2sFwLR6oZq98HpCW8C6bz2fWhiudBYxQwGzR_XlacyMDpOVvTz7OyeJKaWisptU_Ti8SIW142neHj3WwhjgSXedOmgW_55ckKe4eB_G_clZaCSwgCeFsOPSlJdAErGgz9nArquhWB9que3E0bTDHgrEMW_zi9buoQwt_3fTh0-_5FcgOFvjwNbLh5vjhYto35zs9fuAEc4EyAqzJdrGzIwTJNBYQH0q8CNmTu-3ZwAWy0BkpnSe7xQeo318FA8-QAMvHXsyGAx1PoyGRsbmo5v59nq1aPz5tgD0zWYggDqPWJF1gWjLf9M2Wvte5o1ZIRpkk5ltjOxcy97By7C2SD527CrmdUqDmYs-bQIZCuR0cza6HYRQb_rIBGXR5AhL7DsXP4qwK-tT-st3rDiTQbM8jvFXcyiXOY_MUwcRDLASuskPUZnbbGpiJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaBJEnvunZc6tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgThAk_Q2MKEuMlFxGNIQ36w3y5b-JvjqJoYsEd1XKuPMiy8P15G0WOeQbrubkxNuPi6soiPjaOdj0_77-OK0L2-XuFD6oNXjFuSrp5l_Y3Q44SXKA_V7Cw7fQn9SA6i1w1ty3iMuJ0I1_JjnivkaELUj2mK2KJTcntyraCO6400GX4IFO1dEhx5TIiYfHpeuZ_ZsllqOeRGYP5fCZefbspLmmJBPksZIWY1JrGLoZUn6gn_wMKbNCkOXFLWR4b_EJbkjrmstLps5l33HbN5WIft8Gz0hUPmWESjvhbNW5EtSORu_VeXAu7ylAmHwFFA00lVvsdLD_blL9aECXaR_Qy_OVYFTExwLlmUmzC9lZ7vkidtlTLHohLzPYFY6JDcaMcXIQDBGnOSnZQtbxhHF7Di6XTmW7Cau6vpa42B6CnTZ5BVKSNWjy91FsK-Ko_sLkvoLNTSiZxvfaSf2Hq7bKAghYk94AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiGhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_1HLLolqtq85nHzW8b0DDms_HBROw%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
53365de4339f9c2411e9bb1a56364597003ba69684c3d79182cbdb3eb64b6e60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
8508
expires
Fri, 02 Feb 2024 16:16:50 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6DB3
14 KB
14 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F18413_102.jpg%3F1680159946_2&v=3&w=400&rid=4&s=y6WD4NEI1u8djBjaHxlKjpLy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs4Hg6d6AAVrzDj7O3ZwOdeWBfZNQA&u=%7CEzVrkB%2FwlVazBnoJWPIEkmyUlAkPEFgDCu6Hve9TBv8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZUj23gMW68cEzRZjxX3avG5aa7FJU_bspXKmxF6gNz9f-JLH4qNII0rlOsKLmPZCOsfj_kAiwPZz1SX_vbkiQnlWJnP1UuZApnwa8ePasUDBikhb9QHtPtpUAi3CWvI7Xo8D8nedW2sFwLR6oZq98HpCW8C6bz2fWhiudBYxQwGzR_XlacyMDpOVvTz7OyeJKaWisptU_Ti8SIW142neHj3WwhjgSXedOmgW_55ckKe4eB_G_clZaCSwgCeFsOPSlJdAErGgz9nArquhWB9que3E0bTDHgrEMW_zi9buoQwt_3fTh0-_5FcgOFvjwNbLh5vjhYto35zs9fuAEc4EyAqzJdrGzIwTJNBYQH0q8CNmTu-3ZwAWy0BkpnSe7xQeo318FA8-QAMvHXsyGAx1PoyGRsbmo5v59nq1aPz5tgD0zWYggDqPWJF1gWjLf9M2Wvte5o1ZIRpkk5ltjOxcy97By7C2SD527CrmdUqDmYs-bQIZCuR0cza6HYRQb_rIBGXR5AhL7DsXP4qwK-tT-st3rDiTQbM8jvFXcyiXOY_MUwcRDLASuskPUZnbbGpiJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaBJEnvunZc6tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgThAk_Q2MKEuMlFxGNIQ36w3y5b-JvjqJoYsEd1XKuPMiy8P15G0WOeQbrubkxNuPi6soiPjaOdj0_77-OK0L2-XuFD6oNXjFuSrp5l_Y3Q44SXKA_V7Cw7fQn9SA6i1w1ty3iMuJ0I1_JjnivkaELUj2mK2KJTcntyraCO6400GX4IFO1dEhx5TIiYfHpeuZ_ZsllqOeRGYP5fCZefbspLmmJBPksZIWY1JrGLoZUn6gn_wMKbNCkOXFLWR4b_EJbkjrmstLps5l33HbN5WIft8Gz0hUPmWESjvhbNW5EtSORu_VeXAu7ylAmHwFFA00lVvsdLD_blL9aECXaR_Qy_OVYFTExwLlmUmzC9lZ7vkidtlTLHohLzPYFY6JDcaMcXIQDBGnOSnZQtbxhHF7Di6XTmW7Cau6vpa42B6CnTZ5BVKSNWjy91FsK-Ko_sLkvoLNTSiZxvfaSf2Hq7bKAghYk94AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiGhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_1HLLolqtq85nHzW8b0DDms_HBROw%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14338
expires
Sat, 03 Feb 2024 04:47:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6DB3
20 KB
20 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F18414_102.jpg%3F1680159992_2&v=3&w=400&rid=4&s=goyLgJwy9i0wu1RsMHWguuDt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs4Hg6d6AAVrzDj7O3ZwOdeWBfZNQA&u=%7CEzVrkB%2FwlVazBnoJWPIEkmyUlAkPEFgDCu6Hve9TBv8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZUj23gMW68cEzRZjxX3avG5aa7FJU_bspXKmxF6gNz9f-JLH4qNII0rlOsKLmPZCOsfj_kAiwPZz1SX_vbkiQnlWJnP1UuZApnwa8ePasUDBikhb9QHtPtpUAi3CWvI7Xo8D8nedW2sFwLR6oZq98HpCW8C6bz2fWhiudBYxQwGzR_XlacyMDpOVvTz7OyeJKaWisptU_Ti8SIW142neHj3WwhjgSXedOmgW_55ckKe4eB_G_clZaCSwgCeFsOPSlJdAErGgz9nArquhWB9que3E0bTDHgrEMW_zi9buoQwt_3fTh0-_5FcgOFvjwNbLh5vjhYto35zs9fuAEc4EyAqzJdrGzIwTJNBYQH0q8CNmTu-3ZwAWy0BkpnSe7xQeo318FA8-QAMvHXsyGAx1PoyGRsbmo5v59nq1aPz5tgD0zWYggDqPWJF1gWjLf9M2Wvte5o1ZIRpkk5ltjOxcy97By7C2SD527CrmdUqDmYs-bQIZCuR0cza6HYRQb_rIBGXR5AhL7DsXP4qwK-tT-st3rDiTQbM8jvFXcyiXOY_MUwcRDLASuskPUZnbbGpiJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaBJEnvunZc6tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgThAk_Q2MKEuMlFxGNIQ36w3y5b-JvjqJoYsEd1XKuPMiy8P15G0WOeQbrubkxNuPi6soiPjaOdj0_77-OK0L2-XuFD6oNXjFuSrp5l_Y3Q44SXKA_V7Cw7fQn9SA6i1w1ty3iMuJ0I1_JjnivkaELUj2mK2KJTcntyraCO6400GX4IFO1dEhx5TIiYfHpeuZ_ZsllqOeRGYP5fCZefbspLmmJBPksZIWY1JrGLoZUn6gn_wMKbNCkOXFLWR4b_EJbkjrmstLps5l33HbN5WIft8Gz0hUPmWESjvhbNW5EtSORu_VeXAu7ylAmHwFFA00lVvsdLD_blL9aECXaR_Qy_OVYFTExwLlmUmzC9lZ7vkidtlTLHohLzPYFY6JDcaMcXIQDBGnOSnZQtbxhHF7Di6XTmW7Cau6vpa42B6CnTZ5BVKSNWjy91FsK-Ko_sLkvoLNTSiZxvfaSf2Hq7bKAghYk94AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiGhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_1HLLolqtq85nHzW8b0DDms_HBROw%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f7c7cce66953f74b522c42302738a76575ba2ae2214b96a01e07626d0397160c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
20754
expires
Mon, 05 Feb 2024 12:28:24 GMT
all
csm.eu.criteo.net/ Frame 6DB3
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=mSh3Pq-nrMDNcxUUZnlIqQGoMNPP2h0qHCQHg002QDLDHaI-iuCm2stLq0yooPJDwUBz2zDJMCQzaP7ux_0qAFFY_c8-HSedZtkeqhua1bbVgjcnI8YvNxCab3CTvIb_MR-IleHHg12a940NnXRfdrADLuJ0SwMOhqWCi8okEYmKUEpNlKp1DeLLwXtz5wdmnM9X7xXQWyzNcAXfbYc-ayez2d5n8o13Iy5iEfjrK1WpCqCvKeQtpTxb6OEeGCWU8dUM-A&sds=2&rev=90178&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs4Hg6d6AAVrzDj7O3ZwOdeWBfZNQA&u=%7CEzVrkB%2FwlVazBnoJWPIEkmyUlAkPEFgDCu6Hve9TBv8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZUj23gMW68cEzRZjxX3avG5aa7FJU_bspXKmxF6gNz9f-JLH4qNII0rlOsKLmPZCOsfj_kAiwPZz1SX_vbkiQnlWJnP1UuZApnwa8ePasUDBikhb9QHtPtpUAi3CWvI7Xo8D8nedW2sFwLR6oZq98HpCW8C6bz2fWhiudBYxQwGzR_XlacyMDpOVvTz7OyeJKaWisptU_Ti8SIW142neHj3WwhjgSXedOmgW_55ckKe4eB_G_clZaCSwgCeFsOPSlJdAErGgz9nArquhWB9que3E0bTDHgrEMW_zi9buoQwt_3fTh0-_5FcgOFvjwNbLh5vjhYto35zs9fuAEc4EyAqzJdrGzIwTJNBYQH0q8CNmTu-3ZwAWy0BkpnSe7xQeo318FA8-QAMvHXsyGAx1PoyGRsbmo5v59nq1aPz5tgD0zWYggDqPWJF1gWjLf9M2Wvte5o1ZIRpkk5ltjOxcy97By7C2SD527CrmdUqDmYs-bQIZCuR0cza6HYRQb_rIBGXR5AhL7DsXP4qwK-tT-st3rDiTQbM8jvFXcyiXOY_MUwcRDLASuskPUZnbbGpiJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaBJEnvunZc6tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgThAk_Q2MKEuMlFxGNIQ36w3y5b-JvjqJoYsEd1XKuPMiy8P15G0WOeQbrubkxNuPi6soiPjaOdj0_77-OK0L2-XuFD6oNXjFuSrp5l_Y3Q44SXKA_V7Cw7fQn9SA6i1w1ty3iMuJ0I1_JjnivkaELUj2mK2KJTcntyraCO6400GX4IFO1dEhx5TIiYfHpeuZ_ZsllqOeRGYP5fCZefbspLmmJBPksZIWY1JrGLoZUn6gn_wMKbNCkOXFLWR4b_EJbkjrmstLps5l33HbN5WIft8Gz0hUPmWESjvhbNW5EtSORu_VeXAu7ylAmHwFFA00lVvsdLD_blL9aECXaR_Qy_OVYFTExwLlmUmzC9lZ7vkidtlTLHohLzPYFY6JDcaMcXIQDBGnOSnZQtbxhHF7Di6XTmW7Cau6vpa42B6CnTZ5BVKSNWjy91FsK-Ko_sLkvoLNTSiZxvfaSf2Hq7bKAghYk94AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiGhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_1HLLolqtq85nHzW8b0DDms_HBROw%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 17 Jan 2024 16:09:02 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6DB3
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs4Hg6d6AAVrzDj7O3ZwOdeWBfZNQA&u=%7CEzVrkB%2FwlVazBnoJWPIEkmyUlAkPEFgDCu6Hve9TBv8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZUj23gMW68cEzRZjxX3avG5aa7FJU_bspXKmxF6gNz9f-JLH4qNII0rlOsKLmPZCOsfj_kAiwPZz1SX_vbkiQnlWJnP1UuZApnwa8ePasUDBikhb9QHtPtpUAi3CWvI7Xo8D8nedW2sFwLR6oZq98HpCW8C6bz2fWhiudBYxQwGzR_XlacyMDpOVvTz7OyeJKaWisptU_Ti8SIW142neHj3WwhjgSXedOmgW_55ckKe4eB_G_clZaCSwgCeFsOPSlJdAErGgz9nArquhWB9que3E0bTDHgrEMW_zi9buoQwt_3fTh0-_5FcgOFvjwNbLh5vjhYto35zs9fuAEc4EyAqzJdrGzIwTJNBYQH0q8CNmTu-3ZwAWy0BkpnSe7xQeo318FA8-QAMvHXsyGAx1PoyGRsbmo5v59nq1aPz5tgD0zWYggDqPWJF1gWjLf9M2Wvte5o1ZIRpkk5ltjOxcy97By7C2SD527CrmdUqDmYs-bQIZCuR0cza6HYRQb_rIBGXR5AhL7DsXP4qwK-tT-st3rDiTQbM8jvFXcyiXOY_MUwcRDLASuskPUZnbbGpiJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaBJEnvunZc6tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgThAk_Q2MKEuMlFxGNIQ36w3y5b-JvjqJoYsEd1XKuPMiy8P15G0WOeQbrubkxNuPi6soiPjaOdj0_77-OK0L2-XuFD6oNXjFuSrp5l_Y3Q44SXKA_V7Cw7fQn9SA6i1w1ty3iMuJ0I1_JjnivkaELUj2mK2KJTcntyraCO6400GX4IFO1dEhx5TIiYfHpeuZ_ZsllqOeRGYP5fCZefbspLmmJBPksZIWY1JrGLoZUn6gn_wMKbNCkOXFLWR4b_EJbkjrmstLps5l33HbN5WIft8Gz0hUPmWESjvhbNW5EtSORu_VeXAu7ylAmHwFFA00lVvsdLD_blL9aECXaR_Qy_OVYFTExwLlmUmzC9lZ7vkidtlTLHohLzPYFY6JDcaMcXIQDBGnOSnZQtbxhHF7Di6XTmW7Cau6vpa42B6CnTZ5BVKSNWjy91FsK-Ko_sLkvoLNTSiZxvfaSf2Hq7bKAghYk94AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiGhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_1HLLolqtq85nHzW8b0DDms_HBROw%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Jan 2025 16:09:03 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6DB3
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs4Hg6d6AAVrzDj7O3ZwOdeWBfZNQA&u=%7CEzVrkB%2FwlVazBnoJWPIEkmyUlAkPEFgDCu6Hve9TBv8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZUj23gMW68cEzRZjxX3avG5aa7FJU_bspXKmxF6gNz9f-JLH4qNII0rlOsKLmPZCOsfj_kAiwPZz1SX_vbkiQnlWJnP1UuZApnwa8ePasUDBikhb9QHtPtpUAi3CWvI7Xo8D8nedW2sFwLR6oZq98HpCW8C6bz2fWhiudBYxQwGzR_XlacyMDpOVvTz7OyeJKaWisptU_Ti8SIW142neHj3WwhjgSXedOmgW_55ckKe4eB_G_clZaCSwgCeFsOPSlJdAErGgz9nArquhWB9que3E0bTDHgrEMW_zi9buoQwt_3fTh0-_5FcgOFvjwNbLh5vjhYto35zs9fuAEc4EyAqzJdrGzIwTJNBYQH0q8CNmTu-3ZwAWy0BkpnSe7xQeo318FA8-QAMvHXsyGAx1PoyGRsbmo5v59nq1aPz5tgD0zWYggDqPWJF1gWjLf9M2Wvte5o1ZIRpkk5ltjOxcy97By7C2SD527CrmdUqDmYs-bQIZCuR0cza6HYRQb_rIBGXR5AhL7DsXP4qwK-tT-st3rDiTQbM8jvFXcyiXOY_MUwcRDLASuskPUZnbbGpiJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaBJEnvunZc6tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgThAk_Q2MKEuMlFxGNIQ36w3y5b-JvjqJoYsEd1XKuPMiy8P15G0WOeQbrubkxNuPi6soiPjaOdj0_77-OK0L2-XuFD6oNXjFuSrp5l_Y3Q44SXKA_V7Cw7fQn9SA6i1w1ty3iMuJ0I1_JjnivkaELUj2mK2KJTcntyraCO6400GX4IFO1dEhx5TIiYfHpeuZ_ZsllqOeRGYP5fCZefbspLmmJBPksZIWY1JrGLoZUn6gn_wMKbNCkOXFLWR4b_EJbkjrmstLps5l33HbN5WIft8Gz0hUPmWESjvhbNW5EtSORu_VeXAu7ylAmHwFFA00lVvsdLD_blL9aECXaR_Qy_OVYFTExwLlmUmzC9lZ7vkidtlTLHohLzPYFY6JDcaMcXIQDBGnOSnZQtbxhHF7Di6XTmW7Cau6vpa42B6CnTZ5BVKSNWjy91FsK-Ko_sLkvoLNTSiZxvfaSf2Hq7bKAghYk94AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiGhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_1HLLolqtq85nHzW8b0DDms_HBROw%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Jan 2025 16:09:03 GMT
/
optimize.innity.com/ Frame 99A1
43 B
452 B
Image
General
Full URL
https://optimize.innity.com/?pubid=4428&zoneid=65665&cb=1705507743623
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.218.26.252 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 16:09:03 GMT
Last-Modified
Wed, 17 Jan 2024 16:09:03 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Sat, 03 Sep 1983 02:00:00 GMT
/
optimize2.innity.com/ Frame 99A1
43 B
347 B
Image
General
Full URL
https://optimize2.innity.com/?pubid=4428&zoneid=65665&cb=1705507743623
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.250.11.143 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/ PHP/8.2.5
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:03 GMT
last-modified
Wed, 17 Jan 2024 16:09:03 GMT
x-powered-by
PHP/8.2.5
content-type
image/gif
p3p
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Sat, 03 Sep 1983 02:00:00 GMT
dc.js
avd.innity.net/lib/ Frame E92D
20 KB
7 KB
Script
General
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: ssl-avd.innity.net
URL: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Oct 2021 06:40:46 GMT
Server
nginx/1.20.2
ETag
"61725cee-5149-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1338523
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6407
Expires
Fri, 02 Feb 2024 03:57:46 GMT
AGSKWxWpB2IgzZx4YwEXTlVr1XrFkXbaGTZtQLYRxTbUeaae3C3N6j7XrmrtIvuE7CLM_ZMncq20zuX2eeE7fZbSbdeX2zMktnFuvHryf88QCnRjkDliY1Xm0ByUw7R9PP5zu7lkbNrw0w==
fundingchoicesmessages.google.com/f/
368 KB
58 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWpB2IgzZx4YwEXTlVr1XrFkXbaGTZtQLYRxTbUeaae3C3N6j7XrmrtIvuE7CLM_ZMncq20zuX2eeE7fZbSbdeX2zMktnFuvHryf88QCnRjkDliY1Xm0ByUw7R9PP5zu7lkbNrw0w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1NTA3NzQzLDc2NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90aGVzdW4ubXkvaG9tZV9uZXdzL2duYW5hcmFqYS1zLXJtMTltLWNoZWF0aW5nLWNhc2UtY2xhc3NpZmllZC1hcy1uZmEtZHBwLUdCMTAwMDc0NjMiLG51bGwsW1s4LCJMSXFjNDFCSjVhMCJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.LIqc41BJ5a0.es5.O/am=wA/d=1/rs=AJlcJMyuHDquIDjtBjzFOiABIt8N5YwY7Q/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
77b16a4a85961955ad93aa9acc3d33c3a5adaf57642b76abb9cbc28226354c05
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kxG5zyMyUW7qH-24Ed4MAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-kxG5zyMyUW7qH-24Ed4MAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
24 KB
24 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?h=268&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=596&rid=4&s=2GjkwujxunPm6mj-0umNW1W1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
92ad632cbc67af32998d9b07a4af5420b47efee300c76f67861816ba98a5070e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
24131
expires
Mon, 06 Jan 2025 04:52:51 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
15 KB
15 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F11461_102.jpg%3F1637921114_2&v=3&w=800&rid=4&s=nK4TKOFBzfHIIkA2nAKvp5i6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
15494
expires
Sat, 03 Feb 2024 04:35:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
11 KB
11 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F7324_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=IwKD1BpsjPQVn0ngJwm0OU-m&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
702ecd49a02e24f6a8cd90db757f3da97673e55f9d64a5bd97de20c99921e440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
10996
expires
Fri, 02 Feb 2024 20:27:05 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
20 KB
20 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F2%2F23372_102.jpg%3F1704890935_2&v=3&w=800&rid=4&s=FAWz7sJgEEpbniTkiBtY37wg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ae4c516b0c7dcaff00b626773104e5907d3827f97fa2a2f9ff8b88de41b69934
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
20090
expires
Thu, 15 Feb 2024 04:31:52 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
22 KB
22 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F11463_102.jpg%3F1637921162_2&v=3&w=800&rid=4&s=roh5iC6wcuNgIZlqL0AhDz-j&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
22540
expires
Sat, 03 Feb 2024 04:28:09 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
13 KB
13 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7319_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=m4AqIPT6vKtBi04DUEvAa_5I&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
76ee0961e6fc5fe6be30f86e379b24c011ada622f43d9bf323548cc656d6cb28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
12824
expires
Fri, 02 Feb 2024 22:56:33 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
16 KB
16 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F20616_102.jpg%3F1690266733_2&v=3&w=800&rid=4&s=_-u7zsm4FCjuObotDOnjK1Gr&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9f0ed2cae9c9d417843094637b59345557d8fd859965a8d7f21684c0f7947a40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
16208
expires
Tue, 06 Feb 2024 11:13:16 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
4 KB
4 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F3984_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=LvSGp77XHYM3aCxBW33Fot_a&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
47d28f2d8e65dc2ee8bf14064d39a5915f75fca7c1c91b922f6955fe7fc02f68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
4054
expires
Sat, 03 Feb 2024 15:27:59 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
14 KB
14 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F7%2F7957_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=H3vTFG2Mu-TORbyXV24T3QLl&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ade73d875348d5e8ce1cb2a9f5e022f195a1d6ffefd7ce9ff9234104e87b6002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14118
expires
Tue, 06 Feb 2024 10:15:42 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
16 KB
16 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F2204_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=owQ2WY3CxCFUf4ETDUw4IY-t&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
16076
expires
Fri, 02 Feb 2024 21:55:52 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
4 KB
4 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F11129_102.jpg%3F1636111187_2&v=3&w=800&rid=4&s=aXMKJPSZvpYJHB8wxWoi76_3&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
98a2fbbfdf666c4b875ed5d04436b77dc3890b85788f085967b51bb0305bbee8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
3748
expires
Fri, 02 Feb 2024 22:15:30 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
26 KB
27 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F7%2F11667_102.jpg%3F1640158871_2&v=3&w=800&rid=4&s=lvXcHuGGI8V5qZTQou3bcJwC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f3ee3452ae1fc68639f31d9147cb5fbccf0e04dfa4f12d6845ecc498b5d49fbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
27134
expires
Mon, 05 Feb 2024 20:20:44 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
14 KB
14 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F18413_102.jpg%3F1680159946_2&v=3&w=800&rid=4&s=6GZ-z3UnPHH7JWpJ_vUFM29H&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14338
expires
Sat, 03 Feb 2024 04:47:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
20 KB
21 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7589_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=QvWAiJw45SA2Nxl5GvGoazQu&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
20960
expires
Fri, 02 Feb 2024 13:03:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
11 KB
11 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F23339_102.jpg%3F1704438275_2&v=3&w=800&rid=4&s=TsFiQvcXGYuPDVF0qtsJbS8J&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e0e249f066b2246c068d0869a49a1a2b8f1864685e4e55d392ce990ab1ba20f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
10800
expires
Sat, 10 Feb 2024 04:44:20 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
21 KB
21 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F7531_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=qjhbkznTlPBNKJNj116xXNvu&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
504a4e1f88b4e0516fe561352b7a5583edd6537e59e03fa2664b62561735aafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
21778
expires
Sun, 04 Feb 2024 13:18:16 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
24 KB
24 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F9759_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=DQE5zF_suhnNTq68_gj2IktV&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
abc3e5b7c4f477ff2289ebccbba4d30443495451f9a51c7cb7bd5fca87fbfc4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
24196
expires
Fri, 02 Feb 2024 12:06:46 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
18 KB
19 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F14029_102.jpg%3F1658479634_2&v=3&w=800&rid=4&s=qm8Inl41MB4WyLCMKQqiCCjR&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
49e8e879fc1cfe1de4eb1e19de9237c8254a455f47215b12417f6977f4dd9ade
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
18806
expires
Fri, 02 Feb 2024 21:59:53 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
15 KB
16 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F7%2F9747_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=isLH-aZOaI_JYFgESiQHfOTG&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
09f7dc31b1a1d2f0dcf49f8e4b1779b5cfc564cfb2805d51ff1f2f2ed2a5b3d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
15804
expires
Sat, 03 Feb 2024 00:00:47 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
18 KB
18 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F7%2F7527_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=8wZuJ203LMoUPTU2s6K7AI3h&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d70e04af046ba5fc33949e04e1b673fa261f033aee8fa358650d84cf957daffe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
18234
expires
Fri, 09 Feb 2024 20:01:06 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
17 KB
17 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F2%2F23222_102.jpg%3F1702454389_2&v=3&w=800&rid=4&s=l2pBD7v6lpktHfJMkjvp9ic_&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
280d9680e16e1ad97b29049c284e11537821b737db288039817debb64f13e215
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
17040
expires
Sun, 11 Feb 2024 18:36:52 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
13 KB
13 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F14025_102.jpg%3F1658479261_2&v=3&w=800&rid=4&s=1vbdO2l0MYDnntYR7TSoCxYa&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a579ece73bc58f0116712063b534563b7648f991bd109e62255094863abe4b99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
13086
expires
Tue, 06 Feb 2024 21:32:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
20 KB
21 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F2%2F23342_102.jpg%3F1704438987_2&v=3&w=800&rid=4&s=MVvxGdOXQKk8OI3w5MUZMEes&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cd3781d6a3a8ccc498fad88b4858166b055e1b03be57655019419c8e39732a3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
20986
expires
Sat, 10 Feb 2024 11:32:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
8 KB
9 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F8216_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=tIyaBnyG_Ob7bMhvUoM4r7E6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ce1801f11910c7cbb7938b3f635ab9e4d6a3e0d5c67d3d087fba0f2cd3db94fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
8644
expires
Fri, 02 Feb 2024 12:30:16 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
14 KB
15 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F4705_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=V2vWudnpsY3xSrlyYhOtt5Ap&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4cb763bc5d7e945711d0d89656c54d20307d0c14c9b8845e9bcba37319155601
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14654
expires
Fri, 02 Feb 2024 12:53:16 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
8 KB
9 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F10289_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=8FTw8xYojgkpP_qJ47L5XP6V&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
8586
expires
Fri, 02 Feb 2024 12:47:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
19 KB
19 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F8%2F7878_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=NE87_oOxMVBQolKbGFMoNyLr&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
43bc6e0a3ad31b901cca8daa150674bcbcf50f7459081e74682b9cedaa52974c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
19710
expires
Sat, 03 Feb 2024 03:36:56 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
13 KB
14 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F17750_102.jpg%3F1677655433_2&v=3&w=800&rid=4&s=Htdc7me0JDXFmA-9SVTKQUwg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a9a38d50de9f4fd1650d10c48aa62677962f5da07dcf8942a75525b6fa4567ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
13808
expires
Fri, 02 Feb 2024 12:55:49 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
17 KB
18 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F2200_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=y1FfLT3OIoFUY9BG1dQvcb57&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5c66d67fff1bb62059630c5c49de873b28548398847a2beff2f3f006c4388c86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
17770
expires
Sun, 04 Feb 2024 20:24:17 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
10 KB
10 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F8236_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=P5mhH5gFjmG1_jQYQfekpmb0&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
10070
expires
Fri, 02 Feb 2024 12:26:32 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6D55
6 KB
7 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F8223_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=N_IPs4n-6NE_Daask-3I5aSk&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
434d777ca4d1a2b4712be0f9f2747d871b778b6d833a3241b7de95c69d43472c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
6454
expires
Fri, 02 Feb 2024 12:16:49 GMT
all
csm.eu.criteo.net/ Frame 6D55
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=qFL9U6-nrMDNcxUU3AGRfJn3txI3DOQfe2S-x7lpUZyXcvUT2PIwjs6Hrp_ELiNq7rdvmSvrzvyVPSSZPtUn89kQB5qLek5SmxUzf7oOGMXeMo4KrPGkVOZSUGQ-bnsJWpiD8MHIGuxX9jXSo7Gd0Hq0jkTT2BdJXNpkuhgmSs6tIbYrfxfo3Oz3Vv5B8Zo-AoM3e9nukgIKcSMOznvKpc2kwOe9w5nm-LWsJQrwQM5uco0NTpa5_HIdSl42tBr3RxF_vA&sds=2&rev=90178&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6D55
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Jan 2025 16:09:03 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6D55
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Jan 2025 16:09:03 GMT
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/4.7.5/
120 KB
34 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240116-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60f52d034d5da2c2451a148186beb02c2f464cfd53c5e8bf09c804d3ff1c6ce2

Request headers

Referer
https://thesun.my/
Origin
https://thesun.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 765a91ad9951d0108fc1de53e348bac4.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
731142
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
33988
x-served-by
cache-fra-etou8220078-FRA
last-modified
Sun, 31 Dec 2023 10:01:09 GMT
server
AmazonS3
x-timer
S1705507744.185768,VS0,VE0
etag
"29fffae19b471dcd8c1242f0f49f3381"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
41lGyppiUOUk40b-8KcrnatpiceCPnnHbJ07k0o9CCYeEp6X7o-YfA==
x-cache-hits
8424
userx.20240116-10-RELEASE.es6.js
cdn.taboola.com/libtrc/
18 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20240116-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thesundaily/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c8c81ec732de22eef38a59be9d9eeee0416021f88d76934093e7ad6676255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
pJvcTqz._lhRM4tJNJ.Nmzzz9ihx4E8W
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 Jan 2024 16:09:03 GMT
x-amz-request-id
2GF1WB4C16VBJ7PP
age
103348
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5540
x-amz-id-2
ySrpBjwrZhAZZH38mmkzE7NzbzBRQWRUAY06gxAX6GNEnN0qP+sNqbCG1/QvCHFpzHbdYVQhTKI=
x-served-by
cache-fra-etou8220103-FRA
last-modified
Tue, 16 Jan 2024 11:26:36 GMT
server
AmazonS3
x-timer
S1705507744.927586,VS0,VE0
etag
"ee2febaa6389dd91552eba295cce0e8c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
54817
distance-from-article.20240116-10-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20240116-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thesundaily/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a611239b0171e932d983c83ed344b300a539371827c8773d3fee7e914f84359c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
6EDsD9OfM0EzyKftzkuHMrmu313k9Lmo
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 Jan 2024 16:09:03 GMT
x-amz-request-id
S51RR16PHSW581YY
age
103386
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
EGuKPVL2V8I6pzRaFkUsY3qr+02ZWDhvdROF6L9IPjpzcdxcv+k3qhhzojYuBBArmSUUEMWOCMQ=
x-served-by
cache-fra-etou8220103-FRA
last-modified
Tue, 16 Jan 2024 11:25:58 GMT
server
AmazonS3
x-timer
S1705507744.927732,VS0,VE0
etag
"d1e3b030f0d650d7721c290093dbef7d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
1
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
198247
article-detection.20240116-10-RELEASE.es6.js
cdn.taboola.com/libtrc/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/article-detection.20240116-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thesundaily/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
830f9b2b1e7cef76f805e9a1e77458e158b766d79e59031459699b161222de59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
uxYt7RnKPLqSn2XbiyQ5aSh7P7FsUaAn
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 Jan 2024 16:09:03 GMT
x-amz-request-id
9R6X7Q0SW2JSNMV5
age
103393
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
shv6XOUPxZBQ1+n1aKhsI2t2LM/n0EyEb5nLRgwkdKxMXRTSvsF+4LcywVIoBOR/r++E6LEtNsg=
x-served-by
cache-fra-etou8220103-FRA
last-modified
Tue, 16 Jan 2024 11:25:50 GMT
server
AmazonS3
x-timer
S1705507744.928013,VS0,VE0
etag
"73c4772610641a5b8d39d839d8ab4b7f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
26
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
198279
explore-more.20240116-10-RELEASE.es6.js
cdn.taboola.com/libtrc/
26 KB
8 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/explore-more.20240116-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thesundaily/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d9c77f1f08bdb145365f8e62acfbbaa6740b4bc44495504b1a10cd54d93fe2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
bJpwC_JjfgFZDqPdrbi6IR5_OZKJffF4
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 Jan 2024 16:09:03 GMT
x-amz-request-id
87K9FJ8DZ8Q2ZH3Y
age
103383
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7707
x-amz-id-2
OXwG2eqnBtUtyNegRPTjXPePImqprVjpMluLV5Re+C5jADnRzTjVuH/+zZCnCnLRYDSYt1zn57Q=
x-served-by
cache-fra-etou8220103-FRA
last-modified
Tue, 16 Jan 2024 11:26:01 GMT
server
AmazonS3
x-timer
S1705507744.928374,VS0,VE0
etag
"bfd390fbe66e9971a807eec6598b4ec1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
4
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
78522
feed-card-placeholder.20240116-10-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20240116-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thesundaily/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
337d1faf3071a595281b4aa1576dfb816077055db421988197191e999a15ed5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
_A5Sp0Eo7J4GIafqglHr37mAlgRZ80ZF
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 Jan 2024 16:09:03 GMT
x-amz-request-id
5R13SCSM415Y9YBJ
age
103381
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
rwAX6Vx0XQ1341QM4+8ROAeqt9rrKbtbc7wtHm5jFMibhLKD42NZasLuiSQZnGrws6ur7smvVPo=
x-served-by
cache-fra-etou8220103-FRA
last-modified
Tue, 16 Jan 2024 11:26:03 GMT
server
AmazonS3
x-timer
S1705507744.930960,VS0,VE0
etag
"c61c6b1f0ef5631d735efb58f2c9752e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
31
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
185228
abtests
am-trc-events.taboola.com/thesundaily/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/thesundaily/log/3/abtests?route=AM:AM:V&tvi2=-2&tvi48=-48&tvi50=14585&lti=deflated&ri=4c374e069b71d31685197824f089b651&sd=v2_d003a1a7b4e62cf629ea94da5b983763_3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f_1705507743_1705507743_CNawjgYQ3ZxAGMrNu8HRMSABKAEwODib4wlAiIoQSKvH2QNQ____________AVgAYABom8ObpKOcg8HSAXAA&ui=3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f&pi=/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-gb10007463&wi=3778921354002047568&pt=text&vi=1705507743434&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1705507743891%7D&tim=17%3A09%3A03.892&id=1021&llvl=2&cv=20240116-10-RELEASE&
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 17 Jan 2024 16:09:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/thesundaily/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/thesundaily/log/3/supply-feature?route=AM:AM:V&tvi2=-2&tvi48=-48&tvi50=14585&lti=deflated&ri=4c374e069b71d31685197824f089b651&sd=v2_d003a1a7b4e62cf629ea94da5b983763_3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f_1705507743_1705507743_CNawjgYQ3ZxAGMrNu8HRMSABKAEwODib4wlAiIoQSKvH2QNQ____________AVgAYABom8ObpKOcg8HSAXAA&ui=3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f&pi=/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-gb10007463&wi=3778921354002047568&pt=text&vi=1705507743434&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A09%3A03.924&id=2069&llvl=2&cv=20240116-10-RELEASE&
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 17 Jan 2024 16:09:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
global.js
cdn.innity.net/ Frame 1DF5
2 KB
994 B
Script
General
Full URL
https://cdn.innity.net/global.js
Requested by
Host: as.innity.com
URL: https://as.innity.com/synd/?cb=1705507743442&ver=1&pub=1f9b616faddedc02339603f3b37d196c&zone=65662&output=js_framed&flash=0&url=thesun.my&width=728&height=90&sf=1&vpw=728&vph=90&auction=386cca4-8e915ad&u=aHR0cHM6Ly90aGVzdW4ubXkv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d9947a0d34bb7791699252756f8a742be6c0b169ac673bee4e0a93bc7cb565b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jan 2024 01:55:29 GMT
Server
Apache
ETag
"929-60e00e8d00640-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
622
Expires
Thu, 18 Jan 2024 16:09:04 GMT
bulk-metrics
am-trc-events.taboola.com/thesundaily/log/3/
0
242 B
XHR
General
Full URL
https://am-trc-events.taboola.com/thesundaily/log/3/bulk-metrics?tvi2=-2&tvi48=-48&tvi50=14585&route=AM%3AAM%3AV&lti=deflated&bulkSize=8
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240116-10-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://thesun.my
pragma
no-cache
date
Wed, 17 Jan 2024 16:09:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/thesundaily/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/thesundaily/log/3/abtests?route=AM:AM:V&tvi2=-2&tvi48=-48&tvi50=14585&lti=deflated&ri=4c374e069b71d31685197824f089b651&sd=v2_d003a1a7b4e62cf629ea94da5b983763_3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f_1705507743_1705507743_CNawjgYQ3ZxAGMrNu8HRMSABKAEwODib4wlAiIoQSKvH2QNQ____________AVgAYABom8ObpKOcg8HSAXAA&ui=3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f&pi=/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-gb10007463&wi=3778921354002047568&pt=text&vi=1705507743434&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1705507744038%7D&tim=17%3A09%3A04.038&id=7623&llvl=2&cv=20240116-10-RELEASE&
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 17 Jan 2024 16:09:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
bj21rfhd2qtet50an2qg.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1697090435/
7 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1697090435/bj21rfhd2qtet50an2qg.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7c9ef352fc12c3e51a9d23acfac35d271222260eb4d61c91c95c95fbb7c82135

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1697090435/bj21rfhd2qtet50an2qg.jpg
age
4782529
edge-cache-tag
501428187328839556198077495770540098588,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
cache-tag
501428187328839556198077495770540098588,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
161
expiration
expiry-date="Fri, 15 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://as.com/
content-length
6950
x-served-by
cache-iad-kjyo7100128-IAD, cache-iad-kjyo7100031-IAD, cache-lax-kwhp1940050-LAX, cache-iad-kcgs7200162-IAD, cache-fra-etou8220103-FRA
last-modified
Tue, 14 Nov 2023 12:35:04 GMT
server
nginx
surrogate-reporting
width=240,height=200,bytes=8494,owidth=800,oheight=450,obytes=24305
x-timer
S1705507744.055888,VS0,VE2
etag
"d9ce0130e8e68d8ca474e7643eb62b37"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 82, 1
6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/
6 KB
7 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
da2963449859c331dc341c7c604208a42c75760917d045d278dcd9da358359f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
age
1522260
edge-cache-tag
321194619511491062242132839077726262353,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
cache-tag
321194619511491062242132839077726262353,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
386
req-referer
https://www.weatherpro.com/
content-length
6108
x-request-id
690b39ff107d87fef7b16849e0c9bf36
x-served-by
cache-iad-kiad7000119-IAD, cache-iad-kcgs7200024-IAD, cache-lga21930-LGA, cache-iad-kiad7000064-IAD, cache-fra-etou8220103-FRA
last-modified
Thu, 02 Nov 2023 12:52:38 GMT
server
nginx
surrogate-reporting
width=240,height=200,bytes=8522,owidth=1999,oheight=1249,obytes=185477
x-timer
S1705507744.056297,VS0,VE1
etag
"8202d23fc8630a6ece948941e422d629"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
whatsapp-image-2024-01-15-at-15-21-26-3b4054b9_3801928_20240115155827.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x480/1c85/480d250/none/11808/ISWI/
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x480/1c85/480d250/none/11808/ISWI/whatsapp-image-2024-01-15-at-15-21-26-3b4054b9_3801928_20240115155827.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5eb9f4a7df02745fe67cb8ba11c01e42797f6593727512270506d40f94d0c7d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x480/1c85/480d250/none/11808/ISWI/whatsapp-image-2024-01-15-at-15-21-26-3b4054b9_3801928_20240115155827.jpg
age
200978
edge-cache-tag
336478942932219774368726184454179394469,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag
336478942932219774368726184454179394469,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
627
req-referer
https://thesun.my/
content-length
8696
x-request-id
f48d4de4c3a8a1b990f816914ca2f6f7
x-served-by
cache-iad-kcgs7200092-IAD, cache-iad-kcgs7200135-IAD, cache-lga21979-LGA, cache-iad-kiad7000034-IAD, cache-fra-etou8220103-FRA
last-modified
Mon, 15 Jan 2024 08:03:41 GMT
server
nginx
surrogate-reporting
width=300,height=250,bytes=14292,owidth=480,oheight=250,obytes=17314,ef=(1,13,17,23,30)
x-timer
S1705507744.055935,VS0,VE2
etag
"305655285ac9f7fcd150b4c2578cf463"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2, 1
4c9ebf78f489cc1f36ea940471bf6759.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
8 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c9ebf78f489cc1f36ea940471bf6759.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4e155d10b8c246ac7664b527cb2d3ffd700a0eeb3d0fb8dca5dbaaacf29ff566

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c9ebf78f489cc1f36ea940471bf6759.jpg
age
3448296
edge-cache-tag
378865896203961626020577872561160218257,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
cache-tag
378865896203961626020577872561160218257,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
3723
req-referer
https://www.con-nect.de/
content-length
7816
x-request-id
7667bd53cb3105e965aeb4bc5a20a718
x-served-by
cache-iad-kcgs7200025-IAD, cache-iad-kcgs7200090-IAD, cache-lga21978-LGA, cache-iad-kiad7000096-IAD, cache-fra-etou8220103-FRA
last-modified
Thu, 07 Dec 2023 13:05:49 GMT
server
nginx
surrogate-reporting
width=240,height=200,bytes=14434,owidth=1000,oheight=600,obytes=290002
x-timer
S1705507744.085550,VS0,VE2
etag
"b9a9ac53408aba0cd6fc28b9ffa4054f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
untitled-design-2024-01-15t153232-266_3802674_20240115180009.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/500x250/10c0/480d250/none/11808/YDHV/
13 KB
14 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/500x250/10c0/480d250/none/11808/YDHV/untitled-design-2024-01-15t153232-266_3802674_20240115180009.png
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3e5625cc815d767588a68b7db4993987c7344eaed8ab68476a7571ec4559387a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/500x250/10c0/480d250/none/11808/YDHV/untitled-design-2024-01-15t153232-266_3802674_20240115180009.png
age
193964
edge-cache-tag
399721038253376080802163975823093746140,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag
399721038253376080802163975823093746140,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1635
req-referer
https://thesun.my/
content-length
13360
x-request-id
8215d2eb985fe1d6daf45d4b8325b667
x-served-by
cache-iad-kjyo7100063-IAD, cache-iad-kjyo7100053-IAD, cache-lga21926-LGA, cache-iad-kcgs7200152-IAD, cache-fra-etou8220103-FRA
last-modified
Mon, 15 Jan 2024 10:03:27 GMT
server
nginx
surrogate-reporting
width=300,height=250,bytes=20624,owidth=480,oheight=250,obytes=320267,ef=(1,13,17,23,30)
x-timer
S1705507744.084952,VS0,VE2
etag
"15dccc929c5e757bd639109fd5a07b0a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 8, 1
434fc2aec9c0fc1e01dbd020427d0bd2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
6 KB
7 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/434fc2aec9c0fc1e01dbd020427d0bd2.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5d0d2e62c56e5192215d40a6562530dba8c0d7293e904ec7fb6683bfb1d0f82f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/434fc2aec9c0fc1e01dbd020427d0bd2.jpg
age
1699588
edge-cache-tag
557826513005111748038710872403493155354,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
cache-tag
557826513005111748038710872403493155354,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
522
req-referer
https://www.espn.com/
content-length
6178
x-request-id
5750fc47c64d028c896bacb4039509a9
x-served-by
cache-iad-kcgs7200020-IAD, cache-iad-kiad7000067-IAD, cache-sna10729-LGB, cache-iad-kcgs7200161-IAD, cache-fra-etou8220103-FRA
last-modified
Sun, 03 Sep 2023 14:48:47 GMT
server
nginx
x-timer
S1705507744.084962,VS0,VE0
etag
"e25f35acf16d3a6ffafe2d597fad9382"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 37, 4
kl03-04102023-mahkamah-1_3806902_20240116220316.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x321/0c0/480d250/none/11808/XTOV/
6 KB
7 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x321/0c0/480d250/none/11808/XTOV/kl03-04102023-mahkamah-1_3806902_20240116220316.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
65f19e259ed91ced7fe92470696089572d6fd6e3fe91d365ddfa1fb589c630b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
4
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x321/0c0/480d250/none/11808/XTOV/kl03-04102023-mahkamah-1_3806902_20240116220316.jpg
age
85350
edge-cache-tag
295193414388540639135498964193679620684,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag
295193414388540639135498964193679620684,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1006
req-referer
https://thesun.my/
content-length
5770
x-request-id
dd5f0ed519ea7da94c3379138de6289d
x-served-by
cache-iad-kiad7000029-IAD, cache-iad-kiad7000094-IAD, cache-lga21975-LGA, cache-iad-kjyo7100065-IAD, cache-fra-etou8220103-FRA
last-modified
Tue, 16 Jan 2024 14:08:12 GMT
server
nginx
surrogate-reporting
width=300,height=250,bytes=9314,owidth=480,oheight=250,obytes=15054,ef=(1,13,17,23,30)
x-timer
S1705507744.084852,VS0,VE4
etag
"6b6ec6cfd9e5f99c12e0061137e94e3d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 15, 1
13cf4ee9f6544e9b575142f9df2b2ff7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
8 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13cf4ee9f6544e9b575142f9df2b2ff7.png
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
06ee8213b1028d7761f47e300295a19c3640c3bc9b7c72c58c6effa50179025f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13cf4ee9f6544e9b575142f9df2b2ff7.png
age
2577065
edge-cache-tag
551908199783018227115474329645689920966,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
cache-tag
551908199783018227115474329645689920966,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
345
req-referer
https://meine-gesundheit.net/
content-length
7972
x-request-id
906365d187cc0be0854ea2a5973a5839
x-served-by
cache-iad-kcgs7200057-IAD, cache-iad-kjyo7100038-IAD, cache-lga21979-LGA, cache-iad-kcgs7200173-IAD, cache-fra-etou8220103-FRA
last-modified
Tue, 12 Dec 2023 16:07:04 GMT
server
nginx
surrogate-reporting
width=240,height=200,bytes=11331,owidth=738,oheight=425,obytes=444827,ef=(1,13,17,23,30)
x-timer
S1705507744.110797,VS0,VE2
etag
"41100c5f617bfc4f37f770fa1226b88c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
c8c118b69e382497c7b19dc13938daee.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
18 KB
19 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c8c118b69e382497c7b19dc13938daee.png
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c0b008533de20649e9cee5d20770a5631716ee56164bc7c850e590712c31e0e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c8c118b69e382497c7b19dc13938daee.png
age
142547
edge-cache-tag
494610017814832197978773690907988368707,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
cache-tag
494610017814832197978773690907988368707,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
416
req-referer
https://tiere-pflanzen.de/
content-length
18224
x-request-id
f597ddc824cbdb690fdff43a7b9809ec
x-served-by
cache-iad-kcgs7200092-IAD, cache-iad-kiad7000161-IAD, cache-lga21926-LGA, cache-iad-kcgs7200142-IAD, cache-fra-etou8220103-FRA
last-modified
Mon, 15 Jan 2024 15:20:44 GMT
server
nginx
surrogate-reporting
width=240,height=200,bytes=33419,owidth=1071,oheight=600,obytes=1301137,ef=(1,13,17,23,30)
x-timer
S1705507744.110501,VS0,VE2
etag
"c8ba3357d790a9704dc62a78d38f55dc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 9, 1
kl19-15012024-ponggal_3802705_20240115180155.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x321/1c0/480d250/none/11808/MYQK/
9 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x321/1c0/480d250/none/11808/MYQK/kl19-15012024-ponggal_3802705_20240115180155.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b87e6b848d527a101755853fad5777cb4e6380e7b2a8ee390711dac2a4222c9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x321/1c0/480d250/none/11808/MYQK/kl19-15012024-ponggal_3802705_20240115180155.jpg
age
192153
edge-cache-tag
428212283611545236091831274367636980936,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag
428212283611545236091831274367636980936,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
525
req-referer
https://taboolanews.com/article-page/-512553118865592317?utm_source=taboola&utm_medium=taboola_news&dc_data=2497838_ume-ai-newsfeed-malaysia-en&abv=tn_default_tn_top_aggs&rccv=default-1
content-length
9258
x-request-id
6d834fd67305471155f57393214c0d9d
x-served-by
cache-iad-kcgs7200056-IAD, cache-iad-kjyo7100133-IAD, cache-lga21981-LGA, cache-iad-kjyo7100112-IAD, cache-fra-etou8220103-FRA
last-modified
Mon, 15 Jan 2024 10:03:25 GMT
server
nginx
surrogate-reporting
width=300,height=250,bytes=12602,owidth=480,oheight=250,obytes=20805,ef=(1,13,17,23,30)
x-timer
S1705507744.110764,VS0,VE2
etag
"535b800b2c2a452b12169e0dae2a6cfb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 9, 1
db5c967d-1b87-4cd4-b98f-958a76722f87__hdukXqOq.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/
11 KB
11 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/db5c967d-1b87-4cd4-b98f-958a76722f87__hdukXqOq.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f5c409264f8fe520409571834803643b08e466a5c719bdcc9bf00ec35cf4a5c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/db5c967d-1b87-4cd4-b98f-958a76722f87__hdukXqOq.jpg
age
709277
edge-cache-tag
523413000718795798012805539149049585758,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
cache-tag
523413000718795798012805539149049585758,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
479
req-referer
https://tempest.services.disqus.com/
content-length
10812
x-request-id
3199792915e13a22ed9b2c330e26ca40
x-served-by
cache-iad-kiad7000096-IAD, cache-iad-kcgs7200102-IAD, cache-lga21980-LGA, cache-iad-kcgs7200156-IAD, cache-fra-etou8220103-FRA
last-modified
Sun, 17 Dec 2023 04:00:31 GMT
server
nginx
surrogate-reporting
width=240,height=200,bytes=22314,owidth=1536,oheight=1024,obytes=130154,ef=(1,13,17,23,30)
x-timer
S1705507744.110461,VS0,VE2
etag
"f277340aa2a58a74aab51ee5ee09af0b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
79280268e56616fa784df2786f2f9669.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
9 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/79280268e56616fa784df2786f2f9669.png
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4ac9d4d153e71e993663b8c68942a1c53c272e0c54d0eafb1f6a87526c480df5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/79280268e56616fa784df2786f2f9669.png
age
449826
edge-cache-tag
521622342012336946996929289516489051908,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
cache-tag
521622342012336946996929289516489051908,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
470
req-referer
https://stpauli24.mopo.de/
content-length
9146
x-request-id
8b730b4726955f70acb48f25d710cffa
x-served-by
cache-iad-kjyo7100106-IAD, cache-iad-kjyo7100055-IAD, cache-lax-kwhp1940104-LAX, cache-iad-kjyo7100074-IAD, cache-fra-etou8220103-FRA
last-modified
Sun, 07 Jan 2024 12:10:04 GMT
server
nginx
surrogate-reporting
width=240,height=200,bytes=13587,owidth=1200,oheight=800,obytes=1666013,ef=(1,13,17,23,30)
x-timer
S1705507744.110482,VS0,VE3
etag
"95a696a2eb7571c634ccdeab65f41845"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
untitled-design-2024-01-15t142415-616_3801478_20240115150958.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/500x250/10c0/480d250/none/11808/VDHV/
9 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/500x250/10c0/480d250/none/11808/VDHV/untitled-design-2024-01-15t142415-616_3801478_20240115150958.png
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1b1997cf0a1e96bc2873304ee23745ae7e9f51f6e5e556272f501f1e182763a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/500x250/10c0/480d250/none/11808/VDHV/untitled-design-2024-01-15t142415-616_3801478_20240115150958.png
age
203329
edge-cache-tag
543655390469788148249155303067493466764,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag
543655390469788148249155303067493466764,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1050
req-referer
https://thesun.my/
content-length
9486
x-request-id
ce7d0ed0d862c3c4b55061f8f30458ee
x-served-by
cache-iad-kjyo7100033-IAD, cache-iad-kiad7000124-IAD, cache-lga21964-LGA, cache-iad-kcgs7200178-IAD, cache-fra-etou8220103-FRA
last-modified
Mon, 15 Jan 2024 07:15:36 GMT
server
nginx
surrogate-reporting
width=300,height=250,bytes=14507,owidth=480,oheight=250,obytes=315846,ef=(1,13,17,23,30)
x-timer
S1705507744.110441,VS0,VE1
etag
"d74d2cf8ee7a4a2ae1be5c34088b9a28"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
18790e58f57d47760030734432021eda.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_674%2Cx_163%2Cy_20/c_fill%2Cw_240%2Ch_200/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
3 KB
4 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_674%2Cx_163%2Cy_20/c_fill%2Cw_240%2Ch_200/http%3A//cdn.taboola.com/libtrc/static/thumbnails/18790e58f57d47760030734432021eda.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e73d30f01ee8f986b061bab0895b1c05964d7d2906f353ebde1e97acf87d856c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_674%2Cx_163%2Cy_20/c_fill%2Cw_240%2Ch_200/http%3A//cdn.taboola.com/libtrc/static/thumbnails/18790e58f57d47760030734432021eda.jpg
age
858689
edge-cache-tag
610445997369846770784393718942675567562,486999562597580064351005853133941092451,29ecf9b93bbf306179626feeda1fab70
cache-tag
610445997369846770784393718942675567562,486999562597580064351005853133941092451,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
303
req-referer
http://doggotv.com/
content-length
3582
x-request-id
fac3b6ae68dec73ddada1a4b9fd2bdbb
x-served-by
cache-iad-kcgs7200044-IAD, cache-iad-kcgs7200078-IAD, cache-lga21962-LGA, cache-iad-kcgs7200154-IAD, cache-fra-etou8220103-FRA
last-modified
Sun, 07 Jan 2024 07:54:13 GMT
server
nginx
surrogate-reporting
width=240,height=200,bytes=6773,owidth=1000,oheight=602,obytes=99151,ef=(1,13,17,23,30)
x-timer
S1705507744.121029,VS0,VE1
etag
"89638f7db87796dfa7a4e708a71d0556"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3, 1
france-overseas-la-reunion-weather-cyclone-belal-112101_3803704_20240115213456.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x320/0c35/480d250/none/11808/AXKC/
6 KB
7 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x320/0c35/480d250/none/11808/AXKC/france-overseas-la-reunion-weather-cyclone-belal-112101_3803704_20240115213456.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7c065d0e9608ec56c2a5c90d2288d455d2de645bfe0e87adfb975acc402d5c76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x320/0c35/480d250/none/11808/AXKC/france-overseas-la-reunion-weather-cyclone-belal-112101_3803704_20240115213456.jpg
age
179891
edge-cache-tag
318829159344458166391943252540214043979,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag
318829159344458166391943252540214043979,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
477
req-referer
https://thesun.my/
content-length
6056
x-request-id
9609ac2bd8a6906a3f8a4658bb57fd18
x-served-by
cache-iad-kcgs7200078-IAD, cache-iad-kcgs7200155-IAD, cache-ewr18139-EWR, cache-iad-kcgs7200141-IAD, cache-fra-etou8220103-FRA
last-modified
Mon, 15 Jan 2024 13:39:44 GMT
server
nginx
surrogate-reporting
width=300,height=250,bytes=8377,owidth=480,oheight=250,obytes=14723,ef=(1,13,17,23,30)
x-timer
S1705507744.127396,VS0,VE2
etag
"5cb452a2a07aa534333f401666e1c46e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 23, 1
12a429efe48683c15a5c76c3e63b5e6a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
10 KB
11 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12a429efe48683c15a5c76c3e63b5e6a.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3ab0ee388c972cc6e2c2003d9be8a8dd878fb6028257ffac6111362a1c7452d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12a429efe48683c15a5c76c3e63b5e6a.jpg
age
4256778
edge-cache-tag
319579086768286949893090376377078973833,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
cache-tag
319579086768286949893090376377078973833,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
143
expiration
expiry-date="Tue, 17 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://ads.taboola.com/
content-length
10102
x-served-by
cache-iad-kjyo7100050-IAD, cache-iad-kiad7000069-IAD, cache-iad-kcgs7200124-IAD, cache-fra-etou8220103-FRA
last-modified
Sat, 16 Sep 2023 16:01:59 GMT
server
nginx
surrogate-reporting
width=240,height=200,bytes=13612,owidth=804,oheight=400,obytes=91788
x-timer
S1705507744.127614,VS0,VE1
etag
"5a8b39bdfa5d11f80d23dd7627f7144e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 3, 1
f489b829-2efd-463f-b2e8-bbd12df1d5c1__vl0p3EEs.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/
9 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f489b829-2efd-463f-b2e8-bbd12df1d5c1__vl0p3EEs.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f8789be6fecc9a96c3d3d6c73d5df021870ba7b31a72d7e8addb11ff88ca7419

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f489b829-2efd-463f-b2e8-bbd12df1d5c1__vl0p3EEs.jpg
age
3319619
edge-cache-tag
610116397495238388815170070626688038616,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
cache-tag
610116397495238388815170070626688038616,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
175
expiration
expiry-date="Sun, 31 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.portafolio.co/
content-length
9322
x-served-by
cache-iad-kiad7000022-IAD, cache-iad-kjyo7100020-IAD, cache-lax-kwhp1940034-LAX, cache-iad-kiad7000157-IAD, cache-fra-etou8220103-FRA
last-modified
Thu, 30 Nov 2023 20:50:41 GMT
server
nginx
surrogate-reporting
width=240,height=200,bytes=13814,owidth=1999,oheight=1329,obytes=201228
x-timer
S1705507744.127340,VS0,VE1
etag
"81dfd411fbaa0dcf8b4a6987746eba08"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 20, 1
presma-police-reports_3799910_20240115072805.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x354/0c52/480d250/none/11808/LHTR/
13 KB
14 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x354/0c52/480d250/none/11808/LHTR/presma-police-reports_3799910_20240115072805.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f3e7b6b79d1d8ee931d157927f8e653279a8b72ec7b4b2fce43683a02229000f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x354/0c52/480d250/none/11808/LHTR/presma-police-reports_3799910_20240115072805.jpg
age
228173
edge-cache-tag
499555348070285639489673346275777810694,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag
499555348070285639489673346275777810694,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
606
req-referer
https://taboolanews.com/article-page/-3058355430102093185?utm_source=taboola&utm_medium=taboola_news&dc_data=18690271_vivo-search-malaysia-english&abv=tn_default_tn_top_aggs&rccv=default-1
content-length
13200
x-request-id
f1208c00f1dbd78d13f16deb5963807c
x-served-by
cache-iad-kiad7000138-IAD, cache-iad-kjyo7100048-IAD, cache-iad-kjyo7100172-IAD, cache-fra-etou8220103-FRA
last-modified
Sun, 14 Jan 2024 23:32:28 GMT
server
nginx
surrogate-reporting
width=300,height=250,bytes=18592,owidth=480,oheight=250,obytes=28740,ef=(1,13,17,23,30)
x-timer
S1705507744.127313,VS0,VE1
etag
"471333191e717125ffbf43683f5276ef"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3, 1
a18eec48eb58998c8bf2704e1217898c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
10 KB
11 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a18eec48eb58998c8bf2704e1217898c.png
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ee052f31434a58a1ab8ba03cc8d6855f92333384310d58c7da919f70ca514b32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a18eec48eb58998c8bf2704e1217898c.png
age
2789593
edge-cache-tag
414138139010776216537844841893821256316,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
cache-tag
414138139010776216537844841893821256316,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
40
expiration
expiry-date="Sun, 07 Jan 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.fanatik.com.tr/
content-length
10688
x-served-by
cache-iad-kjyo7100025-IAD, cache-iad-kjyo7100138-IAD, cache-ewr18160-EWR, cache-iad-kcgs7200081-IAD, cache-fra-etou8220103-FRA
last-modified
Thu, 07 Dec 2023 11:07:04 GMT
server
nginx
surrogate-reporting
width=240,height=200,bytes=14784,owidth=1920,oheight=1080,obytes=3763679
x-timer
S1705507744.127283,VS0,VE2
etag
"48c07018bb665f21625e92b194788a45"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 16, 1
pk01-17012024-mahkamah_3808792_20240117173031.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x351/0c51/480d250/none/11808/DXXL/
7 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x351/0c51/480d250/none/11808/DXXL/pk01-17012024-mahkamah_3808792_20240117173031.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
693e102d7c8e34fc497f3172a2010feae6d5509babdc4d9d22c627b38072d2a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x351/0c51/480d250/none/11808/DXXL/pk01-17012024-mahkamah_3808792_20240117173031.jpg
age
23570
edge-cache-tag
431712340514197053425715197196746355126,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag
431712340514197053425715197196746355126,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
548
req-referer
https://thesun.my/
content-length
6996
x-request-id
d7da9937b1f84d7f66e59d4d009bb61c
x-served-by
cache-iad-kiad7000156-IAD, cache-iad-kcgs7200094-IAD, cache-lga21969-LGA, cache-iad-kiad7000025-IAD, cache-fra-etou8220103-FRA
last-modified
Wed, 17 Jan 2024 09:35:47 GMT
server
nginx
surrogate-reporting
width=300,height=250,bytes=10712,owidth=480,oheight=250,obytes=16026,ef=(1,13,17,23,30)
x-timer
S1705507744.143491,VS0,VE2
etag
"69e31657bad68faf0e5723732f092f0b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 1
whatsapp-image-2024-01-15-at-15-21-26-3b4054b9_3801928_20240115155827.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x480/1c85/480d250/none/11808/ISWI/
32 KB
33 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x480/1c85/480d250/none/11808/ISWI/whatsapp-image-2024-01-15-at-15-21-26-3b4054b9_3801928_20240115155827.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b0aa9e20eb139653a669332f164e1db0cfa7efce8e65b1767a44421c9b9bf4f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
106
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x480/1c85/480d250/none/11808/ISWI/whatsapp-image-2024-01-15-at-15-21-26-3b4054b9_3801928_20240115155827.jpg
age
195928
edge-cache-tag
336478942932219774368726184454179394469,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
336478942932219774368726184454179394469,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, HIT, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
904
req-referer
https://thesun.my/
content-length
32744
x-request-id
ecc04ebf6e367e3dcd948d14c65429c4
x-served-by
cache-iad-kiad7000145-IAD, cache-iad-kjyo7100130-IAD, cache-lax-kwhp1940033-LAX, cache-iad-kiad7000085-IAD, cache-fra-etou8220103-FRA
last-modified
Mon, 15 Jan 2024 08:03:41 GMT
server
nginx
surrogate-reporting
width=1260,height=630,bytes=57935,owidth=480,oheight=250,obytes=17314,ef=(1,13,17,23,30)
x-timer
S1705507744.145087,VS0,VE106
etag
"97ee6ea9bbe280503c61997dc5b1aec0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 1, 0
untitled-design-2024-01-15t153232-266_3802674_20240115180009.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/500x250/10c0/480d250/none/11808/YDHV/
53 KB
54 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/500x250/10c0/480d250/none/11808/YDHV/untitled-design-2024-01-15t153232-266_3802674_20240115180009.png
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e773fec2e08baf2f3853d290a740be45d9700a208a619021934a3c60801e790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
106
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/500x250/10c0/480d250/none/11808/YDHV/untitled-design-2024-01-15t153232-266_3802674_20240115180009.png
age
138234
edge-cache-tag
399721038253376080802163975823093746140,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
399721038253376080802163975823093746140,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
1801
req-referer
https://thesun.my/
content-length
54618
x-request-id
244670f75b34615fd3d4cffa6cb4a923
x-served-by
cache-iad-kcgs7200028-IAD, cache-iad-kcgs7200129-IAD, cache-lga21966-LGA, cache-iad-kiad7000061-IAD, cache-fra-etou8220103-FRA
last-modified
Mon, 15 Jan 2024 10:03:27 GMT
server
nginx
surrogate-reporting
width=1260,height=630,bytes=84950,owidth=480,oheight=250,obytes=320267,ef=(1,13,17,23,30)
x-timer
S1705507744.145484,VS0,VE106
etag
"a31ca06e74371b106fde20dff3480ba4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 8, 0
kl03-04102023-mahkamah-1_3806902_20240116220316.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x321/0c0/480d250/none/11808/XTOV/
25 KB
26 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x321/0c0/480d250/none/11808/XTOV/kl03-04102023-mahkamah-1_3806902_20240116220316.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
051b1cb88ffa0a40cad90fb5652eab8866ff72cd05d8c7763cf46b56577734a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
92
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x321/0c0/480d250/none/11808/XTOV/kl03-04102023-mahkamah-1_3806902_20240116220316.jpg
age
76529
edge-cache-tag
295193414388540639135498964193679620684,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
295193414388540639135498964193679620684,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
1328
req-referer
https://thesun.my/
content-length
25904
x-request-id
7d1a35d453f8dba32859243d64be2190
x-served-by
cache-iad-kiad7000114-IAD, cache-iad-kiad7000053-IAD, cache-lga21933-LGA, cache-iad-kcgs7200174-IAD, cache-fra-etou8220103-FRA
last-modified
Tue, 16 Jan 2024 14:08:12 GMT
server
nginx
surrogate-reporting
width=1260,height=630,bytes=48511,owidth=480,oheight=250,obytes=15054,ef=(1,13,17,23,30)
x-timer
S1705507744.145493,VS0,VE92
etag
"25fd202f785b1754065d2f8913e66192"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 6, 0
kl19-15012024-ponggal_3802705_20240115180155.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x321/1c0/480d250/none/11808/MYQK/
40 KB
41 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x321/1c0/480d250/none/11808/MYQK/kl19-15012024-ponggal_3802705_20240115180155.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8bffb9d8bd43de44cc1dc1f5eb082ff3c5a9e66d2398e40bbb4ec5ea5a8c428a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
92
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x321/1c0/480d250/none/11808/MYQK/kl19-15012024-ponggal_3802705_20240115180155.jpg
age
165750
edge-cache-tag
428212283611545236091831274367636980936,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
428212283611545236091831274367636980936,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
1159
req-referer
https://thesun.my/
content-length
41250
x-request-id
7b8e684a75a13fead5fdcac2e6b8e78c
x-served-by
cache-iad-kjyo7100176-IAD, cache-iad-kcgs7200026-IAD, cache-lga21961-LGA, cache-iad-kjyo7100096-IAD, cache-fra-etou8220103-FRA
last-modified
Mon, 15 Jan 2024 10:03:25 GMT
server
nginx
surrogate-reporting
width=1260,height=630,bytes=68844,owidth=480,oheight=250,obytes=20805,ef=(1,13,17,23,30)
x-timer
S1705507744.146098,VS0,VE92
etag
"1b1086405da2b92975d2c83fcac80cab"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 7, 0
untitled-design-2024-01-15t142415-616_3801478_20240115150958.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/500x250/10c0/480d250/none/11808/VDHV/
26 KB
27 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/500x250/10c0/480d250/none/11808/VDHV/untitled-design-2024-01-15t142415-616_3801478_20240115150958.png
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b41bd12003814e69c0fd0fb82bf2e9c7f52424507d9fab42ee9f6f3923d11e23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
98
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/500x250/10c0/480d250/none/11808/VDHV/untitled-design-2024-01-15t142415-616_3801478_20240115150958.png
age
202403
edge-cache-tag
543655390469788148249155303067493466764,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
543655390469788148249155303067493466764,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
2901
req-referer
https://thesun.my/
content-length
26640
x-request-id
4a66e11f715565fbc6d5f541616b535c
x-served-by
cache-iad-kcgs7200050-IAD, cache-iad-kcgs7200177-IAD, cache-lax-kwhp1940072-LAX, cache-iad-kcgs7200143-IAD, cache-fra-etou8220103-FRA
last-modified
Mon, 15 Jan 2024 07:15:36 GMT
server
nginx
surrogate-reporting
width=480,height=240,bytes=22230,owidth=480,oheight=250,obytes=315846,ef=(1,13,17,23,30)
x-timer
S1705507744.146090,VS0,VE98
etag
"9ea7b81db74ca2a1cde1089ec9e8f06b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 7, 0
6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/
37 KB
38 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0e1ec6a3c61a7364f67590dc873dfd7b1cf684800963b6f5ed0d2dbc0a830a8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
age
2491964
edge-cache-tag
321194619511491062242132839077726262353,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
321194619511491062242132839077726262353,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, HIT, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
335
req-referer
https://www.t-online.de/
content-length
37920
x-request-id
c793467015b1bdc078af6af94dbb7ac1
x-served-by
cache-iad-kiad7000041-IAD, cache-iad-kjyo7100116-IAD, cache-lga21937-LGA, cache-iad-kjyo7100124-IAD, cache-fra-etou8220103-FRA
last-modified
Thu, 02 Nov 2023 12:52:38 GMT
server
nginx
surrogate-reporting
width=1999,height=1110,bytes=139265,owidth=1999,oheight=1249,obytes=185477
x-timer
S1705507744.169704,VS0,VE2
etag
"23df71d69a6a0c73dd1cd5aec68f4d74"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 0, 1
4c9ebf78f489cc1f36ea940471bf6759.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
42 KB
43 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c9ebf78f489cc1f36ea940471bf6759.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f78d287b6f09ec1d12a4d7441180fd68c3b170e0c62317a0aabcaf6631d14827

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c9ebf78f489cc1f36ea940471bf6759.jpg
age
2893244
edge-cache-tag
378865896203961626020577872561160218257,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
378865896203961626020577872561160218257,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
203
req-referer
https://www.derwesten.de/
content-length
42996
x-request-id
e1acd793fae768d980482439f1bb8809
x-served-by
cache-iad-kjyo7100056-IAD, cache-iad-kiad7000050-IAD, cache-lga21967-LGA, cache-iad-kjyo7100124-IAD, cache-fra-etou8220103-FRA
last-modified
Thu, 07 Dec 2023 13:05:49 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=88463,owidth=1000,oheight=600,obytes=290002
x-timer
S1705507744.184207,VS0,VE1
etag
"ed9c07ff3ca0ddddc4d02cdb01c56477"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 1
france-overseas-la-reunion-weather-cyclone-belal-112101_3803704_20240115213456.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x320/0c35/480d250/none/11808/AXKC/
17 KB
18 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x320/0c35/480d250/none/11808/AXKC/france-overseas-la-reunion-weather-cyclone-belal-112101_3803704_20240115213456.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e5b1213f49ab58534490188196fc12a7c6be2c062d24bf31203a635058996c8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
89
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x320/0c35/480d250/none/11808/AXKC/france-overseas-la-reunion-weather-cyclone-belal-112101_3803704_20240115213456.jpg
age
181699
edge-cache-tag
318829159344458166391943252540214043979,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
318829159344458166391943252540214043979,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time
723
req-referer
https://thesun.my/
content-length
17002
x-request-id
687007b9cf2754cf92943b774875ecbf
x-served-by
cache-iad-kiad7000099-IAD, cache-iad-kjyo7100062-IAD, cache-lga21970-LGA, cache-iad-kjyo7100123-IAD, cache-fra-etou8220103-FRA
last-modified
Mon, 15 Jan 2024 13:39:44 GMT
server
nginx
surrogate-reporting
width=449,height=250,bytes=13139,owidth=480,oheight=250,obytes=14723,ef=(1,13,17,23,30)
x-timer
S1705507744.207107,VS0,VE89
etag
"993da6957c4f4fce313c0fa6094d38bc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 10, 0
presma-police-reports_3799910_20240115072805.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x354/0c52/480d250/none/11808/LHTR/
37 KB
38 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x354/0c52/480d250/none/11808/LHTR/presma-police-reports_3799910_20240115072805.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4f3a21b94730cfdb31d07af19fb375d60f58deebda84da82411b7ea2ffae1538

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
96
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x354/0c52/480d250/none/11808/LHTR/presma-police-reports_3799910_20240115072805.jpg
age
232514
edge-cache-tag
499555348070285639489673346275777810694,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
499555348070285639489673346275777810694,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
614
req-referer
https://thesun.my/
content-length
37540
x-request-id
5ba1b795d39ab4c8bb878e5e60f713e7
x-served-by
cache-iad-kcgs7200089-IAD, cache-iad-kjyo7100150-IAD, cache-ewr18145-EWR, cache-iad-kiad7000071-IAD, cache-fra-etou8220103-FRA
last-modified
Sun, 14 Jan 2024 23:32:28 GMT
server
nginx
surrogate-reporting
width=449,height=250,bytes=27874,owidth=480,oheight=250,obytes=28740,ef=(1,13,17,23,30)
x-timer
S1705507744.291044,VS0,VE96
etag
"135e1c55ac78e5c6541adce7783d8e2b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 20, 0
pk01-17012024-mahkamah_3808792_20240117173031.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x351/0c51/480d250/none/11808/DXXL/
17 KB
17 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x351/0c51/480d250/none/11808/DXXL/pk01-17012024-mahkamah_3808792_20240117173031.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6ac8d06870be3a22f2f5e8be165018750d04e81f201747889d94788bc7d233f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
92
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x351/0c51/480d250/none/11808/DXXL/pk01-17012024-mahkamah_3808792_20240117173031.jpg
age
22257
edge-cache-tag
431712340514197053425715197196746355126,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
431712340514197053425715197196746355126,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
1019
req-referer
https://thesun.my/
content-length
16970
x-request-id
b4ae24ff9fe6be987549ff4893104a8d
x-served-by
cache-iad-kjyo7100038-IAD, cache-iad-kiad7000132-IAD, cache-lax-kwhp1940050-LAX, cache-iad-kjyo7100118-IAD, cache-fra-etou8220103-FRA
last-modified
Wed, 17 Jan 2024 09:35:47 GMT
server
nginx
surrogate-reporting
width=449,height=250,bytes=15294,owidth=480,oheight=250,obytes=16026,ef=(1,13,17,23,30)
x-timer
S1705507744.291031,VS0,VE92
etag
"9c3c1a8f6f2ea48b68765d3e37c9a41f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 4, 0
4ad00gma_3807358_20240117073813.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x369/0c0/480d250/none/11808/ABOJ/
25 KB
26 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x369/0c0/480d250/none/11808/ABOJ/4ad00gma_3807358_20240117073813.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
171a1d48baf3c3548f653d4e06c7f2ac816da0aa587cbcb152f3b73034dc1cd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
91
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x369/0c0/480d250/none/11808/ABOJ/4ad00gma_3807358_20240117073813.jpg
age
59183
edge-cache-tag
401902450950132572007750718022919221209,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
401902450950132572007750718022919221209,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
591
req-referer
https://thesun.my/
content-length
25938
x-request-id
1c1b30dd2ea0c00247a209d6fbad43d2
x-served-by
cache-iad-kiad7000118-IAD, cache-iad-kcgs7200132-IAD, cache-lga21951-LGA, cache-iad-kcgs7200177-IAD, cache-fra-etou8220103-FRA
last-modified
Tue, 16 Jan 2024 23:42:41 GMT
server
nginx
surrogate-reporting
width=449,height=250,bytes=16139,owidth=480,oheight=250,obytes=15871,ef=(1,13,17,23,30)
x-timer
S1705507744.301711,VS0,VE91
etag
"1d2185f4bc93e03f65233ee061cfc3c6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3, 6, 0
imgonline-com-ua-twotoone-zuj0jnlqyby6iv1_3804220_20240116105634.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x404/0c147/480d250/none/11808/TIJH/
52 KB
53 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x404/0c147/480d250/none/11808/TIJH/imgonline-com-ua-twotoone-zuj0jnlqyby6iv1_3804220_20240116105634.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d93c365c5555a6ad59e69530c20607440b8009b1eb1b5d30f42e165107c8616d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x404/0c147/480d250/none/11808/TIJH/imgonline-com-ua-twotoone-zuj0jnlqyby6iv1_3804220_20240116105634.jpg
age
132838
edge-cache-tag
556968074012541107954302544930131036483,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
556968074012541107954302544930131036483,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
581
req-referer
https://thesun.my/
content-length
52982
x-request-id
04f128e295df227110dc49883ef23ac1
x-served-by
cache-iad-kjyo7100152-IAD, cache-iad-kiad7000157-IAD, cache-lga21968-LGA, cache-iad-kcgs7200161-IAD, cache-fra-etou8220103-FRA
last-modified
Tue, 16 Jan 2024 02:59:41 GMT
server
nginx
surrogate-reporting
width=449,height=250,bytes=24964,owidth=480,oheight=250,obytes=26934,ef=(1,13,17,23,30)
x-timer
S1705507744.315796,VS0,VE94
etag
"74cad8f8a45e762ce3b2de74ccaf7c31"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 7, 0
434fc2aec9c0fc1e01dbd020427d0bd2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
20 KB
20 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/434fc2aec9c0fc1e01dbd020427d0bd2.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
95f6b74dff3c2ff6913590cdb45b955528e9771e813f90799da66708c45ab260

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/434fc2aec9c0fc1e01dbd020427d0bd2.jpg
age
2670342
edge-cache-tag
557826513005111748038710872403493155354,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
557826513005111748038710872403493155354,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
569
req-referer
https://www.tag24.de/
content-length
20222
x-request-id
4940edcd04c9274107f29a723fde41d1
x-served-by
cache-iad-kiad7000030-IAD, cache-iad-kiad7000142-IAD, cache-iad-kiad7000108-IAD, cache-fra-etou8220103-FRA
last-modified
Sun, 03 Sep 2023 14:48:47 GMT
server
nginx
x-timer
S1705507744.349528,VS0,VE0
etag
"1719ad11d717fb702d34224cd475efd5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 118, 2
c8c118b69e382497c7b19dc13938daee.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
82 KB
83 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c8c118b69e382497c7b19dc13938daee.png
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4df769208278724f884dd039f76860f619d97f908d6c910483ff2e9ff2af1c62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c8c118b69e382497c7b19dc13938daee.png
age
175699
edge-cache-tag
494610017814832197978773690907988368707,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
494610017814832197978773690907988368707,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
263
req-referer
https://www.t-online.de/
content-length
83900
x-request-id
879c438cf7113ef0cfd5d99d55dbf630
x-served-by
cache-iad-kcgs7200153-IAD, cache-iad-kiad7000179-IAD, cache-lax-kwhp1940025-LAX, cache-iad-kiad7000106-IAD, cache-fra-etou8220103-FRA
last-modified
Mon, 15 Jan 2024 15:20:44 GMT
server
nginx
surrogate-reporting
width=1071,height=595,bytes=141120,owidth=1071,oheight=600,obytes=1301137,ef=(1,13,17,23,30)
x-timer
S1705507744.377173,VS0,VE2
etag
"896b4f314da9f0365a6b3cbd55181e17"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 1
court-afp_3809111_20240117182610.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x320/0c35/480d250/none/11808/SDGA/
17 KB
18 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x320/0c35/480d250/none/11808/SDGA/court-afp_3809111_20240117182610.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ab560b2054c261dbecc0c28aec8c9c9dfdbcbd25f3328405e93629853b61ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
92
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x320/0c35/480d250/none/11808/SDGA/court-afp_3809111_20240117182610.jpg
age
18848
edge-cache-tag
348989212685078170529043372594269794548,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
348989212685078170529043372594269794548,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time
810
req-referer
https://thesun.my/
content-length
17838
x-request-id
25c7ddf843fc72d28c3e3f72c6a951c7
x-served-by
cache-iad-kjyo7100020-IAD, cache-iad-kcgs7200083-IAD, cache-lga21930-LGA, cache-iad-kiad7000129-IAD, cache-fra-etou8220103-FRA
last-modified
Wed, 17 Jan 2024 10:30:23 GMT
server
nginx
surrogate-reporting
width=449,height=250,bytes=11668,owidth=480,oheight=250,obytes=12240,ef=(1,13,17,23,30)
x-timer
S1705507744.402503,VS0,VE92
etag
"7760e8dcb7e2f88aa75e73d83814edda"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 3, 0
judge-gavel-309290-20190415161029-1027304-20200318100109_3802885_20240115183324.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x270/0c10/480d250/none/11808/VPJS/
22 KB
23 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x270/0c10/480d250/none/11808/VPJS/judge-gavel-309290-20190415161029-1027304-20200318100109_3802885_20240115183324.jpg
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1e95a96223d20389eec4b2e191950f84fa5e14acdb98dcce20337c1cbd38df13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
91
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thesun.my/binrepository/480x270/0c10/480d250/none/11808/VPJS/judge-gavel-309290-20190415161029-1027304-20200318100109_3802885_20240115183324.jpg
age
192605
edge-cache-tag
562787608620600323853411093083018925101,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
562787608620600323853411093083018925101,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
649
req-referer
https://thesun.my/
content-length
22536
x-request-id
b6d2bc54a8b94fe2f04c45c7c6cfe4b9
x-served-by
cache-iad-kjyo7100160-IAD, cache-iad-kiad7000038-IAD, cache-lga21966-LGA, cache-iad-kiad7000051-IAD, cache-fra-etou8220103-FRA
last-modified
Mon, 15 Jan 2024 10:36:59 GMT
server
nginx
surrogate-reporting
width=449,height=250,bytes=13862,owidth=480,oheight=250,obytes=14854,ef=(1,13,17,23,30)
x-timer
S1705507744.406475,VS0,VE91
etag
"be101cab239ed2f443d6313de866ad15"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 11, 0
/
avd.innity.com/dc/cb/ Frame E92D
59 B
548 B
Script
General
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
1aba0ac1c69bba2a8057b9e9564b302bdcbd059b864e8f370874220e3d0af8ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 16:09:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Jan 2024 16:09:04 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
79
Expires
Wed, 04 Aug 1985 12:59:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6A23
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CIFxKnvunZc6tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_Q2MKEuMlFxGNIQ36w3y5b-JvjqJoYsEd1XKuPMiy8P15G0WOeQbrubkxNuPi6soiPjaOdj0_77-OK0L2-XuFD6oNXjFuSrp5l_Y3Q44SXKA_V7Cw7fQn9SA6i1w1ty3iMuJ0I1_JjnivkaELUj2mK2KJTcntyraCO6400GX4IFO1dEhx5TIiYfHpeuZ_ZsllqOeRGYP5fCZefbspLmmJBPksZIWY1JrGLoZUn6gn_wMKbNCkOXFLWR4b_EJbkjrmstLps5l33HbN5WIft8Gz0hUPmWESjvhbNW5EtSORu_VeXAu7ylAmHwFFA00lVvsdLD_blL9aECXaR_Qy_OVYFTExwLlmUmzC9lZ7vkidtlTLHohLzPYFY6JDcaMcXIQDBGnOSnZQtbxhHF7Di6XTmW7Cau6vpa8-DybtT9EBoj_NxVaNV_2awDYVaJGXwrmAatDqdwrqzwOJx-IDJ4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwOACgP6CwIIAYAMAeINEwiGhqm55-SDAxV6p4MHHcxrBefQFQGAFwGyFxwKGhIUcHViLTY0ODAwNTQ0ODA0Nzg4NDAYv8QS&sigh=kmMUSQTh6d8&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_bALN9Z7Q7P53cm2WnOLuch84gAHthy6vUpDWpYqIqOKrBgxMTvGv49qMht-E32MCqLW5rYWY3YEMIAl0lDHJwWZE2BV0Rzz28EsYAQ&cbvp=2&vis=1
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 6A23
0
126 B
Image
General
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=ko7EGMc1rAL6AZ2DYgICAAAAtaA-fJ93vC4JOY7bEJ37p2VQV_pBWSCp-ZfAAAASAAAKCkFRVUJEd0VCRHc&wp=Zaf7ngALFs4Hg6d6AAVrzDj7O3ZwOdeWBfZNQA&cbvp=2
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:03 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
157777
server
Kestrel
content-length
0
css
fonts.googleapis.com/
100 KB
6 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.LIqc41BJ5a0.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx-Hs0eiopJhgDZxv-jwMMm8fYViw/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8354d043bdebec71c66c058e88ecc6f032f98e2dad2c9efe882a39e01619f101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Jan 2024 16:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 16:09:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Jan 2024 16:09:04 GMT
6xgDWorMv7FtBtHcjkWAYK_Odjo-ASTEIOwBQ8h7EyvwzpUmMpv8_JP8jrk9anr1oWEsZvgA6jDDxamO3ewyO7EUQQd31YiK0u63Qxn3_QwTSarLDHa3=h60
lh3.googleusercontent.com/
2 KB
3 KB
Image
General
Full URL
https://lh3.googleusercontent.com/6xgDWorMv7FtBtHcjkWAYK_Odjo-ASTEIOwBQ8h7EyvwzpUmMpv8_JP8jrk9anr1oWEsZvgA6jDDxamO3ewyO7EUQQd31YiK0u63Qxn3_QwTSarLDHa3=h60
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
abe835f857e3a5616be778b677a40f00b692bec42b5cb6bd742577790d82cf38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 13:28:18 GMT
x-content-type-options
nosniff
age
9646
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2401
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 18 Jan 2024 13:28:18 GMT
innity.js
media.innity.net/lib/ Frame 1DF5
4 KB
2 KB
Script
General
Full URL
https://media.innity.net/lib/innity.js
Requested by
Host: cdn.innity.net
URL: https://cdn.innity.net/global.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4c7c9bd6608d86b9f67977d25e645cb5d4e5ef8ba95de2a3d719c8de7e3347d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Encoding
gzip
Date
Wed, 17 Jan 2024 16:09:04 GMT
Last-Modified
Mon, 08 Jan 2024 02:04:21 GMT
Server
Apache
ETag
"11d3-60e659dba9340-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1114
Expires
Thu, 18 Jan 2024 16:09:04 GMT
proxy_270195.js
media.innity.net/adnetwork/house/pub_4428/ Frame 1DF5
2 KB
2 KB
Script
General
Full URL
https://media.innity.net/adnetwork/house/pub_4428/proxy_270195.js?ord=[timestamp]
Requested by
Host: cdn.innity.net
URL: https://cdn.innity.net/global.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0cde4e89ccb69aea1f97b22b1fb50a34393079f8677ac5670faec1ced2a9267e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Encoding
gzip
Date
Wed, 17 Jan 2024 16:09:04 GMT
Last-Modified
Sat, 06 Jun 2020 11:47:05 GMT
Server
Apache
ETag
"9f8-5a768efcb6981-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1087
Expires
Wed, 17 Jan 2024 16:39:04 GMT
supply-feature
am-trc-events.taboola.com/thesundaily/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/thesundaily/log/3/supply-feature?route=AM:AM:V&tvi2=-2&tvi48=-48&tvi50=14585&lti=deflated&ri=4c374e069b71d31685197824f089b651&sd=v2_d003a1a7b4e62cf629ea94da5b983763_3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f_1705507743_1705507743_CNawjgYQ3ZxAGMrNu8HRMSABKAEwODib4wlAiIoQSKvH2QNQ____________AVgAYABom8ObpKOcg8HSAXAA&ui=3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f&pi=/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-gb10007463&wi=3778921354002047568&pt=text&vi=1705507743434&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%221356.5%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A09%3A04.196&id=5544&llvl=2&cv=20240116-10-RELEASE&
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 17 Jan 2024 16:09:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
css2
fonts.googleapis.com/
20 KB
988 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240116-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Jan 2024 16:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 15:20:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Jan 2024 16:09:04 GMT
spa-detector.20240116-10-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20240116-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thesundaily/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9166f512c27a1b68e880e4837eb3ce7291e8699d5c214cc1699cc181efd11699

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
QBk7W0XwyTIDeSGsqPamK.AR357iBD1i
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 Jan 2024 16:09:04 GMT
x-amz-request-id
KVBNEFW2N3XRV01H
age
103364
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
779
x-amz-id-2
LRyNwvfTTOXdG1Dwe0KRC8iC5h4R37VYH/Qq4lUXjtBu5WO2J24BUZ8/xGtGSaeHqVkzbqcfnrU=
x-served-by
cache-fra-etou8220103-FRA
last-modified
Tue, 16 Jan 2024 11:26:20 GMT
server
AmazonS3
x-timer
S1705507744.273131,VS0,VE0
etag
"919005e62bafe6a76516c8e6ab1ac7f2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
68
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
82787
supply-feature
am-trc-events.taboola.com/thesundaily/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/thesundaily/log/3/supply-feature?route=AM:AM:V&tvi2=-2&tvi48=-48&tvi50=14585&lti=deflated&ri=4c374e069b71d31685197824f089b651&sd=v2_d003a1a7b4e62cf629ea94da5b983763_3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f_1705507743_1705507743_CNawjgYQ3ZxAGMrNu8HRMSABKAEwODib4wlAiIoQSKvH2QNQ____________AVgAYABom8ObpKOcg8HSAXAA&ui=3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f&pi=/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-gb10007463&wi=3778921354002047568&pt=text&vi=1705507743434&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A09%3A04.206&id=6905&llvl=2&cv=20240116-10-RELEASE&
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 17 Jan 2024 16:09:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/thesundaily/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/thesundaily/log/3/abtests?route=AM:AM:V&tvi2=-2&tvi48=-48&tvi50=14585&lti=deflated&ri=4c374e069b71d31685197824f089b651&sd=v2_d003a1a7b4e62cf629ea94da5b983763_3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f_1705507743_1705507743_CNawjgYQ3ZxAGMrNu8HRMSABKAEwODib4wlAiIoQSKvH2QNQ____________AVgAYABom8ObpKOcg8HSAXAA&ui=3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f&pi=/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-gb10007463&wi=3778921354002047568&pt=text&vi=1705507743434&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1705507744209%7D&tim=17%3A09%3A04.209&id=8831&llvl=2&cv=20240116-10-RELEASE&
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 17 Jan 2024 16:09:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/thesundaily/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/thesundaily/log/3/supply-feature?route=AM:AM:V&tvi2=-2&tvi48=-48&tvi50=14585&lti=deflated&ri=4c374e069b71d31685197824f089b651&sd=v2_d003a1a7b4e62cf629ea94da5b983763_3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f_1705507743_1705507743_CNawjgYQ3ZxAGMrNu8HRMSABKAEwODib4wlAiIoQSKvH2QNQ____________AVgAYABom8ObpKOcg8HSAXAA&ui=3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f&pi=/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-gb10007463&wi=3778921354002047568&pt=text&vi=1705507743434&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A09%3A04.211&id=1696&llvl=2&cv=20240116-10-RELEASE&
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 17 Jan 2024 16:09:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
theSun-logo-NEW.png
s3.ap-southeast-1.amazonaws.com/thesun-epaper.com/images/MastHead/
6 KB
6 KB
Image
General
Full URL
https://s3.ap-southeast-1.amazonaws.com/thesun-epaper.com/images/MastHead/theSun-logo-NEW.png
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.40.37 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
56bb17daa81fb37aab5dc53cee8886f9d7676490058e430f249b138a4485a6da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:05 GMT
Last-Modified
Fri, 17 Nov 2023 20:14:00 GMT
Server
AmazonS3
x-amz-request-id
RH6MG9D50DS0S6NM
ETag
"6632f7279c46768e41538e5d276bb2ec"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5676
x-amz-id-2
EYow3ypwDFfLnZ2i5okKrogrYaU0MjJLouUynA0k8jUroAZWsLAh8ZeHw78lfvL68t3B6TQ8ejI=
6a3c83769a5542d0e8d718945472e1fd.png
www.thesundaily.my/base-portlet/webrsrc/theme/
171 KB
172 KB
Image
General
Full URL
https://www.thesundaily.my/base-portlet/webrsrc/theme/6a3c83769a5542d0e8d718945472e1fd.png
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
a600ef03752b6b35f4e7b8aaecf122b8a29c2d5e5be5dda1466e64ca2bdae52c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
server
nginx/1.14.0
etag
"5c953150"
content-type
image/png;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
175568
expires
Fri, 03 Jan 2025 03:35:17 GMT
1356918d4f0b1a1dc442556ee21ba521.png
www.thesundaily.my/base-portlet/webrsrc/theme/
540 B
799 B
Image
General
Full URL
https://www.thesundaily.my/base-portlet/webrsrc/theme/1356918d4f0b1a1dc442556ee21ba521.png
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
480c1b1d6d8bd16724ea60900ff424216ca8ba42cfc1133bdcd4197e7254dc35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
server
nginx/1.14.0
etag
"b1a79459"
content-type
image/png;charset=UTF-8
access-control-allow-origin
https://thesun.my
filter-class
com.liferay.portal.servlet.filters.header.HeaderFilter
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
540
expires
Fri, 03 Jan 2025 03:35:35 GMT
abtests
am-trc-events.taboola.com/thesundaily/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/thesundaily/log/3/abtests?route=AM:AM:V&tvi2=-2&tvi48=-48&tvi50=14585&lti=deflated&ri=4c374e069b71d31685197824f089b651&sd=v2_d003a1a7b4e62cf629ea94da5b983763_3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f_1705507743_1705507743_CNawjgYQ3ZxAGMrNu8HRMSABKAEwODib4wlAiIoQSKvH2QNQ____________AVgAYABom8ObpKOcg8HSAXAA&ui=3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f&pi=/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-gb10007463&wi=3778921354002047568&pt=text&vi=1705507743434&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1705507744215%7D&tim=17%3A09%3A04.215&id=4981&llvl=2&cv=20240116-10-RELEASE&
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 17 Jan 2024 16:09:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thesun.my/
Origin
https://thesun.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 00:41:53 GMT
x-content-type-options
nosniff
age
55631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 00:41:53 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/
125 KB
126 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thesun.my/
Origin
https://thesun.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:23:33 GMT
x-content-type-options
nosniff
age
49531
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:23:33 GMT
AGSKWxV9s6__7UHrpdXleuQgUOBZ8Y2TZ6vJ660Ap-LAzDz1W7y4tgW5klCAFW7P-FcOhGCllbDfAI5vcA-5V1tM24jppt6n9CSe1Gz8CmRnrg9-_7Bga9Ui4dWKt8F9XRfsnTqqn4OLIg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV9s6__7UHrpdXleuQgUOBZ8Y2TZ6vJ660Ap-LAzDz1W7y4tgW5klCAFW7P-FcOhGCllbDfAI5vcA-5V1tM24jppt6n9CSe1Gz8CmRnrg9-_7Bga9Ui4dWKt8F9XRfsnTqqn4OLIg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.LIqc41BJ5a0.es5.O/am=wA/d=1/rs=AJlcJMyuHDquIDjtBjzFOiABIt8N5YwY7Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rMkyv0dddFsEAlRUFAIKwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
content-security-policy
script-src 'report-sample' 'nonce-rMkyv0dddFsEAlRUFAIKwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://thesun.my
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
bulk-metrics
am-trc-events.taboola.com/thesundaily/log/3/
0
242 B
XHR
General
Full URL
https://am-trc-events.taboola.com/thesundaily/log/3/bulk-metrics?tvi2=-2&tvi48=-48&tvi50=14585&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240116-10-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://thesun.my
pragma
no-cache
date
Wed, 17 Jan 2024 16:09:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 553D
147 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: media.innity.net
URL: https://media.innity.net/adnetwork/house/pub_4428/proxy_270195.js?ord=[timestamp]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fa47026d3afc76b533ac561e32b215eebec21111ecf09633e1ed97aa4a3af35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51106
x-xss-protection
0
server
cafe
etag
3134027090178419068
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 16:09:04 GMT
container_576b5a051c51b1c0244bca09.js
ssl-avd.innity.net/1/ Frame E724
11 KB
4 KB
Script
General
Full URL
https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
nginx/1.24.0 /
Resource Hash
fcbfe3701531c9c0a1cdf0f9adaf43370498a8a46185ec0639f844a14f1f5541

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Oct 2023 07:45:31 GMT
Server
nginx/1.24.0
ETag
"6528f59b-2aa5-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2395889
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3678
Expires
Wed, 14 Feb 2024 09:40:33 GMT
analytics.js
cdn.innity.net/ Frame 1DF5
301 B
547 B
Script
General
Full URL
https://cdn.innity.net/analytics.js
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
03d0e8a81b76b97330c387401f890774b9d88750ea2d7b7d85da4851ca2ef3ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Oct 2023 08:05:30 GMT
Server
Apache
ETag
"12d-606df78894680-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
175
Expires
Thu, 18 Jan 2024 16:09:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1DF5
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuV17eiATQIbCZl4yckPx9kmWwoU-BBigBvucstzH8J3uNzN56_iJaZR7eAt_jTTEgaViQOMgi67TK-LeWmXTCiElN11quKLQwV7UbWWymMRVP2_YpF_-PiVprKr2gU8g8PNpL74KW2hct3ZnTOKonEIXaj5yhIFXdr-xwN7-zY7TmZkARsRrk7-BwZEgqVFihySlCzVeYpELS6qcapWrLHa-hsn9LUHz74yDYj0S6u2hJV1kEqFvtCXoetYLMlRjYmhzw6FnMAR_Y7E12HEk7TewDJpo9kd91e-o4eBUhKXokJ4ebfBBLrozNfJV_BYj7nhZU7gYE&sai=AMfl-YRDfNfjG4TCw_cQyd3LNKtQ_ObTPc7ASxaPOomWjNWN7eJPj6zdZo3JqqOzLN4G8QLE7aa81_7mfuq4X_-CyfJrHyneIJ1tbTdVp8rVVPOl4jMwrVeNo2Ivb3LPmvujO058aEUHg44d7KbNKcz-cWNO&sig=Cg0ArKJSzHFd0xy_23qtEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 17 Jan 2024 16:09:04 GMT
truncated
/ Frame 1DF5
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f6d89ed748d2b8e1b25ae5f59d8a5109c8da9084c7131c510cffabeee01c738

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
/
avd.innity.com/dc/ Frame C5F5
0
91 B
Image
General
Full URL
https://avd.innity.com/dc/?cl=0&cuid=eee5a53396bec803fac54f48b9927b16&cb=1705507744377&douid=&sess=100861973.0.1705507744376&dur=0&ref=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&srf=&pk=&pt=Gnanaraja%E2%80%99s%20RM19m%20cheating%20case%20classified%20as%20NFA%3A%20DPP&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
close
Cache-Control
no-cache
Content-Type
text/html
/
avd.innity.com/sync/ Frame C5F5
43 B
452 B
Image
General
Full URL
https://avd.innity.com/sync/?partner=innity&token=eee5a53396bec803fac54f48b9927b16&type=cookie&itmcb=1705507744377
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 16:09:04 GMT
Last-Modified
Wed, 17 Jan 2024 16:09:04 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
optimize.innity.com/ Frame 1DF5
43 B
452 B
Image
General
Full URL
https://optimize.innity.com/?pubid=4428&zoneid=65662&cb=1705507744492
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.218.26.252 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 16:09:04 GMT
Last-Modified
Wed, 17 Jan 2024 16:09:04 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Sat, 03 Sep 1983 02:00:00 GMT
/
optimize2.innity.com/ Frame 1DF5
43 B
347 B
Image
General
Full URL
https://optimize2.innity.com/?pubid=4428&zoneid=65662&cb=1705507744492
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.250.11.143 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/ PHP/8.2.5
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:04 GMT
last-modified
Wed, 17 Jan 2024 16:09:04 GMT
x-powered-by
PHP/8.2.5
content-type
image/gif
p3p
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Sat, 03 Sep 1983 02:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/ Frame 553D
402 KB
136 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6999968698827395&plah=b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com&bust=31080431
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fce7c7ff4d31caeb48fe0f8ca462df64dbf03dcac8251d26145691c69ff637f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139514
x-xss-protection
0
server
cafe
etag
13815686979537348434
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 16:09:04 GMT
dc.js
avd.innity.net/lib/ Frame E724
20 KB
7 KB
Script
General
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: ssl-avd.innity.net
URL: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.212.201.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-53.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Oct 2021 06:40:46 GMT
Server
nginx/1.20.2
ETag
"61725cee-5149-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1338522
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6407
Expires
Fri, 02 Feb 2024 03:57:46 GMT
userSync.js
ads.pubmatic.com/AdServer/js/ Frame E724
7 KB
3 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bbfd11be8ef21e1c20fcbb1a97d6e90e07784a8b824d4ff3e76b2600527388f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:12:08 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=117844
accept-ranges
bytes
content-length
2416
expires
Fri, 19 Jan 2024 00:53:08 GMT
/
avd.innity.com/uidsync/init/ Frame 826A
43 B
452 B
Image
General
Full URL
https://avd.innity.com/uidsync/init/?idsr=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D1381%26g%3D204%26j%3D0&c=HK&itmcb=1705507744598
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 16:09:04 GMT
Last-Modified
Wed, 17 Jan 2024 16:09:04 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
sync
x.bidswitch.net/ Frame 826A
Redirect Chain
  • https://avd.innity.com/uidsync/getuid/?idsr=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fssp%3Dinnity%26user_id%3D%24UID&itmcb=1705507744598
  • https://x.bidswitch.net/sync?ssp=innity&user_id=eee5a53396bec803fac54f48b9927b16
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=innity&user_id=eee5a53396bec803fac54f48b9927b16
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
35.157.107.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-107-95.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 16:09:04 GMT
Last-Modified
Wed, 17 Jan 2024 16:09:04 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Location
https://x.bidswitch.net/sync?ssp=innity&user_id=eee5a53396bec803fac54f48b9927b16
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
st
imprammp.taboola.com/ Frame 5120
422 B
382 B
Document
General
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&cmcv=&pix=undefined&cb=1705507744629&uv=3373&tms=1705507744629&abt=adxsub-out_vA!adxsub-out_vB!eidc_vB!esv_vA!pl152588-649_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=e44a44c4-e029-49ab-a6fb-4ac51fd65c92&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
14d67cad17c9d33c7df93cc69cbb4d5244f3b7d8d8cdb4b4055b1628dcd5e65b

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 17 Jan 2024 16:09:04 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220103-FRA
x-timer
S1705507745.642968,VS0,VE10
sync
am-match.taboola.com/ Frame C3D7
422 B
507 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
14d67cad17c9d33c7df93cc69cbb4d5244f3b7d8d8cdb4b4055b1628dcd5e65b

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 17 Jan 2024 16:09:04 GMT
machineid
3407
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/
2 KB
744 B
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=420&height=236&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1705507744643&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1589&pt=1858615343&tz=60&viewable=true&ddast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2995655&dpubid=168237&abtst=adxsub-out_vA!adxsub-out_vB!eidc_vB!esv_vA!pl152588-649_vB!ufm&mPre=0.033&cirf=https%3A%2F%2Fthesun.my&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5c75d583340c5c278c46b26f25874f7d767affba762bf08fdf18ba785011b6dc

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Wed, 17 Jan 2024 16:09:04 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1401
x-cache
MISS
x-served-by
cache-fra-etou8220103-FRA
pragma
no-cache
server
nginx
x-timer
S1705507745.660835,VS0,VE52
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://thesun.my
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&cmcv=&pix=31589837&cb=1705507744629&uv=3373&tms=1705507744629&abt=adxsub-out_vA!adxsub-out_vB!eidc_vB!esv_vA!pl152588-649_vB!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1705507740840.9!ts:1705507744629&mntl=1
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
content-length
0
server
nginx
/
avd.innity.com/dc/ Frame E92D
0
91 B
Image
General
Full URL
https://avd.innity.com/dc/?cl=0&cuid=eee5a53396bec803fac54f48b9927b16&cb=1705507744650&douid=&sess=100861973.0.1705507744376&dur=0&ref=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&srf=&pk=&pt=Gnanaraja%E2%80%99s%20RM19m%20cheating%20case%20classified%20as%20NFA%3A%20DPP&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
close
Cache-Control
no-cache
Content-Type
text/html
/
avd.innity.com/dc/cb/ Frame E724
59 B
548 B
Script
General
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
1aba0ac1c69bba2a8057b9e9564b302bdcbd059b864e8f370874220e3d0af8ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 16:09:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Jan 2024 16:09:05 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
79
Expires
Wed, 04 Aug 1985 12:59:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 606C
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=161517
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 17 Jan 2024 16:09:04 GMT
expires
Fri, 19 Jan 2024 13:01:01 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 5120
70 B
149 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&cmcv=&pix=undefined&cb=1705507744629&uv=3373&tms=1705507744629&abt=adxsub-out_vA!adxsub-out_vB!eidc_vB!esv_vA!pl152588-649_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=e44a44c4-e029-49ab-a6fb-4ac51fd65c92&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 5120
43 B
425 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&cmcv=&pix=undefined&cb=1705507744629&uv=3373&tms=1705507744629&abt=adxsub-out_vA!adxsub-out_vB!eidc_vB!esv_vA!pl152588-649_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=e44a44c4-e029-49ab-a6fb-4ac51fd65c92&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:7d46:bd77:a0a1:96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame 5120
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&cmcv=&pix=undefined&cb=1705507744629&uv=3373&tms=1705507744629&abt=adxsub-out_vA!adxsub-out_vB!eidc_vB!esv_vA!pl152588-649_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=e44a44c4-e029-49ab-a6fb-4ac51fd65c92&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.107.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-107-95.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame C3D7
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame C3D7
43 B
426 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:7d46:bd77:a0a1:96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame C3D7
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.107.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-107-95.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_7_3/assets/css/
60 KB
8 KB
Stylesheet
General
Full URL
https://vidstat.taboola.com/vpaid/units/33_7_3/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b9deac08511b98fa127fcf0d07e132b58d85b56662aabeafd82029d6257cdd2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-meta-mtime
1704535352
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
KVQD7FSG6JX32KJ3
age
972322
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1704535353
x-amz-meta-mode
33188
content-length
7921
x-amz-id-2
HxHP/FszP+YO130iB0p+93Sf0PAqAfn2wvVk2tGfiC+gIQCVvAlHNa3L0g0/xDdMaAtx55iASd8=
x-served-by
cache-fra-etou8220103-FRA
last-modified
Sat, 06 Jan 2024 10:02:34 GMT
server
AmazonS3-br
x-timer
S1705507745.728499,VS0,VE0
etag
"f7b7155f1c129d09779b1ec80bc9bb24"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
653935
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/33_7_3/infra/
378 KB
86 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
46fbda9a97367cc61046dd658da965a26275b1aa2ce7249a70fe1c53abd77396

Request headers

Referer
https://thesun.my/
Origin
https://thesun.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-meta-mtime
1704535308
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
KVQBJ1CXAHYRWK9Z
age
972322
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1704535309
x-amz-meta-mode
33188
content-length
87279
x-amz-id-2
q8w6Ncbev8d4nc0+ZaQAbZxKNcw4bvl+2tIiQznCK2KEfcCeK6YwgeJ+R2dEWIsdzStR72DqXOA=
x-served-by
cache-fra-etou8220078-FRA
last-modified
Sat, 06 Jan 2024 10:01:50 GMT
server
AmazonS3-br
x-timer
S1705507745.728373,VS0,VE0
etag
"1947fbc8bb0e083f25edcb980b3c2849"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
46628
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.8.9/
429 KB
81 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.9/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
0ce49c63580738406cf9dde96aca7fd4590b863d0206d274178765078ba47049

Request headers

Referer
https://thesun.my/
Origin
https://thesun.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-meta-mtime
1705312862
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
2QBZ8PJDS9KRM3NM
age
194810
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1705312875
x-amz-meta-mode
33188
content-length
82335
x-amz-id-2
eWxxWjWeJy9oSSsyi3kK39IGR5C0pvrb3UYjn/bLcskhw6i7KEo77NENhMjNDOgJi0e2OgXsaHk=
x-served-by
cache-fra-etou8220078-FRA
last-modified
Mon, 15 Jan 2024 10:01:16 GMT
server
AmazonS3-br
x-timer
S1705507745.834316,VS0,VE0
etag
"cdbb18503fee62a5fdd5ee5f4ace9925"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
158597
sync
am-match.taboola.com/ Frame 3751
422 B
507 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
14d67cad17c9d33c7df93cc69cbb4d5244f3b7d8d8cdb4b4055b1628dcd5e65b

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 17 Jan 2024 16:09:04 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&cmcv=&pix=&cb=1705507744803&uv=3373&tms=1705507744803&su=&abt=adxsub-out_vA!adxsub-out_vB!eidc_vB!esv_vA!pl152588-649_vB!t120!ufm_vA&ft=0&unm=WIDGET_ITEM&mntl=1&
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
content-length
0
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/
89 KB
89 KB
Media
General
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://thesun.my/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Wed, 17 Jan 2024 16:09:04 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
1326594
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-etou8220103-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1705507745.859554,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
494160
generic
match.adsrvr.org/track/cmf/ Frame 3751
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 3751
43 B
425 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:7d46:bd77:a0a1:96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame 3751
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.107.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-107-95.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
bulk
trc.taboola.com/thesundaily/log/3/
0
339 B
XHR
General
Full URL
https://trc.taboola.com/thesundaily/log/3/bulk?tvi2=-2&tvi48=-48&tvi50=14585&route=AM%3AAM%3AV&lti=deflated&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240116-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
12
date
Wed, 17 Jan 2024 16:09:05 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7392
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220103-FRA
pragma
no-cache
server
nginx
x-timer
S1705507745.037330,VS0,VE12
content-type
image/gif
access-control-allow-origin
https://thesun.my
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
cmAdService.js
vidstat.taboola.com/vpaid/units/33_7_3/infra/
46 KB
12 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmAdService.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a4da18e8baeea4d9b2f6efa2cf38b32db7d139feb7a5b6d1a2045278f44d425

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-meta-mtime
1704535345
date
Wed, 17 Jan 2024 16:09:05 GMT
via
1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
972321
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1704535345
x-amz-meta-mode
33188
content-length
11556
x-served-by
cache-fra-etou8220103-FRA
last-modified
Sat, 06 Jan 2024 10:02:26 GMT
server
AmazonS3
x-timer
S1705507745.113653,VS0,VE0
etag
"395c2d3a29b53f05f31fcb3046a9dd43"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
LSpxDgW8A_hZJ5Z9l1dsPchg2ABAbsUZLlTOpr0o2wxfJRgcDXJ2Ow==
x-cache-hits
647945
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
740 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 17 Jan 2024 16:09:05 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
15147
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-etou8220103-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1705507745.169245,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
56
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
9586
/
avd.innity.com/dc/ Frame E724
0
91 B
Image
General
Full URL
https://avd.innity.com/dc/?cl=0&cuid=eee5a53396bec803fac54f48b9927b16&cb=1705507745218&douid=&sess=100861973.0.1705507745217&dur=0&ref=https%3A%2F%2Fb5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&srf=&pk=&pt=&sr=1600x1200&ul=en-US&de=UTF-8&vp=728x90
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
close
Cache-Control
no-cache
Content-Type
text/html
/
avd.innity.com/sync/ Frame E724
43 B
452 B
Image
General
Full URL
https://avd.innity.com/sync/?partner=innity&token=eee5a53396bec803fac54f48b9927b16&type=cookie&itmcb=1705507745218
Requested by
Host: b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 16:09:05 GMT
Last-Modified
Wed, 17 Jan 2024 16:09:05 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
ats.js
anymind360.com/js/4542/
257 KB
51 KB
Script
General
Full URL
https://anymind360.com/js/4542/ats.js
Requested by
Host: thesun.my
URL: https://thesun.my/base-portlet/webrsrc/theme/be680d9447e50cf0335d07daaa542435.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f49dd7cfb82a2228d646c8ec68e9c6c19dab3566655f196aef893b4134b3f7f6
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 17 Jan 2024 04:55:02 GMT
date
Wed, 17 Jan 2024 16:09:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
40444
x-guploader-uploadid
ABPtcPpZd8xAmxXrEDQS_psUaeZH3liEkquZWLdIQSrhpEFaKjLTX8Udg58pNsvUFDAl7YwtXPU
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
51327
x-served-by
cache-tyo11970-TYO, cache-fra-etou8220100-FRA
last-modified
Wed, 17 Jan 2024 04:55:01 GMT
server
UploadServer
x-timer
S1705507746.565520,VS0,VE1
etag
"2b10e648dcb181062d57ba0068fd3779"
vary
Accept-Encoding
x-goog-generation
1705467301518620
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=Nw3X1w==, md5=KxDmSNyxgQYtV7oAaP03eQ==
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
51327
accept-ranges
bytes
x-cache-hits
4, 1
sharethis.js
platform-api.sharethis.com/js/
206 KB
46 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: thesun.my
URL: https://thesun.my/base-portlet/webrsrc/theme/be680d9447e50cf0335d07daaa542435.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
/
Resource Hash
cf9e92205faeb2fc9929f8aaf67ee6fb15084be8994babd310cfa01d62e29e5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:08:02 GMT
content-encoding
gzip
via
1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
age
63
etag
W/"3360d-7zvdaxLS2Lhi3Pty7QrCYymkuqI"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
RWQEvVEgH39CPvV2NYReAKyFG1vqQz8ytutI1AdKI3oUAi3nUdSzqg==
fbevents.js
connect.facebook.net/en_US/
212 KB
57 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 17 Jan 2024 16:09:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
56915
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
JhEBNN+nO/VX50hFwalhHbOU54BZaQrKZIfzhidSNUDv5sJfqhxGFZNJN++TdApatnpUhPcbYVbn70K+ZsyRjw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
thesundaily.js
propsid.b-cdn.net/gpt/
24 KB
7 KB
Script
General
Full URL
https://propsid.b-cdn.net/gpt/thesundaily.js
Requested by
Host: thesun.my
URL: https://thesun.my/base-portlet/webrsrc/theme/be680d9447e50cf0335d07daaa542435.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-SG1-868 /
Resource Hash
17fff0e8c08b18bc86d19894e2844e506c17c7c4d1bd379e028c08968a221a8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
content-encoding
br
cdn-edgestorageid
868
cdn-storageserver
SG-561
cdn-cachedat
01/16/2024 10:04:44
cdn-pullzone
266288
last-modified
Fri, 27 Oct 2023 02:46:19 GMT
server
BunnyCDN-SG1-868
cdn-fileserver
630
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"653b247b-5eb3"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
022eeb7f-01b5-4a33-8c9d-d5c55b7764e7
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
b5c35f4c8f3d8bb54957231fc2aa8c5a
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
tr
www.facebook.com/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr?id=2418678745093464&ev=PageView&noscript=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 17 Jan 2024 16:09:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e6c8597ca3c472944eac5d26f4cd193e3e78257d74c5ecd4c4ab0f32fe81e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12452
x-xss-protection
0
pk01-17012024-mahkamah_3808812_20240117173245.jpg
thesun.my/binrepository/591x432/0c0/0d0/none/11808/SUVL/
27 KB
28 KB
Image
General
Full URL
https://thesun.my/binrepository/591x432/0c0/0d0/none/11808/SUVL/pk01-17012024-mahkamah_3808812_20240117173245.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
b703243393a0862dcc95f1433f3de1225a53ba10bca646ea1787473d3fa28c94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:05 GMT
server
nginx/1.14.0
etag
"96b25cc"
content-type
image/jpeg
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
28143
expires
Thu, 16 Jan 2025 09:33:30 GMT
pk01-17012024-mahkamah_3808792_20240117173031.jpg
thesun.my/binrepository/591x432/0c0/0d0/none/11808/UUVL/
27 KB
28 KB
Image
General
Full URL
https://thesun.my/binrepository/591x432/0c0/0d0/none/11808/UUVL/pk01-17012024-mahkamah_3808792_20240117173031.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
b703243393a0862dcc95f1433f3de1225a53ba10bca646ea1787473d3fa28c94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:05 GMT
server
nginx/1.14.0
etag
"96b25cc"
content-type
image/jpeg
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
28143
expires
Thu, 16 Jan 2025 09:31:08 GMT
/
ssfpc.thesundaily.my/am/4542/fpid/
0
457 B
XHR
General
Full URL
https://ssfpc.thesundaily.my/am/4542/fpid/
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
server
Google Frontend
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://thesun.my
x-cloud-trace-context
4f26dd319180f4acb70d9e7ff87071ea
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Wed, 17 Jan 2024 16:09:06 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158497/6000/
212 KB
64 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/158497/6000/pwt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/ats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3cb1ac9f644d57fcd87a9671c9a3a6b63dbb21aa92aee07718dd0874d7fc0696

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:05 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:49:05 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=119041
accept-ranges
bytes
content-length
65589
expires
Fri, 19 Jan 2024 01:13:06 GMT
smart.js
ced.sascdn.com/tag/2060/
106 KB
36 KB
Script
General
Full URL
https://ced.sascdn.com/tag/2060/smart.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/ats.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-18.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4edbec098597b69fe06e29284df24227c12c5a87048fe44ef6243017931f6acb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Connection
keep-alive
Content-Length
36679
Expires
Wed, 17 Jan 2024 18:09:05 GMT
ptag.js
tag.adbro.me/tags/
33 KB
10 KB
Script
General
Full URL
https://tag.adbro.me/tags/ptag.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2c16c8296ab71eb861dabd7a644527900c6a2aca2beb2c4aab496a039ac11ed5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 17 Jan 2024 16:09:05 GMT
content-encoding
gzip
x-age-lb
7302
content-md5
teHYcfSZ/pfeqOnP7w8Y/A==
x-77-cache
HIT
x-accel-date
1705500443
x-77-nzt
EgwBw7WvDgH3hhwAAAgB1GY4nAFh
x-accel-expires
@1705514834
x-77-age
7302
x-cache-lb
HIT
last-modified
Thu, 04 Jan 2024 14:12:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
908339302f88166da1fba765b36c8528
vary
Accept-Encoding
x-azure-ref
20240104T141314Z-dh8xk05cwt2fd3s4gkbf271ya00000000cz0000000002x5z
content-type
application/javascript
vxbkhiyn.js
tag.adbro.me/configs/
952 B
905 B
Script
General
Full URL
https://tag.adbro.me/configs/vxbkhiyn.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8689e8982cb3a33ed0920a4d0ada44ea56a75ee734088045f64fb1b9293a5c07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 17 Jan 2024 16:09:05 GMT
content-encoding
gzip
x-age-lb
7014
x-77-cache
HIT
x-accel-date
1705500731
x-77-nzt
EgwBw7WvDgH3ZhsAAAwB1GY4EQH3eyMAAA
x-accel-expires
@1705514961
x-77-age
16097
x-cache-lb
HIT
last-modified
Tue, 19 Dec 2023 09:54:39 GMT
server
CDN77-Turbo
x-77-nzt-ray
908339302f88166da1fba76506347228
vary
Accept-Encoding
x-azure-ref
20231219T100430Z-dz92ax8ykh7nrapr15mca6fupg00000000f000000000d4tg
content-type
application/javascript
tag
a.teads.tv/page/161228/
724 B
764 B
Script
General
Full URL
https://a.teads.tv/page/161228/tag
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.125.39 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-125-39.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a2d7b80b112a3c015bc60b173dfb97edb97d4a056fba0af7e07d420f7b9adff0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:05 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, no-store
access-control-allow-credentials
true
content-length
455
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 17 Jan 2024 16:09:05 GMT
truncated
/
273 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
2418678745093464
connect.facebook.net/signals/config/
139 KB
36 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2418678745093464?v=2.9.140&r=stable&domain=thesun.my
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
883e525ec3685f0cb9a1263de1ef6b79fb3064a4222428eb71cdbd7a9bf4e952
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 17 Jan 2024 16:09:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36773
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
VvrCATAmmBtze9sSc+dQZ2nWS2fFA63nS0fmAYOoaSTb3hWqQuzDrI6/4RrtSNRuARSMDG211IKG/nOaL6x9Dg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
659fecbadce46a00126a99b9.js
buttons-config.sharethis.com/js/
1 KB
955 B
Script
General
Full URL
https://buttons-config.sharethis.com/js/659fecbadce46a00126a99b9.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218e:4a00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e559ec7957cbaa1fd88ffb700f2a35401bab94f686cd5d3198445177d9697dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:08:52 GMT
content-encoding
gzip
via
1.1 07a270ab1aab3273835b92a016f8a5dc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 11 Jan 2024 14:14:55 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P1
age
50
x-amz-server-side-encryption
AES256
etag
W/"af438d87c11a8c1a40f6de4aa7197de7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=60
x-amz-cf-id
LOKaotjDk82I1NuAlbQC-NZ5wrUhlxundRBuwiOalm5gwVuA4hLjsQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/
97 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/ats.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425cb057b6ae2dba9ccbb3987295ba680a072ee0997b23c5b87b5b83a8bd195d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29741
x-xss-protection
0
server
cafe
etag
347 / 19739 / m202401100101 / config-hash: 17283158720879652238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 16:09:05 GMT
prebid_2024_1_17_4_54_47.js
anymind360.com/js/4542/
460 KB
146 KB
Script
General
Full URL
https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c1208a0459d6d88fd75fc08b62835ba9eb4bb4e7f5fcc6fd4828c7716a8e48ec
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 17 Jan 2024 04:55:02 GMT
date
Wed, 17 Jan 2024 16:09:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
40443
x-guploader-uploadid
ABPtcPqjRxINTjWwSwj4HnvEkU7Ow7vOAamnGp3fr3OQsQyH3uAWMbmiNMrkeB8DRz_FAqdDzaZFapfsNg
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
149485
x-served-by
cache-tyo11940-TYO, cache-fra-etou8220100-FRA
last-modified
Wed, 17 Jan 2024 04:55:01 GMT
server
UploadServer
x-timer
S1705507746.704046,VS0,VE4
etag
"1b5a0c60cad22fce26fc0d060f2c1353"
vary
Accept-Encoding
x-goog-generation
1705467301531862
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=enkFIQ==, md5=G1oMYMrSL84m/A0GDywTUw==
access-control-expose-headers
Content-Type
cache-control
max-age=31536000, public
x-goog-stored-content-length
149485
accept-ranges
bytes
x-cache-hits
3, 1
apstag.js
c.amazon-adsystem.com/aax2/
282 KB
70 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:30:53 GMT
content-encoding
gzip
via
1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
2293
x-amz-server-side-encryption
AES256
etag
W/"d6937d02acbbf691a008906e9d0617e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
zhm3P0_WL6u0UefwNm9Gi2Xqz_0vi3LIypSlfItCN_m63e5dVdOLJg==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FE11
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
922
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 15:53:43 GMT
expires
Thu, 16 Jan 2025 15:53:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1FD3
829 B
999 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
797d18dd5b7ac8e4cd1d57fcced7ff0cc8a3dbd174e451bd2b7d09dd194d4b4f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rIy5zvZ9eZMOVQVC7h5qQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-rIy5zvZ9eZMOVQVC7h5qQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 16:09:05 GMT
expires
Wed, 17 Jan 2024 16:09:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2418678745093464&ev=PageView&dl=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&rl=&if=false&ts=1705507745726&sw=1600&sh=1200&v=2.9.140&r=stable&ec=0&o=4126&fbp=fb.1.1705507745723.1638080968&cs_est=true&ler=empty&it=1705507745645&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 17 Jan 2024 16:09:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
apis.adbro.me/api/v2/advertising/slot/cb7e421c-16ef-4594-8de6-e827efd7d938/advertisement/
13 B
584 B
XHR
General
Full URL
https://apis.adbro.me/api/v2/advertising/slot/cb7e421c-16ef-4594-8de6-e827efd7d938/advertisement/?pageUrl=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&pageTitle=Gnanaraja%E2%80%99s%20RM19m%20cheating%20case%20classified%20as%20NFA%3A%20DPP&imageUrl=https%3A%2F%2Fthesun.my%2Fbinrepository%2Fwhatsapp-image-2019-04-03-at-12-00-50-284476-20190403120321_2698821_20221019161429.jpg&imageSize=660x440&r=t3f1p
Requested by
Host: tag.adbro.me
URL: https://tag.adbro.me/tags/ptag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-adbro-uid
5b62732a-91b5-4dfd-b112-6dce1eb6058d
date
Wed, 17 Jan 2024 16:09:05 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model
server
cloudflare
x-adbro-page
9530240550818715873
x-adbro-ip
KgEEoAArAAAAAAAAAAAAEg==
content-type
application/json
access-control-allow-origin
https://thesun.my
access-control-expose-headers
X-ADBRO-uid,X-ADBRO-ip,X-ADBRO-page,X-ADBRO-assessor,X-ADBRO-preview
access-control-allow-credentials
true
cf-ray
846fdc531dd22c29-FRA
alt-svc
h3=":443"; ma=86400
whatsapp-image-2019-04-03-at-12-00-50-284476-20190403120321_2698821_20221019161429.jpg
thesun.my/binrepository/
42 KB
43 KB
Image
General
Full URL
https://thesun.my/binrepository/whatsapp-image-2019-04-03-at-12-00-50-284476-20190403120321_2698821_20221019161429.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.178.245 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
1893cec2a38d07dabe9feea27795448865129c9ed4a79569b3f92610650aef57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:05 GMT
server
nginx/1.14.0
etag
"db56b6aa"
content-type
image/jpeg
cache-control
max-age=31536000
url-regex-ignore-pattern
.+/-/.+
content-length
43323
expires
Mon, 13 Jan 2025 11:23:58 GMT
teads-format.min.js
a.teads.tv/media/format/v3/
586 KB
134 KB
Script
General
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/161228/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.125.39 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-125-39.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a7aec82c84ae07dd8511acc61f2a6d5203f615819e3091eb703d7de16996263a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:05 GMT
content-encoding
br
last-modified
Wed, 17 Jan 2024 10:43:38 GMT
x-amz-request-id
J4R92T9TNDMHJ3VM
etag
"a10db86b5f820c229140222bd15d5162"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
e
accept-ranges
bytes
content-length
136684
x-amz-id-2
4bAjrQuuJPYfmtTc1kGJLIaGN7G2RgJdudiLpXnuw9CU9CH3UW5qZXrpIGgilybU9Q4v2vopOUQ=
expires
Wed, 17 Jan 2024 16:39:05 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thesun.my
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://thesun.my
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 17 Jan 2024 16:09:06 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thesun.my
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://thesun.my
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 17 Jan 2024 16:09:06 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c742aff416f5e72b2caeb48fb4e07788a46b1a1180382976bb6ff004488090c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Jan 2024 16:09:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
492
x-jsd-version
1.0.1938
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21973-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"641-IQNTjIPcFGPUGrxKm2fctSjYyAE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKIUK22IA%2Fzvhj1Btpc7Edcev2IUjWC0XVcMZkzFerW9c1%2BWckoaUXpb0USA6v4DjVj0n9BUT2XZ6VkOSZstv6Lo5CV5mi389Og%2BUTvcA2OJSFDx8aDAZSbfsWl9nVYG2jIE1Cik%2FnoYudhIsh0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
846fdc53293c5c32-FRA
cdb
bidder.criteo.com/
0
188 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=60647865154&lsavail=0
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thesun.my
date
Wed, 17 Jan 2024 16:09:05 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
prebid.media.net/rtb/
338 B
643 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU3VM41V
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
48e7e3144309053c6f7be2b3787f64931de04e7b782080929620ec1f9edf3873

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://thesun.my
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Jan 2024 16:09:05 GMT
prebid
ib.adnxs.com/ut/v3/
65 B
620 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
3143566bd1a7330ee43570b480ec2491abf76b5914e06b16fc6aa86106ec2eb4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
an-x-request-uuid
588d5019-de1d-470f-8cdb-83a09f164afe
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thesun.my
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.36; 81.95.5.36; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
65
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/
53 B
608 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
an-x-request-uuid
157318f5-d8fd-48f0-8b48-225e99d1f46f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thesun.my
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.36; 81.95.5.36; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
53
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
g2.gumgum.com/hbid/
337 B
605 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1705507745805&to=-60&aun=ats-insert_ads-0&gpid=%2F21622890900%2C56509919%2FMY_thesundaily.my_res_article_mid1_sticky_300x250%2F%2F336x280%2F%2F468x60&t=mv9xpyrk&pi=3&maxw=468&maxh=60&si=990492&bf=300x250%2C336x280%2C468x60%2C1x1&schain=1.0%2C1!anymanager.io%2CA2700%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.54.4%22%7D&ogu=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&ns=10240
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.230.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-230-28.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
eaf63232990695fca5bd7c545433ab78716d18888981e52af49636e8f7f11e84

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://thesun.my
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
337 B
605 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1705507745806&to=-60&aun=ats-overlay_bottom-2&gpid=ats-overlay_bottom-2&t=mv9xpyrk&pi=3&maxw=970&maxh=90&si=990489&bf=728x90%2C970x90&schain=1.0%2C1!anymanager.io%2CA2700%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.54.4%22%7D&ogu=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&ns=10240
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.230.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-230-28.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
03f0dc5f7297d24a14f89824a2288d1f75f2c27919ce0ac8033f84a4df8b7d2b

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://thesun.my
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
337 B
606 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1705507745806&to=-60&aun=ats-insert_ads-16&gpid=ats-insert_ads-16&t=mv9xpyrk&pi=3&maxw=728&maxh=250&si=990494&bf=728x90%2C728x250&schain=1.0%2C1!anymanager.io%2CA2700%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.54.4%22%7D&ogu=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&ns=10240
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.230.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-230-28.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
af6b5d68eca4987596ec8077f7303b40793959dcb6ff284b8f84be82d5922973

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://thesun.my
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
2 KB
4 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=359628&zone_id=2010114%3B1937534%3B1937536%3B1937538%3B3144578%3B3144604%3B3144612%3B3144648%3B3144672%3B3144670&size_id=15%3B2%3B15%3B15%3B2%3B15%3B15%3B2%3B2%3B15&alt_size_ids=1%2C16%3B%3B1%2C16%3B1%2C16%3B55%2C57%3B9%2C8%2C10%2C16%3B1%2C16%3B%3B%3B16%2C221&rp_schain=1.0,1!anymanager.io,A2700,1,,,&rf=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&tg_i.domain=thesun.my&tg_i.page=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&tg_i.pbadslot=%2F21622890900%2C56509919%2FMY_thesundaily.my_res_article_mid1_sticky_300x250%2F%2F336x280%2F%2F468x60%3Bats-overlay_bottom-2%3Bats-insert_ads-3%3Bats-insert_ads-4%3Bats-insert_ads-9%3Bats-insert_ads-10%3Bats-insert_ads-11%3Bats-insert_ads-16%3Bats-insert_ads-22%3Bats-slider-25&tk_flint=pbjs_lite_v7.54.4&x_source.tid=8c6a8c3b-79d7-4648-97c7-30dbf28645fe%3Bde929b9c-f581-4fb6-836e-fe080a3e432a%3B88f40641-8c43-4915-86c8-a4e82777230c%3B2a42eddd-0f34-477b-a2c7-7d95ec037fd1%3B9a75f0bf-fbb6-4703-85db-154680bdd63f%3B3ba008a7-f3b4-4ea6-9f9b-d89fe4514a55%3Bc3ededbc-ad61-473f-adb8-e82dc2e8d4dc%3B35ecd525-97b2-4704-bf00-eda595309f0c%3B7a8f751c-0a24-4ac0-a532-53ad6fb951bf%3B9dfcdb3f-25f4-40f9-a486-718daf895cf3&l_pb_bid_id=424924dd788d316%3B438b841ceb3eb8a%3B442ce0dfdc80fe7%3B4572a64bab85b64%3B4652cd441917fea%3B47e7a1b78f95503%3B48c02d8eea824fe%3B491645f06393b5e%3B509ccc3895485a5%3B5182231811552b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=8c6a8c3b-79d7-4648-97c7-30dbf28645fe%3Bde929b9c-f581-4fb6-836e-fe080a3e432a%3B88f40641-8c43-4915-86c8-a4e82777230c%3B2a42eddd-0f34-477b-a2c7-7d95ec037fd1%3B9a75f0bf-fbb6-4703-85db-154680bdd63f%3B3ba008a7-f3b4-4ea6-9f9b-d89fe4514a55%3Bc3ededbc-ad61-473f-adb8-e82dc2e8d4dc%3B35ecd525-97b2-4704-bf00-eda595309f0c%3B7a8f751c-0a24-4ac0-a532-53ad6fb951bf%3B9dfcdb3f-25f4-40f9-a486-718daf895cf3&rp_maxbids=1&p_gpid=%2F21622890900%2C56509919%2FMY_thesundaily.my_res_article_mid1_sticky_300x250%2F%2F336x280%2F%2F468x60%3B%2F21622890900%2C56509919%2FMY_thesundaily.my_pc_allsite_anchor_bottom_728x90%3B%2F21622890900%2C56509919%2FMY_thesundaily.my_res_article_mid2_sticky_300x250%2F%2F336x280%2F%2F468x60%3B%2F21622890900%2C56509919%2FMY_thesundaily.my_res_article_mid3_sticky_300x250%2F%2F336x280%2F%2F468x60%3B%2F21622890900%2C56509919%2FMY_thesundaily.my_res_article_billboard_970x250%2F%2F970x90%2F%2F728x250%2F%2F728x90%2F%2F300x250%2F%2F336x280%3B%2F21622890900%2C56509919%2FMY_thesundaily.my_pc_article_right_sticky_300x600%2F%2F160x600%2F%2F120x600%2F%2F300x250%2F%2F336x280%3B%2F21622890900%2C56509919%2FMY_thesundaily.my_res_article_below_300x250%2F%2F336x280%2F%2F468x60%3B%2F21622890900%2C56509919%2FMY_thesundaily.my_res_article_mid4_970x250%2F%2F970x90%2F%2F728x250%2F%2F728x90%2F%2F300x250%2F%2F336x280%3B%2F21622890900%2C56509919%2FMY_thesundaily.my_res_allsite_leaderboard_728x90%2F%2F300x250%2F%2F336x280%3B%2F21622890900%2C56509919%2FMY_thesundaily.my_res_article_1x1&slots=10&rand=0.949243074934397
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c10826263509cfec1ad0e4ac3114f07e567248a79054f34c1eba79ec26f01158

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/
0
109 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thesun.my
date
Wed, 17 Jan 2024 16:09:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/
0
156 B
XHR
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://thesun.my
pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/
0
157 B
XHR
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://thesun.my
pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
331 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thesun.my
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
prebid.ad.smaato.net/oapi/
0
395 B
XHR
General
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
99.80.55.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-55-123.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace
https://tracing.smaato.net/api/traces/3e7a42cd793d312f2f391b9277827664?prettyPrint=true
access-control-allow-origin
https://thesun.my
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
7000c552-54d5-f1af-fd77-f60833983aff
prebid
prebid.ad.smaato.net/oapi/
0
394 B
XHR
General
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
99.80.55.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-55-123.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace
https://tracing.smaato.net/api/traces/0586f0e4b08821a5c6a7a55863980ca1?prettyPrint=true
access-control-allow-origin
https://thesun.my
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
5d7ee814-f8a5-af3c-0cfb-f8fbc02cac34
prebid
prebid.ad.smaato.net/oapi/
0
395 B
XHR
General
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
99.80.55.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-55-123.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace
https://tracing.smaato.net/api/traces/86133d70086712d14be2751443c944cc?prettyPrint=true
access-control-allow-origin
https://thesun.my
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
2d1ad3fc-ae63-6b8e-5cd9-c88fb72ac92c
prebid
prebid.ad.smaato.net/oapi/
0
394 B
XHR
General
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
99.80.55.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-55-123.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace
https://tracing.smaato.net/api/traces/5c81b296a20a05b10dfee1d49f2e2bb3?prettyPrint=true
access-control-allow-origin
https://thesun.my
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
f9bb7848-7986-bc3d-1a62-0662dae2f01e
prebid
prebid.ad.smaato.net/oapi/
0
395 B
XHR
General
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
99.80.55.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-55-123.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace
https://tracing.smaato.net/api/traces/99d47da581f437dbc7c92f01ac6272e1?prettyPrint=true
access-control-allow-origin
https://thesun.my
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
e40524ba-4856-e15d-e326-c789a3539f3c
prebid
prebid.ad.smaato.net/oapi/
0
394 B
XHR
General
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
99.80.55.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-55-123.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace
https://tracing.smaato.net/api/traces/1ab90db6d7ca75b5be173c216dd4f2e1?prettyPrint=true
access-control-allow-origin
https://thesun.my
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
7cc4fa47-1387-b73d-72bd-80f080fb583d
prebid
prebid.ad.smaato.net/oapi/
0
395 B
XHR
General
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
99.80.55.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-55-123.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace
https://tracing.smaato.net/api/traces/75883676240c1499ff73a62a95078379?prettyPrint=true
access-control-allow-origin
https://thesun.my
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
330e15b0-dcd1-f3b1-ce57-b193db99a9b1
prebid
prebid.ad.smaato.net/oapi/
0
394 B
XHR
General
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
99.80.55.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-55-123.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace
https://tracing.smaato.net/api/traces/6b2692d5dbb43c16ac9c3429c1ba24b6?prettyPrint=true
access-control-allow-origin
https://thesun.my
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
e15c551d-1753-bcea-226f-531cced91a8e
prebid
prebid.ad.smaato.net/oapi/
0
395 B
XHR
General
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
99.80.55.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-55-123.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace
https://tracing.smaato.net/api/traces/29d1ff5d5fe8c178c20ef9649db7c47b?prettyPrint=true
access-control-allow-origin
https://thesun.my
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
d3856a01-430e-a353-2244-6c953c30386f
prebid
prebid.ad.smaato.net/oapi/
0
394 B
XHR
General
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
99.80.55.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-55-123.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace
https://tracing.smaato.net/api/traces/69ab297337428c9144007ff715ecbeac?prettyPrint=true
access-control-allow-origin
https://thesun.my
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
8e8feded-3d30-bed5-ba7d-8de64f341279
4294969
bs.yandex.ru/prebid/
27 B
223 B
XHR
General
Full URL
https://bs.yandex.ru/prebid/4294969?imp-id=1&target-ref=thesun.my&ssp-id=10500
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 16:09:06 GMT
x-yandex-req-id
1705507746090509-1728047596238107541700367-production-app-host-vla-pcode-139
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://thesun.my
content-type
text/html; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Wed, 17 Jan 2024 16:09:06 GMT
4294969
bs.yandex.ru/prebid/
27 B
223 B
XHR
General
Full URL
https://bs.yandex.ru/prebid/4294969?imp-id=3&target-ref=thesun.my&ssp-id=10500
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 16:09:06 GMT
x-yandex-req-id
1705507746088695-1841757479898941190900323-production-app-host-sas-pcode-394
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://thesun.my
content-type
text/html; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Wed, 17 Jan 2024 16:09:06 GMT
4294969
bs.yandex.ru/prebid/
27 B
222 B
XHR
General
Full URL
https://bs.yandex.ru/prebid/4294969?imp-id=4&target-ref=thesun.my&ssp-id=10500
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 16:09:06 GMT
x-yandex-req-id
1705507746088911-1773867252420168300600272-production-app-host-sas-pcode-105
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://thesun.my
content-type
text/html; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Wed, 17 Jan 2024 16:09:06 GMT
4294969
bs.yandex.ru/prebid/
27 B
222 B
XHR
General
Full URL
https://bs.yandex.ru/prebid/4294969?imp-id=5&target-ref=thesun.my&ssp-id=10500
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 16:09:06 GMT
x-yandex-req-id
1705507746088845-1807644043730280620600272-production-app-host-sas-pcode-105
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://thesun.my
content-type
text/html; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Wed, 17 Jan 2024 16:09:06 GMT
4294969
bs.yandex.ru/prebid/
27 B
223 B
XHR
General
Full URL
https://bs.yandex.ru/prebid/4294969?imp-id=9&target-ref=thesun.my&ssp-id=10500
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 16:09:06 GMT
x-yandex-req-id
1705507746088929-1717063553704160340100236-production-app-host-sas-pcode-334
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://thesun.my
content-type
text/html; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Wed, 17 Jan 2024 16:09:06 GMT
4294969
bs.yandex.ru/prebid/
27 B
222 B
XHR
General
Full URL
https://bs.yandex.ru/prebid/4294969?imp-id=10&target-ref=thesun.my&ssp-id=10500
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 16:09:06 GMT
x-yandex-req-id
1705507746087996-418770437391934217700233-production-app-host-sas-pcode-89
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://thesun.my
content-type
text/html; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Wed, 17 Jan 2024 16:09:06 GMT
4294969
bs.yandex.ru/prebid/
27 B
221 B
XHR
General
Full URL
https://bs.yandex.ru/prebid/4294969?imp-id=11&target-ref=thesun.my&ssp-id=10500
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 16:09:06 GMT
x-yandex-req-id
1705507746089017-990915252822709471500233-production-app-host-sas-pcode-16
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://thesun.my
content-type
text/html; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Wed, 17 Jan 2024 16:09:06 GMT
4294969
bs.yandex.ru/prebid/
27 B
223 B
XHR
General
Full URL
https://bs.yandex.ru/prebid/4294969?imp-id=12&target-ref=thesun.my&ssp-id=10500
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 16:09:06 GMT
x-yandex-req-id
1705507746088754-338823452764320418800376-production-app-host-vla-pcode-237
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://thesun.my
content-type
text/html; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Wed, 17 Jan 2024 16:09:06 GMT
4294969
bs.yandex.ru/prebid/
27 B
478 B
XHR
General
Full URL
https://bs.yandex.ru/prebid/4294969?imp-id=13&target-ref=thesun.my&ssp-id=10500
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 16:09:06 GMT
x-yandex-req-id
1705507746086599-6727564504386264400372-production-app-host-vla-pcode-72
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://thesun.my
content-type
text/html; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Wed, 17 Jan 2024 16:09:06 GMT
4294969
bs.yandex.ru/prebid/
27 B
221 B
XHR
General
Full URL
https://bs.yandex.ru/prebid/4294969?imp-id=14&target-ref=thesun.my&ssp-id=10500
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 16:09:06 GMT
x-yandex-req-id
1705507746087702-792466916864523733400367-production-app-host-vla-pcode-349
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://thesun.my
content-type
text/html; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Wed, 17 Jan 2024 16:09:06 GMT
bid-request
a.teads.tv/hb/
16 B
377 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.125.39 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-125-39.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:05 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://thesun.my
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 17 Jan 2024 16:09:05 GMT
prebidjs
rtb.openx.net/openrtbb/
53 B
245 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
bd341f27e904052486412b96e0ca71a49501b74f82fde318cb3d8f197e78520e

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Jan 2024 16:09:05 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://thesun.my
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
pbjs
htlb.casalemedia.com/openrtb/
38 B
548 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=619383
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbb2a99989831a55296a560c113b27a02a540112aa8f91b34d0ef85715fc405e

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhrOckyjl3xFW8CdSmZSgMPdy%2FtgEIQ5qEyKqizB8JXxv4DzKpAUR9mbUOTf4mAPk%2FLVLY9wNFyP9X%2FyKuJLoqZBR2DBipIR9VL8KRmABg0ahs%2FoRsXmwDz%2Fd24jdPryeJlqadNS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://thesun.my
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
846fdc549f5e4d56-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
auction
tlx.3lift.com/header/
19 B
633 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.4&referrer=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&tmax=2000
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.185.180.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-180-173.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
accept-ch
sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
x-auction-status
12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1FD3
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401100101&jk=2786640189912667&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame FE11
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 11:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
15113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 11:57:12 GMT
db25e772-a50a-4abc-826c-f029cd5364e4
config.aps.amazon-adsystem.com/configs/
564 B
830 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/db25e772-a50a-4abc-826c-f029cd5364e4
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
772d2eeb93eff2e2a6fa3f926d81851b15e08c3a05b8d616de381e5a8bdbf476

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:17:00 GMT
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
3126
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
QDes4obBDXJ-NAhrhvQnk7-4mazt7QIQOePvpbOgNF-V3yxkek54kA==
config
c.amazon-adsystem.com/cdn/prod/
0
306 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthesun.my&pubid=db25e772-a50a-4abc-826c-f029cd5364e4
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 13:13:31 GMT
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
10534
x-cache
Hit from cloudfront
access-control-allow-origin
https://thesun.my
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
6C7ifmTuaR8yqCDcYYl2lJ73y0bggKmArBBvVuLfiiGsMNauOWKH4g==
bid
aax.amazon-adsystem.com/e/dtb/
23 B
459 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&pid=X5X0sAAsjVF6D&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ats-insert_ads-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22468x60%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F21622890900%2C56509919%2FMY_thesundaily.my_res_article_mid1_sticky_300x250%2F%2F336x280%2F%2F468x60%22%7D%2C%7B%22sd%22%3A%22ats-overlay_bottom-2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21622890900%2C56509919%2FMY_thesundaily.my_pc_allsite_anchor_bottom_728x90%22%7D%2C%7B%22sd%22%3A%22ats-insert_ads-9%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21622890900%2C56509919%2FMY_thesundaily.my_res_article_billboard_970x250%2F%2F970x90%2F%2F728x250%2F%2F728x90%2F%2F300x250%2F%2F336x280%22%7D%2C%7B%22sd%22%3A%22ats-insert_ads-10%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21622890900%2C56509919%2FMY_thesundaily.my_pc_article_right_sticky_300x600%2F%2F160x600%2F%2F120x600%2F%2F300x250%2F%2F336x280%22%7D%2C%7B%22sd%22%3A%22ats-insert_ads-11%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F21622890900%2C56509919%2FMY_thesundaily.my_res_article_below_300x250%2F%2F336x280%2F%2F468x60%22%7D%2C%7B%22sd%22%3A%22ats-insert_ads-16%22%2C%22s%22%3A%5B%22728x90%22%2C%22728x250%22%5D%2C%22sn%22%3A%22%2F21622890900%2C56509919%2FMY_thesundaily.my_res_article_mid4_970x250%2F%2F970x90%2F%2F728x250%2F%2F728x90%2F%2F300x250%2F%2F336x280%22%7D%2C%7B%22sd%22%3A%22ats-insert_ads-22%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21622890900%2C56509919%2FMY_thesundaily.my_res_allsite_leaderboard_728x90%2F%2F300x250%2F%2F336x280%22%7D%2C%7B%22sd%22%3A%22ats-slider-25%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F21622890900%2C56509919%2FMY_thesundaily.my_res_article_1x1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!anymanager.io%2C4542%2C1%2C%2C%2C&pubid=db25e772-a50a-4abc-826c-f029cd5364e4&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
43Z4H1EE84F882K9V7D2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://thesun.my
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
O40VbwuM7C14XOubINytvMJnNQKLuYjedEcvOfHIjrKcdIAvjwo9fQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
date
Wed, 17 Jan 2024 08:10:18 GMT
x-amz-cf-pop
FRA56-P6
age
28728
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
cKfgyaTb3NUW59xHOTxXmfX6Sy1bvLQmW9IdyKaY4h3kwf-gFi8bmw==
cds-pips.js
cdn.taboola.com/scripts/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240116-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 Jan 2024 16:09:05 GMT
x-amz-request-id
9T8G4R1J257WC6ZV
age
3451
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by
cache-fra-etou8220103-FRA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1705507746.913556,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
40
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
20796
wigo-no-slot
sync.teads.tv/ Frame EA82
325 B
477 B
Document
General
Full URL
https://sync.teads.tv/wigo-no-slot
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
325
content-type
text/html; charset=UTF-8
date
Wed, 17 Jan 2024 16:09:06 GMT
expires
Wed, 17 Jan 2024 16:09:06 GMT
pragma
no-cache
server
pekko-http/1.0.0
track
t.teads.tv/
23 B
104 B
Image
General
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=855d8b69-685d-4ae8-a4f7-cf1fc09a4d22&pageId=161228&pid=175886&debug_metadata=OyicqgNMPE&fv=1315&ts=1705507746009&f=1&referer=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/
23 B
134 B
Image
General
Full URL
https://t.teads.tv/track?action=noSlot-selector&env=js-web&auctid=855d8b69-685d-4ae8-a4f7-cf1fc09a4d22&pageId=161228&pid=175886&fv=1315&ts=1705507746015&f=1&referer=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Wed, 17 Jan 2024 16:09:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
get_counts
count-server.sharethis.com/v2.0/
192 B
559 B
Script
General
Full URL
https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-92.fra56.r.cloudfront.net
Software
/
Resource Hash
36b3ef184d4bf4b8528f6be1e38afbe0d4de311b4852d1bdb2b4d3ffe6e6329e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C1
etag
d412ce4faff902e72b31286438647562
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
content-length
192
apigw-requestid
RsRBYgmCIAMEPqA=
x-amz-cf-id
NtzsNzrhFiEXJRekV1V9kRdpRyDjEQGpBkPR9tmNQ_OkDtjuS45ZIA==
facebook.svg
platform-cdn.sharethis.com/img/
301 B
743 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 09:00:29 GMT
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
1175198
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
301
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"c6e9be45643e197ce1db1d7e24a99adc"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
bck7ioId7OhF-TCnF3YUjrwOs0OaN9MFS3w4NbBAFlrYKskrUtuWzg==
twitter.svg
platform-cdn.sharethis.com/img/
368 B
777 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:08:37 GMT
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 15 Sep 2023 16:58:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
30
x-amz-server-side-encryption
AES256
etag
"2deb3d5121d475d195577a70b0a91a0c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
368
x-amz-cf-id
-qcEli9EvDVSI2lcJJrpphkbifAEK1bKX8aii2qsVZeZzo7GSLQ-Hg==
whatsapp.svg
platform-cdn.sharethis.com/img/
832 B
1 KB
Image
General
Full URL
https://platform-cdn.sharethis.com/img/whatsapp.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:49:44 GMT
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
1088352
x-amz-server-side-encryption
AES256
etag
"afe7fc60ed757db39a88d2950fce69c9"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
832
x-amz-cf-id
0bbSt0ar1aBwUqUnXpqTZ_V1_CQjhkojknLXkLBJ_eDtTnv2d8ekYw==
telegram.svg
platform-cdn.sharethis.com/img/
858 B
1 KB
Image
General
Full URL
https://platform-cdn.sharethis.com/img/telegram.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:08:06 GMT
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 12 Aug 2022 01:07:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
61
x-amz-server-side-encryption
AES256
etag
"e3f5e90fa57764cd951db1b1bc688edd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
858
x-amz-cf-id
hcTnADyl1WKy77avtZ5Q09514a17XHCQqf6UZCx-PtmcM6OIZMfmow==
email.svg
platform-cdn.sharethis.com/img/
343 B
766 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/email.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:14:41 GMT
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
1151666
etag
"5977437466e857c7ddcadda6f6d88c2a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
343
x-amz-cf-id
Ttl63G1eDtAHepRiNErAsM4cl6kr7s-AIg4Ncvf44VcmJB_xxrnWAg==
print.svg
platform-cdn.sharethis.com/img/
384 B
826 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/print.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30e817756a474c7f893057d069f7ed56e1fd4617d70fcf40ac5d58fae5890ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:16:35 GMT
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
1795952
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
384
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
etag
"f13e866e7f19263a292ab3997e01fb17"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
JtWOzuhysgdWtQ8MpKbUZR1gzBBZbBuQmDUQGz2_t7RyS4dK9nittw==
destination
www.googletagmanager.com/gtag/
213 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-J8TZJ65FPH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-23981916-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db28c5376dd22170839ec007b395a68bcfb753c05b4869a5cd3f5340e5a4bfd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77778
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Jan 2024 16:09:06 GMT
id
c.ltmsphrcl.net/
43 B
313 B
XHR
General
Full URL
https://c.ltmsphrcl.net/id?gdpr_applied=false&us_privacy=false
Requested by
Host: tag.adbro.me
URL: https://tag.adbro.me/tags/ptag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.23.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-23-84.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://thesun.my
cache-control
no-cache
x-server
10.45.0.214
access-control-allow-credentials
true
content-length
43
expires
0
/
pips.taboola.com/
4 B
118 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220078-FRA
date
Wed, 17 Jan 2024 16:09:06 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://thesun.my
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-J8TZJ65FPH&gtm=45je41a0v9101663957&_p=1705507741698&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=1369426925.1705507742&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=%2F9530240550818715873&sid=1705507746&sct=1&seg=0&dt=Gnanaraja%E2%80%99s%20RM19m%20cheating%20case%20classified%20as%20NFA%3A%20DPP&en=page_view&_fv=1&_ss=1&_ee=1&ep.ip=KgEEoAArAAAAAAAAAAAAEg%3D%3D&tfd=5298
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-J8TZJ65FPH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
45 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J8TZJ65FPH&cid=1369426925.1705507742&gtm=45je41a0v9101663957&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-J8TZJ65FPH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J8TZJ65FPH&cid=1369426925.1705507742&gtm=45je41a0v9101663957&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=517169954
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cds.taboola.com/
0
82 B
XHR
General
Full URL
https://cds.taboola.com/?uid=3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 17 Jan 2024 16:09:06 GMT
cache-control
no-store
server
nginx
sync
x.bidswitch.net/
Redirect Chain
  • https://apis.adbro.me/api/v2/advertising/cookie_sync?uid=5b62732a-91b5-4dfd-b112-6dce1eb6058d&r=eazg6f
  • https://x.bidswitch.net/sync?ssp=adbro&user_id=5b62732a-91b5-4dfd-b112-6dce1eb6058d
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=adbro&user_id=5b62732a-91b5-4dfd-b112-6dce1eb6058d
Protocol
H2
Server
35.157.107.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-107-95.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

x-adbro-uid
5b62732a-91b5-4dfd-b112-6dce1eb6058d
date
Wed, 17 Jan 2024 16:09:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://x.bidswitch.net/sync?ssp=adbro&user_id=5b62732a-91b5-4dfd-b112-6dce1eb6058d
access-control-allow-origin
*
access-control-expose-headers
X-ADBRO-uid,X-ADBRO-assessor,X-ADBRO-preview
cf-ray
846fdc5598d82c29-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
generate_204
tpc.googlesyndication.com/ Frame FE11
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?eUeSsQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/
97 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: propsid.b-cdn.net
URL: https://propsid.b-cdn.net/gpt/thesundaily.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2cd01af6344eeeed32024af6f1396ecdee368faff5d4169f6969ff87c653004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29740
x-xss-protection
0
server
cafe
etag
67 / 19739 / m202401100101 / config-hash: 17283158720879652238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 16:09:06 GMT
smart.js
ced.sascdn.com/tag/2060/
106 KB
36 KB
Script
General
Full URL
https://ced.sascdn.com/tag/2060/smart.js
Requested by
Host: thesun.my
URL: https://thesun.my/home_news/gnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-18.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4edbec098597b69fe06e29284df24227c12c5a87048fe44ef6243017931f6acb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Connection
keep-alive
Content-Length
36679
Expires
Wed, 17 Jan 2024 18:09:06 GMT
ac
adnetwork.adasiaholdings.com/
13 B
356 B
Script
General
Full URL
https://adnetwork.adasiaholdings.com/ac?nwid=2060&siteid=399436&pgid=1361204&fmtid=44269&async=1&visit=m&tmstp=6611444230&tgt=consent%3Drejected%3B&tag=sas_44269&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&cmpvalid=1&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/2060/smart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220038-FRA
pragma
no-cache
date
Wed, 17 Jan 2024 16:09:07 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-timer
S1705507747.264829,VS0,VE66
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript; charset=UTF-8
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
accept-ranges
bytes
content-length
33
x-cache-hits
0
ac
adnetwork.adasiaholdings.com/
13 B
94 B
Script
General
Full URL
https://adnetwork.adasiaholdings.com/ac?nwid=2060&siteid=399436&pgid=1415235&fmtid=65749&async=1&visit=s&tmstp=6611444230&tgt=consent%3Drejected%3B&tag=sas_65749&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&cmpvalid=1&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/2060/smart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220038-FRA
pragma
no-cache
date
Wed, 17 Jan 2024 16:09:07 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-timer
S1705507747.264845,VS0,VE69
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript; charset=UTF-8
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
accept-ranges
bytes
content-length
33
x-cache-hits
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401100101&jk=2786640189912667&bg=!RUalRgnNAAa8BdJLnAU7ADQBe5WfOIxSFiG92aIOgX8WHQM5F9QdnApJ2-29gG8aQhFACJfNtCe97LCQx9yCjwrfA8yfAgAAAKVSAAAAAmgBBwoAAeKZAquV8sl-WAql1n1raVH-hRyJX4R8Kdww9QIxBnb89-w5Emr-tErsXuroPdL2FxdyiWyB36xpN-XGTVDEES-MiPCZoNd0lqlREUf1voYZKVHm4j-t1Oldzdn8KKM8VZDozpnqLBbuzlaCkQvIhIffH8NXAoaLqOwOBIqi1jETmoJXrfxWKU0g2_1sigy7w1gJOP37_vuOANupQ62WYZxWNp3LgQv2qnIiHD7BG6m3bg4jz_Vf7jxkPOOvRCqbSICxR6Ikd6fZCeUGSauBssyr_LHtn8bT42rPKsWOabiHB_ZuHug3WoaUKWrCQKcQQyytSFFmcym0uejU-ROsv2O7lktwMNcc8b061MjwcNXry5c3xr-c32_7CCjch9cbxfH4UCXDBYrqWo6uy3PJQAoVMPj60PdYtkUZqbadFvnXR6T37UchuMz7eDIm9yTK7Rii7WDsHaqAlspSYcbXz8ju4bhwS4cSFQXrENWcS0an-i_Gpb1_rHoPMzj6fOe7zjMM36rYTKTnz7KWva5_ndoyFJGFiVFN1miFav3vQdTJIigA8H-H2eGduC2JKWLs9jbTFN-kZsnf20qvRNESPZHWuZKHLiOmf2uQ7H3zeghWHDudOxnzpgYfdAx4VtoPJyYRZUDwgtz6fTiiBEVUsCPgnjQyT_bUuk3ZvCcSqn_1oUdnYFYI_RgIbKXj2bGAr25wwpDNlZkZYqhHtRl8e5bILLyWv7B8Y16Y_cTDdS38ZC08CrFOAHKwNl7QyoWdJgPhdDYitXJlOyR1EAdsdm8zXqmOJxnVb6L80R_jNsZsucyhHTYca1gNmBJwaT0PnQ2PjTxb5OMxz28d8Ft3XyBp2FtXBrPYONx96JaDmbQO3zjAP-KGr6YBu7Ny1eisB1aYzR9N7yHdlzgCixjvsw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

publishertag.prebid.js
static.criteo.net/js/ld/
94 KB
30 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
85f0ea3b2226011e7bb03d720b74b7a84c7d9a316fdd86fdae14f8412f300c36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 10 Jan 2024 15:13:35 GMT
server
nginx
etag
W/"659eb41f-17825"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 16:09:07 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160902/8463/
369 KB
111 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160902/8463/pwt.js
Requested by
Host: propsid.b-cdn.net
URL: https://propsid.b-cdn.net/gpt/thesundaily.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4eba0d268a328eb6a11b8b564820792344363d46ec02f74ee7d738c80d644621

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:07 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 04:14:44 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=112561
accept-ranges
bytes
content-length
112756
expires
Thu, 18 Jan 2024 23:25:08 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
97 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: propsid.b-cdn.net
URL: https://propsid.b-cdn.net/gpt/thesundaily.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a95b020c0b7a75f9b7e3fe41cb315bf65559593b2cc485decf986edbe39f7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29741
x-xss-protection
0
server
cafe
etag
571 / 19739 / m202401100101 / config-hash: 17283158720879652238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 16:09:07 GMT
gtm.js
www.googletagmanager.com/
205 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WP9SX2H
Requested by
Host: propsid.b-cdn.net
URL: https://propsid.b-cdn.net/gpt/thesundaily.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0b0691729750f6d160cebaf2dd98af7ba18d4fe2d260433b79161ee76fa2a25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74617
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 Jan 2024 16:09:07 GMT
blocklist.json
propsid.b-cdn.net/json/thesun.my/ Frame
0
0
Preflight
General
Full URL
https://propsid.b-cdn.net/json/thesun.my/blocklist.json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-SG1-868 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://thesun.my
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cache
HIT
cdn-pullzone
266288
cdn-requestcountrycode
DE
cdn-requestid
afc2b1c727a0cd17e1e3d69f1cc39ab8
cdn-uid
022eeb7f-01b5-4a33-8c9d-d5c55b7764e7
content-type
application/octet-stream
date
Wed, 17 Jan 2024 16:09:08 GMT
server
BunnyCDN-SG1-868
blocklist.json
propsid.b-cdn.net/json/thesun.my/
678 B
1 KB
XHR
General
Full URL
https://propsid.b-cdn.net/json/thesun.my/blocklist.json
Requested by
Host: propsid.b-cdn.net
URL: https://propsid.b-cdn.net/gpt/thesundaily.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-SG1-868 /
Resource Hash
f62504abbb867b0d53b4d90d746313621819f2c5d39ceab4695ac2b0ef8cf223

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json;charset=UTF-8

Response headers

date
Wed, 17 Jan 2024 16:09:08 GMT
content-encoding
gzip
cdn-edgestorageid
868
cdn-storageserver
SG-560
cdn-cachedat
01/17/2024 16:09:08
cdn-pullzone
266288
server
BunnyCDN-SG1-868
cdn-proxyver
1.04
cdn-requestpullcode
404
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
022eeb7f-01b5-4a33-8c9d-d5c55b7764e7
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
no-cache
cdn-requestid
f58548958811bfecaeb5d293b6471d16
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
404
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/
270 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2BZPHNQNTD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP9SX2H
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a6b8a6810bc6a0168091d508b0e907b920161fed432c55bbbb5129edb16b040
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92615
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Jan 2024 16:09:07 GMT
collect
www.google-analytics.com/j/
16 B
36 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1271963802&t=pageview&_s=1&dl=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&ul=en-us&de=UTF-8&dt=Gnanaraja%E2%80%99s%20RM19m%20cheating%20case%20classified%20as%20NFA%3A%20DPP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACgAIAC~&jid=874713078&gjid=1718342568&cid=1369426925.1705507742&tid=UA-237453437-1&_gid=1461412138.1705507742&_r=1&_slc=1&gtm=45He41a0n81WP9SX2Hv892080204&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&z=2065683383
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0e72117263558278201af6ada0a46b14d991419fb5cf480c17fc3152c5cf4a28
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP9SX2H
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 Jan 2024 15:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1258
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 17 Jan 2024 17:48:09 GMT
collect
stats.g.doubleclick.net/j/
4 B
25 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-237453437-1&cid=1369426925.1705507742&jid=874713078&gjid=1718342568&_gid=1461412138.1705507742&_u=aEDAAUABAAAAACgAIAC~&z=1773912039
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 17 Jan 2024 16:09:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
230 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WHWXDD9CJW&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3855c09c3a15ec91465519abe9429e75562b6b2f1ae058809b86ff6084b6d651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83282
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Jan 2024 16:09:07 GMT
collect
region1.analytics.google.com/g/
0
17 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-2BZPHNQNTD&gtm=45je41a0v892084171z8892080204&_p=1705507741698&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=1369426925.1705507742&ecid=1553088393&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705507747&sct=1&seg=0&dl=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&dt=Gnanaraja%E2%80%99s%20RM19m%20cheating%20case%20classified%20as%20NFA%3A%20DPP&en=page_view&_fv=1&_ss=1&ep.content_group=Other%20Group&tfd=7121
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BZPHNQNTD&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
17 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2BZPHNQNTD&cid=1369426925.1705507742&gtm=45je41a0v892084171z8892080204&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BZPHNQNTD&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
17 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-2BZPHNQNTD&gtm=45je41a0v892084171&_p=1705507741698&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=1369426925.1705507742&ecid=1553088393&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1705507747&sct=1&seg=0&dl=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&dt=Gnanaraja%E2%80%99s%20RM19m%20cheating%20case%20classified%20as%20NFA%3A%20DPP&_s=2&tfd=7143
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BZPHNQNTD&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2BZPHNQNTD&cid=1369426925.1705507742&gtm=45je41a0v892084171z8892080204&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1067832529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-237453437-1&cid=1369426925.1705507742&jid=874713078&_u=aEDAAUABAAAAACgAIAC~&z=718693202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-237453437-1&cid=1369426925.1705507742&jid=874713078&_u=aEDAAUABAAAAACgAIAC~&z=718693202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
17 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-WHWXDD9CJW&gtm=45je41a0v9129628752&_p=1705507741698&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&tcfd=10001&ul=en-us&sr=1600x1200&cid=1369426925.1705507742&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&dt=Gnanaraja%E2%80%99s%20RM19m%20cheating%20case%20classified%20as%20NFA%3A%20DPP&sid=1705507748&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=7204
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WHWXDD9CJW&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
17 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WHWXDD9CJW&cid=1369426925.1705507742&gtm=45je41a0v9129628752&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WHWXDD9CJW&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WHWXDD9CJW&cid=1369426925.1705507742&gtm=45je41a0v9129628752&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=1258827435
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
17 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-SY4JJ4KEW8&gtm=45je41a0v888596538&_p=1705507741698&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1369426925.1705507742&ecid=1449357186&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1705507741&sct=1&seg=0&dl=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&dt=Gnanaraja%E2%80%99s%20RM19m%20cheating%20case%20classified%20as%20NFA%3A%20DPP&_s=2&tfd=7228
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SY4JJ4KEW8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/
2 KB
795 B
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=420&height=236&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1705507749898&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1589&pt=1164200938&tz=60&viewable=true&ddast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2995655&dpubid=168237&abtst=adxsub-out_vA!adxsub-out_vB!eidc_vB!esv_vA!pl152588-649_vB!t120!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fthesun.my&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5c75d583340c5c278c46b26f25874f7d767affba762bf08fdf18ba785011b6dc

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Wed, 17 Jan 2024 16:09:09 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1479
x-cache
MISS
x-served-by
cache-fra-etou8220103-FRA
pragma
no-cache
server
nginx
x-timer
S1705507750.904143,VS0,VE59
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://thesun.my
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
pview
l.sharethis.com/
0
396 B
XHR
General
Full URL
https://l.sharethis.com/pview?event=pview&hostname=thesun.my&location=%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&product=inline-share-buttons&url=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&source=sharethis.js&fcmp=false&fcmpv2=true&has_segmentio=false&title=Gnanaraja%E2%80%99s%20RM19m%20cheating%20case%20classified%20as%20NFA%3A%20DPP&cms=unknown&publisher=659fecbadce46a00126a99b9&sop=true&version=st_sop.js&lang=en&description=KUALA%20LUMPUR%3A%20The%20Sessions%20Court%20here%20today%20was%20told%20that%20the%20investigation%20paper%20(IP)%20of%20a%20RM19%20million%20cheating%20case%20against%20a%20businessman%2C%20Datuk%20Se...&ua=&ua_mobile=false&ua_full_version_list=&uuid=3974fa40-eb78-49aa-8444-6e5d9b375e2d
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.101.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://thesun.my
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
all
csm.eu.criteo.net/ Frame 6DB3
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=mSh3Pq-nrMDNcxUUZnlIqQGoMNPP2h0qHCQHg002QDLDHaI-iuCm2stLq0yooPJDwUBz2zDJMCQzaP7ux_0qAFFY_c8-HSedZtkeqhua1bbVgjcnI8YvNxCab3CTvIb_MR-IleHHg12a940NnXRfdrADLuJ0SwMOhqWCi8okEYmKUEpNlKp1DeLLwXtz5wdmnM9X7xXQWyzNcAXfbYc-ayez2d5n8o13Iy5iEfjrK1WpCqCvKeQtpTxb6OEeGCWU8dUM-A&sds=2&rev=90178&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs4Hg6d6AAVrzDj7O3ZwOdeWBfZNQA&u=%7CEzVrkB%2FwlVazBnoJWPIEkmyUlAkPEFgDCu6Hve9TBv8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZUj23gMW68cEzRZjxX3avG5aa7FJU_bspXKmxF6gNz9f-JLH4qNII0rlOsKLmPZCOsfj_kAiwPZz1SX_vbkiQnlWJnP1UuZApnwa8ePasUDBikhb9QHtPtpUAi3CWvI7Xo8D8nedW2sFwLR6oZq98HpCW8C6bz2fWhiudBYxQwGzR_XlacyMDpOVvTz7OyeJKaWisptU_Ti8SIW142neHj3WwhjgSXedOmgW_55ckKe4eB_G_clZaCSwgCeFsOPSlJdAErGgz9nArquhWB9que3E0bTDHgrEMW_zi9buoQwt_3fTh0-_5FcgOFvjwNbLh5vjhYto35zs9fuAEc4EyAqzJdrGzIwTJNBYQH0q8CNmTu-3ZwAWy0BkpnSe7xQeo318FA8-QAMvHXsyGAx1PoyGRsbmo5v59nq1aPz5tgD0zWYggDqPWJF1gWjLf9M2Wvte5o1ZIRpkk5ltjOxcy97By7C2SD527CrmdUqDmYs-bQIZCuR0cza6HYRQb_rIBGXR5AhL7DsXP4qwK-tT-st3rDiTQbM8jvFXcyiXOY_MUwcRDLASuskPUZnbbGpiJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaBJEnvunZc6tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgThAk_Q2MKEuMlFxGNIQ36w3y5b-JvjqJoYsEd1XKuPMiy8P15G0WOeQbrubkxNuPi6soiPjaOdj0_77-OK0L2-XuFD6oNXjFuSrp5l_Y3Q44SXKA_V7Cw7fQn9SA6i1w1ty3iMuJ0I1_JjnivkaELUj2mK2KJTcntyraCO6400GX4IFO1dEhx5TIiYfHpeuZ_ZsllqOeRGYP5fCZefbspLmmJBPksZIWY1JrGLoZUn6gn_wMKbNCkOXFLWR4b_EJbkjrmstLps5l33HbN5WIft8Gz0hUPmWESjvhbNW5EtSORu_VeXAu7ylAmHwFFA00lVvsdLD_blL9aECXaR_Qy_OVYFTExwLlmUmzC9lZ7vkidtlTLHohLzPYFY6JDcaMcXIQDBGnOSnZQtbxhHF7Di6XTmW7Cau6vpa42B6CnTZ5BVKSNWjy91FsK-Ko_sLkvoLNTSiZxvfaSf2Hq7bKAghYk94AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiGhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_1HLLolqtq85nHzW8b0DDms_HBROw%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 17 Jan 2024 16:09:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame 6D55
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=qFL9U6-nrMDNcxUU3AGRfJn3txI3DOQfe2S-x7lpUZyXcvUT2PIwjs6Hrp_ELiNq7rdvmSvrzvyVPSSZPtUn89kQB5qLek5SmxUzf7oOGMXeMo4KrPGkVOZSUGQ-bnsJWpiD8MHIGuxX9jXSo7Gd0Hq0jkTT2BdJXNpkuhgmSs6tIbYrfxfo3Oz3Vv5B8Zo-AoM3e9nukgIKcSMOznvKpc2kwOe9w5nm-LWsJQrwQM5uco0NTpa5_HIdSl42tBr3RxF_vA&sds=2&rev=90178&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaf7ngALFs8Hg6d6AAVrzMcj3DsC45EfEn9fhw&u=%7CEzVrkB%2FwlVZaHc923W5LTXCIMjyJpaL9jIp4lNrFmdg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRQchvJb-TI7ZUkQsSZIrkJ-zZugJsaT66zLekp9ywq6ZnQCNcuH0ywnkhrrxfROXd14Mda6ZoC1WHZj8Mp92BmCn5lbl5y3FMj5Ko8L7grS3Nt9wVY5_tmdy_Hu1Ya8JDULSuRooIOnQlFfbWnoD12GcFK9g_CtrJZ9K45ZoM-ZPVfBwcJWHdudjR0_t62dkSjO_cs9PKneswmNn9s6Ha1qWdwpTjvafgohwtL4YkqVx9QNX5-H53Iyj8Lqw7VjdEpr3SYbOc1VWw7wVAjq6r6HSM60agFz_Pj7dL9dq_XgK1foGQ5rh3NPTu1vhJ-DPbLzlNzSz4WhuZpVI9dUPt7p0VCGyCYEHXA0e_sTsakalQBYzHv_IhPY0bSoxJ1uBUxCjRBk4e2AWT-J5gyD-IWyRGuteDAtRn30mq2URu07w5vtJOYYEQfC40y-_qoFcsbXXaFbDcBxRkrHmDv-bSSY-KHOfstOMjH8jOEZRyV-YLD1BZ1o8ZzoTtpSl3psg_Op8Y6IpCSCrJQgjOqRDO82Ijak4jtRCtYOl4-gMFOLJuFr7sxsQFYxO-dt3A3DGNP-h9SnpBx9lA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaD--nvunZc-tLPrOjuwPzNeVuA7JntKxXNWdkfdwwI23ARABIABglfqOgqAHggEXY2EtcHViLTY0ODAwNTQ0ODA0Nzg4NDDIAQmpAgD4YmpmObI-4AIAqAMByAMCqgTeAk_QdfRfafWcqNwbkta4GtxIXTeOOPqdYj7ydh15jxHgyuf9Vl8s3QH52zbIyzF0WFPpJB_oOjMWfi8f_Yxi88k9zWRNv8ueL_TlAsoYMtaAgIOZm-kRlK2tlgCQPbCU00Fjekt6FtMTyshp19_y5MhrijD4ZFVphJLsyetul2qOrauDrOOr0wTF24yqYntyM-o9vj6jCKso5xUA02x8R6N6dl_Y_kqS7_kvIwmZBJ9XFdTKdzwCKX4hHQYsVtEQiqTHODIX0XiPUu-RLLTEJWi0UTNHnNw3NcqvCUfYrjNiYw6dySOg_bNRXRR0AR_nl-ZeAlzs2CyTMigX1XpySgLhiOffK4jxz3iBxpf6MW8gxE43URUGVgQMaHeR3eXuEge199cxcxBnM-sweFEPV2i8IeXPum_8__2e_W6b6maCrIV5BY8tnDILSXZMIbVA_KsvOYqLNybYlj-PisPo4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1seouefkgwP6CwIIAYAMAeINEwiHhqm55-SDAxV6p4MHHcxrBefQFQGAFwE%26num%3D1%26sig%3DAOD64_2murS3rCOqfAksJNRC5Qryffu8SQ%26client%3Dca-pub-6480054480478840%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 17 Jan 2024 16:09:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthesun.my%2F&domain=thesun.my&bundle=lg8GV182Zk9Ha0RWa1hsVkNXSXlFQ2NydGVrYkdma2g1RzhBWmklMkJxN2VZSDlmVDBEYkhpTFJuUG50RTUlMkZXMzFmR2JxbmNYZWROMSUyQk9IZHNMaGhOYmwyJTJGWk83eTRLQkZmWE9DUDUzSENIcTVkUnVXQXp3WEVSbTYyeW1yZ2NOJTJGWUVLQ2hYJTJGdnlyUmVhUW5ycUUzTTlLaXNxWFElM0QlM0Q&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://thesun.my
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 17 Jan 2024 16:09:11 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
255489
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/
2 B
368 B
XHR
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthesun.my%2F&domain=thesun.my&bundle=lg8GV182Zk9Ha0RWa1hsVkNXSXlFQ2NydGVrYkdma2g1RzhBWmklMkJxN2VZSDlmVDBEYkhpTFJuUG50RTUlMkZXMzFmR2JxbmNYZWROMSUyQk9IZHNMaGhOYmwyJTJGWk83eTRLQkZmWE9DUDUzSENIcTVkUnVXQXp3WEVSbTYyeW1yZ2NOJTJGWUVLQ2hYJTJGdnlyUmVhUW5ycUUzTTlLaXNxWFElM0QlM0Q&cw=1&pbt=1&lsw=1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:12 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
265238
expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1D61
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=161509
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 17 Jan 2024 16:09:12 GMT
expires
Fri, 19 Jan 2024 13:01:01 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 9AB7
22 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3VM41V&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
561a650ea8fb0e35cccbdd185618415b21f60c78cba87c38d75ce2855257e725
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
8067
content-type
text/html; charset=UTF-8
date
Wed, 17 Jan 2024 16:09:12 GMT
expires
Fri, 19 Jan 2024 16:09:12 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 37B1
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
38560
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 17 Jan 2024 16:09:12 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 05 Jan 2024 05:26:09 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1803, 278448
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220055-FRA
X-Timer
S1705507752.419021,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 2F45
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 Jan 2024 16:09:12 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 4EF5
37 B
140 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 17 Jan 2024 16:09:12 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame AD85
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
642
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
846fdc7c9f1a1917-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 17 Jan 2024 16:09:12 GMT
expires
Wed, 17 Jan 2024 20:09:12 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
adasia-d.openx.net/w/1.0/ Frame CE29
199 B
202 B
Document
General
Full URL
https://adasia-d.openx.net/w/1.0/pd
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4542/prebid_2024_1_17_4_54_47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Wed, 17 Jan 2024 16:09:12 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
9.gif
id5-sync.com/s/441/
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesun.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 17 Jan 2024 16:09:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
PugMaster
image6.pubmatic.com/AdServer/ Frame 1D61
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=42447242&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:09:11 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame 2F45
40 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bad8cdf07954efcbb02d017bf79c1ac5916059f68d6e6b46cf9d3fbcaae5c998

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 16:09:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Jan 2024 00:02:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28433
Connection
keep-alive
Content-Length
10964
Expires
Thu, 18 Jan 2024 00:03:05 GMT
bounce
ib.adnxs.com/ Frame 37B1
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
811 B
Script
General
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Protocol
H2
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:12 GMT
an-x-request-uuid
134b6106-f32f-472c-95e3-ab162db0142d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.36; 81.95.5.36; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:12 GMT
an-x-request-uuid
c0910b5f-bc86-4899-b9d3-9067a473002a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.36; 81.95.5.36; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 2F45
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
collect
region1.analytics.google.com/g/
0
17 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-2BZPHNQNTD&gtm=45je41a0v892084171z8892080204&_p=1705507741698&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=1369426925.1705507742&ecid=1553088393&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1705507747&sct=1&seg=0&dl=https%3A%2F%2Fthesun.my%2Fhome_news%2Fgnanaraja-s-rm19m-cheating-case-classified-as-nfa-dpp-GB10007463&dt=Gnanaraja%E2%80%99s%20RM19m%20cheating%20case%20classified%20as%20NFA%3A%20DPP&_s=3&tfd=12144
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BZPHNQNTD&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thesun.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/
2 KB
818 B
XHR
General
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=420&height=236&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1705507754898&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1589&pt=1164200938&tz=60&viewable=true&ddast=V8vdMCLAZk9v_nr78kqxDI7P_PX39JVikAAABgYED8AEmZRgvTaGNaqwyT5Vq0XFjcCtvM4hYtPK7FzGRbbZyTISAp02hhGm1Ma5VhslyLlguLW2GbWdyihce1mJlsq41zMgUfwjL7fQcF5fT0mF0GUdH1ttgdTrPnoGuafC7TG3Ch6XT4XPd60dHled3taudf6He7_HWX7_PX2R12h-Vhdbg1b8nbsVy7NUaXw_S0-9wah-fl1pgdns_T5nSZ3ArPW25zuEWGw1tHYQwGg91otpkDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4KJjTbnfZTZe_4R8AAAAAQAAAAACQABCIbCkB0FJ7fOL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GAK8YPuGPZDPTqSgsAgjAAAAAFFfBSRHJukEFYsq_____VYArgAABDRiuJwnZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBTpmYaIH9cKTW_gAAAa34BAQDYqBsAgDcCcIJOAKyOQuyGs8VuNNksZwcAAADgzv___78eEDIMNgvHwjcxrWyTjc02Wa4cztHI4Zo4h5vdbLM9MWPhLSVIxJh9PoRl9vsOCsrp6TG7DKKi622xO5xmz0HXNPlcpvuZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQzC4_FtRgN1qrhcLQWrVyDtcK4Wq01q4XF5Zg5lwuTby16fUwfh2O4WMy8SDAgbC-Sp0U6EW08u9HKMFtOfIuRZzEbrhbL3XAymhmGy4lttZiIJZqTRTqRXfYlw2CzcCx8E9PKNtnYbJPlyuEcjRyuiXO42c02-87CY3EtRoO1ajgcrUUr12CtMK5Wa81qYXE5Zs7lwuRbi14f08fhGC4WM39jN1itBrvdaLNv7Aar1WC3G232HTrDd_U5G51p8cFjU-6s45DS5jQoXAaL9ycxLabd2cF08h2dLu1IWdQZ_X6_3-_3-_1-v9-g9RzMBoXvNu4phi-f4zMOOQ1ig0ERSwQX6UR0dHled5PDaXZexBKl6SKd6IV-t8tfd_k-f53dYXdYHlaHW_OWvB3LtVtjdDlMT7vPrXF4Xm6N2eH5PG1Ol8mt8LzlNodbZDi8dRbHYDDYjWabiVgiOF2kE9HLeLqo_0gBF3Plaq6aa2arBAAAAAAAAABgCaaZbgIAAADgZBCz4WSzW6cDWS5Xs9VquQAgHLp0_RAKNaRZf3MXa-yxBTq6PK-7yeE0O89ss88IYq1WyxoAAIAANgAAgABuuvEm4LyK-____x8HAABARg49AAAA8X1AU6R64UeuFPwKYrQarvYPQIVYq9XqdmOtVitgAc0Wq8EE_v___xMEAAAAAADAyS8IAAAAAACA8wI!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2995655&dpubid=168237&abtst=adxsub-out_vA!adxsub-out_vB!eidc_vB!esv_vA!pl152588-649_vB!t120!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fthesun.my&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
50ff8c1abec5fe06e6a3fa3d536c3f6a264d87dea71c314377dbd6120c20873b

Request headers

Referer
https://thesun.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 16:09:14 GMT
content-encoding
gzip
server
nginx
machineid
1474
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://thesun.my
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
syncframe
gum.criteo.com/ Frame F4E7
2 KB
1 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=thesun.my&gdpr=1&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5c36563bdbe152010043cf4e53ba9644a3b0547455bbbe1f8a90a451caa4c67d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://thesun.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 16:09:17 GMT
server
Kestrel
server-processing-duration-in-ticks
272602
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.148.js
static.criteo.net/js/ld/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.criteo.net
URL
https://static.criteo.net/js/ld/publishertag.prebid.148.js

Verdicts & Comments Add Verdict or Comment

430 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 function| refreshPage function| closeWindow function| unloadIfExistsSWF function| unloadSWF function| placeSWF function| getTeaserId function| goVisible function| loadJS function| jQryIter object| ITR_ARTICLEVISITS function| getPollResults function| ie7HideMenu function| mouseOverAndLeaveToMenu function| thirdLevelMouseOverAndLeaveToMenu function| megaMenuMouseOverAndLeaveToMenu function| menuCloseButtonsToIpad function| prepareMenuJs function| $ function| jQuery object| html5 object| Modernizr object| lazySizesConfig object| lazySizes function| moment object| ITER object| _comscore object| googletag object| dataLayer object| _taboola function| gtag string| canonical object| options string| date function| _290597253_cleanKeywords function| _290597253_onClickSearch function| _290597253_onKeyEnterSearch function| _287889876_cleanKeywords function| _287889876_onClickSearch function| _287889876_onKeyEnterSearch number| innity_pub function| innity_adZone function| innity_postbidWrapper function| innity_append_iframe function| innity_write_iframe function| innity_write_feedback number| innity_zone object| _iampt object| e string| gInnity_auctionID object| gInnity_zone object| 17055077417751fbf6a912ad1a string| innity_pcu object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| _typeof object| TRC object| _tblConsole undefined| msg object| COMSCORE object| ns_p object| ggeac object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl boolean| google_measure_js_timing object| pbjs object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_148 object| Criteo object| Criteo_identitytag_148 object| _33across boolean| innity_top_bottom_serving string| innity_uuid string| innity_exclk object| _innity number| google_unique_id function| _4053490349_htmltabsReady function| _4053490349_getTabsInfo string| recentTabHTML function| iterNavTabs object| 17055077426844f48cf13a0719 object| __i3 object| adsbygoogle number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| innity_adZoneAsync function| doLogout function| LoginForm function| loginloadSWF function| logincreateIeObject function| showError function| showWarn function| showInfo string| urlService undefined| unregisterDialog function| showUnregisterDialog function| checkUnregisterButton function| unregisterUser function| enableSendButton function| onKeyDown function| sendReminder function| drawForm function| drawEmailMsg function| popUpImages function| showSearchBar function| anymind function| sharethisButtons function| facebookPixel function| headerDyn function| searchDinHeaderShow function| hamburDinHeaderShow function| addsToHeader function| headerCustomTags function| init object| el object| $jscomp function| $jscomp$lookupPolyfilledValue object| MAS object| _qap object| JSON_MAS object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| MASStatsMgr function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run number| taboola_view_id object| firebase object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NmZiZjdlOTRlOTdkODJmNWxvYWRlcl9qcw== string| NmZiZjdlOTRlOTdkODJmNWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady string| nam object| placementData object| cmTag object| _cm_wfCounters string| lastWfUrl object| webpackChunkadUnits function| Zepto object| Backbone function| startCMTagMain string| category function| OvaMediaPlayer function| fbq function| _fbq object| sas object| adloox_pubint object| anymindTS function| startAnymindTS object| PWT object| atspbjs object| apstag object| anymindTSApstag function| ptag object| GoogleGcLKhOms object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ function| owpbjsChunk object| owpbjs number| blockedPercentForAddtlConsent number| numberBetweenZeroAndOne boolean| isBlockingAddtlConsent boolean| sas_blockAddtlConsent object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA number| intervalCounterNumberGPP object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| intervalCounterNumberGPP2 number| sas_renderMode object| adbro function| adbro_init_function object| location_cached object| teadsscript object| atspbjsChunk object| mnet object| _aps boolean| apstagLOADED object| apscustom object| teads undefined| __gpp boolean| gptRan function| loadGPT boolean| props_sms_script_is_running boolean| props_sms_gtm_is_init object| listGptDirect object| sc_jxos object| script_gtm object| script_tag object| stylesticky object| dv_l object| sc_l object| dv_m1 object| sc_m1 object| dv_m2 object| dv_m3 object| sc_m3 object| dv_m4 object| sc_m4 object| sc_m2 object| ft_sticky object| cls_sticky object| dv_sticky object| sc_sticky object| ft_stickyexp function| closeAdsExp object| cls_stickyexp object| dv_stickyexp object| sc_stickyexp object| dv_oop object| sc_oop undefined| cVisitorId string| cookieName string| cookieValue number| expirationTime number| dateTimeNow function| propsInitAds function| addDocumentToWebsite object| google_image_requests object| criteo_pubtag_prebid_148 object| Criteo_prebid_148 undefined| myCategory

48 Cookies

Domain/Path Name / Value
thesun.my/ Name: ITR_COOKIE_DEVID
Value: b16da1a78e015e285e1103a392fde05f0f
thesun.my/ Name: ITR_COOKIE_USRID
Value: b16da1a78e015e285e1103a392fde05f0f
.thesun.my/ Name: _gid
Value: GA1.2.1461412138.1705507742
.thesun.my/ Name: _gat_gtag_UA_23981916_1
Value: 1
.thesun.my/ Name: _ga_KL5X26DVW5
Value: GS1.1.1705507741.1.0.1705507741.0.0.0
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 2bfaf72c-6d20-4ce0-aa9b-cb40403fabf8
.thesun.my/ Name: cto_bundle
Value: lg8GV182Zk9Ha0RWa1hsVkNXSXlFQ2NydGVrYkdma2g1RzhBWmklMkJxN2VZSDlmVDBEYkhpTFJuUG50RTUlMkZXMzFmR2JxbmNYZWROMSUyQk9IZHNMaGhOYmwyJTJGWk83eTRLQkZmWE9DUDUzSENIcTVkUnVXQXp3WEVSbTYyeW1yZ2NOJTJGWUVLQ2hYJTJGdnlyUmVhUW5ycUUzTTlLaXNxWFElM0QlM0Q
.openx.net/ Name: i
Value: 7d16fc54-16d4-4eff-a1bf-d1239f5cea41|1705507742
.innity.com/ Name: iUUID
Value: eee5a53396bec803fac54f48b9927b16
.innity.com/ Name: iGEO
Value: DE%7E02
.innity.com/ Name: iSync
Value: 1
.thesun.my/ Name: freq.5e661e8b47e7043d03000003
Value: 1
.thesun.my/ Name: freq.5f462d2c47e7044a01000002
Value: 1
.thesun.my/ Name: freq.65279e2647e7041906000000
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkQAepb-_bxzmdAe8hCZR37x8CNzUHR_WHA6t6u-OztXnJpR-EXzIyfu0yHN3M
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.thesun.my/ Name: __gads
Value: ID=eb2c3f474231acba:T=1705507742:RT=1705507742:S=ALNI_MY6R86ePM097VTq76-QmvOHMEZjpQ
.thesun.my/ Name: __gpi
Value: UID=00000d4373205f8f:T=1705507742:RT=1705507742:S=ALNI_MaOMvUEc1VluNyGatQCEivBJclPuA
.thesun.my/ Name: _ga_SY4JJ4KEW8
Value: GS1.1.1705507741.1.0.1705507743.58.0.1449357186
thesun.my/ Name: _pk_id.076C0FICOSYDT.b9ca
Value: 6b389c94556e0595.1705507743.1.1705507743.1705507743.
thesun.my/ Name: _pk_ses.076C0FICOSYDT.b9ca
Value: 1
thesun.my/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D3acb5140-5884-4e50-a855-35abe1f99ad7-tuctca1811f
avd.innity.com/ Name: geo
Value: EU%3BGermany%3BDE%3B%3B%3B
.thesun.my/ Name: iUUID
Value: eee5a53396bec803fac54f48b9927b16
.thesun.my/ Name: innity.dmp.0.sess.id
Value: 100861973.0.1705507744376
.thesun.my/ Name: innity.dmp.cks.innity
Value: 1
.b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/ Name: freq.5e661e8b47e7043d03000003
Value: 1
.b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/ Name: freq.5f462d2c47e7044a01000002
Value: 1
.b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/ Name: freq.65279e2647e7041906000000
Value: 1
.thesun.my/ Name: innity.dmp.0.sess
Value: 2.1705507744376.1705507744376.1705507744649
.googlesyndication.com/ Name: iUUID
Value: eee5a53396bec803fac54f48b9927b16
.googlesyndication.com/ Name: innity.dmp.0.sess
Value: 1.1705507745217.1705507745217.1705507745217
.googlesyndication.com/ Name: innity.dmp.0.sess.id
Value: 100861973.0.1705507745217
.googlesyndication.com/ Name: innity.dmp.cks.innity
Value: 1
.thesun.my/ Name: _fbp
Value: fb.1.1705507745723.1638080968
thesun.my/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adbro.me/ Name: uid
Value: 5b62732a-91b5-4dfd-b112-6dce1eb6058d
.gumgum.com/ Name: cs
Value: true
.thesun.my/ Name: _ga_J8TZJ65FPH
Value: GS1.1.1705507746.1.0.1705507746.60.0.0
.yandex.ru/ Name: yandexuid
Value: 6740040591705507746
.thesun.my/ Name: cProps
Value: 206abc1c-6ede-46d2-b572-14ca26c99356
.rubiconproject.com/ Name: khaos
Value: LRHZ9Z3C-1R-KESA
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qq5UWpaUKGtp14C1LCtWBX9mfsNIvv6QtqRoUZOq/XfJiADHy4ydGZVTgt1Uqtrfaz5EtU/8Rsq2qFxYeYqSmnoIZE5xoQF+eG+xUA9sgf/4dzpQ7vzkXQ/
.thesun.my/ Name: _gat_UA-237453437-1
Value: 1
.thesun.my/ Name: _ga
Value: GA1.1.1369426925.1705507742
.thesun.my/ Name: _ga_2BZPHNQNTD
Value: GS1.1.1705507747.1.0.1705507747.60.0.1553088393
.thesun.my/ Name: _ga_WHWXDD9CJW
Value: GS1.2.1705507748.1.0.1705507748.60.0.0

26 Console Messages

Source Level URL
Text
javascript warning URL: https://cdn.innity.net/admanager.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://as.innity.com/synd/?cb=1705507741775&ver=1&pub=1f9b616faddedc02339603f3b37d196c&zone=65042&output=js&flash=0&url=thesun.my&width=300&height=250&vpw=1600&vph=1200&auction=68d5f0a-b44377f&u=aHR0cHM6Ly90aGVzdW4ubXkvaG9tZV9uZXdzL2duYW5hcmFqYS1zLXJtMTltLWNoZWF0aW5nLWNhc2UtY2xhc3NpZmllZC1hcy1uZmEtZHBwLUdCMTAwMDc0NjM%3D, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.innity.net/admanager.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://as.innity.com/synd/?cb=1705507741775&ver=1&pub=1f9b616faddedc02339603f3b37d196c&zone=65042&output=js&flash=0&url=thesun.my&width=300&height=250&vpw=1600&vph=1200&auction=68d5f0a-b44377f&u=aHR0cHM6Ly90aGVzdW4ubXkvaG9tZV9uZXdzL2duYW5hcmFqYS1zLXJtMTltLWNoZWF0aW5nLWNhc2UtY2xhc3NpZmllZC1hcy1uZmEtZHBwLUdCMTAwMDc0NjM%3D, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.innity.net/admanager.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://as.innity.com/synd/?cb=1705507742684&ver=1&pub=1f9b616faddedc02339603f3b37d196c&zone=65046&output=js&flash=0&url=thesun.my&width=160&height=600&vpw=1600&vph=1200&auction=68d5f0a-b44377f&u=aHR0cHM6Ly90aGVzdW4ubXkvaG9tZV9uZXdzL2duYW5hcmFqYS1zLXJtMTltLWNoZWF0aW5nLWNhc2UtY2xhc3NpZmllZC1hcy1uZmEtZHBwLUdCMTAwMDc0NjM%3D, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.innity.net/admanager.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://as.innity.com/synd/?cb=1705507742684&ver=1&pub=1f9b616faddedc02339603f3b37d196c&zone=65046&output=js&flash=0&url=thesun.my&width=160&height=600&vpw=1600&vph=1200&auction=68d5f0a-b44377f&u=aHR0cHM6Ly90aGVzdW4ubXkvaG9tZV9uZXdzL2duYW5hcmFqYS1zLXJtMTltLWNoZWF0aW5nLWNhc2UtY2xhc3NpZmllZC1hcy1uZmEtZHBwLUdCMTAwMDc0NjM%3D, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://bs.yandex.ru/prebid/4294969?imp-id=13&target-ref=thesun.my&ssp-id=10500
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bs.yandex.ru/prebid/4294969?imp-id=14&target-ref=thesun.my&ssp-id=10500
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bs.yandex.ru/prebid/4294969?imp-id=12&target-ref=thesun.my&ssp-id=10500
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bs.yandex.ru/prebid/4294969?imp-id=5&target-ref=thesun.my&ssp-id=10500
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bs.yandex.ru/prebid/4294969?imp-id=1&target-ref=thesun.my&ssp-id=10500
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bs.yandex.ru/prebid/4294969?imp-id=3&target-ref=thesun.my&ssp-id=10500
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bs.yandex.ru/prebid/4294969?imp-id=11&target-ref=thesun.my&ssp-id=10500
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bs.yandex.ru/prebid/4294969?imp-id=4&target-ref=thesun.my&ssp-id=10500
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bs.yandex.ru/prebid/4294969?imp-id=10&target-ref=thesun.my&ssp-id=10500
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bs.yandex.ru/prebid/4294969?imp-id=9&target-ref=thesun.my&ssp-id=10500
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://propsid.b-cdn.net/json/thesun.my/blocklist.json
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax.amazon-adsystem.com
acdn.adnxs.com
adasia-d.openx.net
adnetwork.adasiaholdings.com
ads.eu.criteo.com
ads.pubmatic.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
anymind360.com
apis.adbro.me
as.innity.com
avd.innity.com
avd.innity.net
b5ed6b08d212f51a894e8d37b689abf3.safeframe.googlesyndication.com
bcp.crwdcntrl.net
bidder.criteo.com
bs.yandex.ru
buttons-config.sharethis.com
c.amazon-adsystem.com
c.ltmsphrcl.net
cat.nl3.eu.criteo.com
cdn-ima.33across.com
cdn.id5-sync.com
cdn.innity.net
cdn.iterwebcms.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cds.taboola.com
ced.sascdn.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
count-server.sharethis.com
csm.eu.criteo.net
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g2.gumgum.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imageproxy.eu.criteo.net
images.taboola.com
imprammp.taboola.com
js-sec.indexww.com
l.sharethis.com
lh3.googleusercontent.com
mas.protecmedia.com
match.adsrvr.org
media.innity.net
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
optimize.innity.com
optimize2.innity.com
pagead2.googlesyndication.com
pips.taboola.com
platform-api.sharethis.com
platform-cdn.sharethis.com
pr-bh.ybp.yahoo.com
prebid.ad.smaato.net
prebid.media.net
prg-apac.smartadserver.com
propsid.b-cdn.net
region1.analytics.google.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
rtb.openx.net
s3-ap-southeast-1.amazonaws.com
s3.ap-southeast-1.amazonaws.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssfpc.thesundaily.my
ssl-avd.innity.net
static.criteo.net
stats.g.doubleclick.net
sync.teads.tv
t.teads.tv
tag.adbro.me
tags.crwdcntrl.net
targeting.unrulymedia.com
thesun.my
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.thesundaily.my
x.bidswitch.net
static.criteo.net
104.18.35.167
104.18.36.155
104.18.38.76
108.138.1.25
108.138.9.235
13.248.245.213
13.32.27.75
13.32.99.21
141.226.224.32
141.226.228.48
141.95.98.65
15.197.193.217
151.101.1.44
151.101.129.55
151.101.193.108
151.101.65.44
151.101.65.55
158.101.178.245
178.250.1.6
18.185.180.173
184.30.20.22
184.30.22.30
185.64.189.112
185.64.190.78
193.108.153.18
193.47.76.44
2.16.97.41
2.18.161.51
2001:4860:4802:32::15
2001:4860:4802:32::36
2001:4860:4802:34::36
2001:4860:4802:36::178
23.212.201.53
23.35.236.201
2400:52e0:1500::868:1
2600:9000:2156:6000:1d:85c3:6640:93a1
2600:9000:218e:4a00:c:abe:f440:93a1
2600:9000:2250:6a00:a:e047:753:a221
2602:803:c003:200::51
2606:4700:10::6816:30fd
2606:4700:10::6816:3556
2606:4700:21::681b:cc59
2606:4700::6810:5914
2a00:1450:4001:800::2001
2a00:1450:4001:801::2003
2a00:1450:4001:808::2008
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::2004
2a00:1450:4001:812::2001
2a00:1450:4001:812::200e
2a00:1450:4001:813::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2001
2a00:1450:400c:c07::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::9
2a02:2638:3::c
2a02:2638:d::c
2a02:6b8::90
2a02:6ea0:c700::10
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3601:7d46:bd77:a0a1:96
34.102.146.192
34.120.107.143
34.120.63.153
34.98.64.218
35.157.101.217
35.157.107.95
35.186.253.211
37.252.171.85
46.228.174.115
47.243.203.231
47.250.11.143
47.254.199.63
52.219.40.242
52.219.40.37
52.49.23.84
54.171.230.28
54.75.58.229
65.9.66.92
65.9.66.97
69.173.144.138
8.218.26.252
81.17.55.160
88.221.125.39
99.80.55.123
99.86.4.128
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
006a1f60603edcfbe8bf89915ffa4b14d0fbe12b5b58a0901fdb6f51ded5fc85
03d0e8a81b76b97330c387401f890774b9d88750ea2d7b7d85da4851ca2ef3ac
03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b
03f0dc5f7297d24a14f89824a2288d1f75f2c27919ce0ac8033f84a4df8b7d2b
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04ada7181cd14d118a5ff75a6e27fd9d140ded3aa8910ac0392a125486cfe957
051b1cb88ffa0a40cad90fb5652eab8866ff72cd05d8c7763cf46b56577734a0
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058062d4aed2b18b02c66fa39195cdb5024a2d404bb8a52fde083a59fd5f89ec
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ee8213b1028d7761f47e300295a19c3640c3bc9b7c72c58c6effa50179025f
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
093f8d663a73e5760f8297b887f749520bb7540fd287e7f37c6969b0ee912a6b
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09f7dc31b1a1d2f0dcf49f8e4b1779b5cfc564cfb2805d51ff1f2f2ed2a5b3d3
0ab560b2054c261dbecc0c28aec8c9c9dfdbcbd25f3328405e93629853b61ad8
0c01cf3f9e7cb6c3b93b590ad2e77146f4dcae1434d72ed0ae9740c1c1262d46
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
0cde4e89ccb69aea1f97b22b1fb50a34393079f8677ac5670faec1ced2a9267e
0ce49c63580738406cf9dde96aca7fd4590b863d0206d274178765078ba47049
0e1ec6a3c61a7364f67590dc873dfd7b1cf684800963b6f5ed0d2dbc0a830a8a
0e72117263558278201af6ada0a46b14d991419fb5cf480c17fc3152c5cf4a28
0fa47026d3afc76b533ac561e32b215eebec21111ecf09633e1ed97aa4a3af35
0faef7215ac77c2d6a48dfa91a9c801267f9bd11dceed69733eadc6a15735c88
130a89b5c917a8d2b7fe8f2550131d51a36848690604003e20a471ace373337a
14d67cad17c9d33c7df93cc69cbb4d5244f3b7d8d8cdb4b4055b1628dcd5e65b
171a1d48baf3c3548f653d4e06c7f2ac816da0aa587cbcb152f3b73034dc1cd5
17fff0e8c08b18bc86d19894e2844e506c17c7c4d1bd379e028c08968a221a8f
1893cec2a38d07dabe9feea27795448865129c9ed4a79569b3f92610650aef57
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19d7405b9856b0dd6b4aed0b4054ff8c855865c62be73e52bf519f894df29ab8
1aba0ac1c69bba2a8057b9e9564b302bdcbd059b864e8f370874220e3d0af8ce
1ac0ce33552db923a7b55580a0cb05de9fabddd4054e9436afd9e259a09c177f
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b1997cf0a1e96bc2873304ee23745ae7e9f51f6e5e556272f501f1e182763a8
1c1a6037f2f27ee6b37ff438c5cabf1a23cce7cce2aa5bf1e8a9de014a660bb5
1d9c77f1f08bdb145365f8e62acfbbaa6740b4bc44495504b1a10cd54d93fe2a
1e95a96223d20389eec4b2e191950f84fa5e14acdb98dcce20337c1cbd38df13
1ecae7ee37f515d53d8f9442c2c730393b55cd07411adc3ff046ea59f44f717f
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
22ae07cf2231ef7b8c676783c322d0eeedd6913e9f0910c2de8d10adf3074578
243c46ffeda13560879aa749f78df1a921a9c2a5ab147a8a69535aec40713d8b
25ab27d249ad15240f3da617e87d6fc002b7190ced7b123569f22a290df7083c
280d9680e16e1ad97b29049c284e11537821b737db288039817debb64f13e215
2abeca61dc6cb9b1e029ef52739f91c22a586b7cb0dde9a72290cfd47cd045b7
2ad84feb65f95dd25941c0e5cbffc09ff01b2475109123cbff2a25cabbbd391a
2c16c8296ab71eb861dabd7a644527900c6a2aca2beb2c4aab496a039ac11ed5
30e817756a474c7f893057d069f7ed56e1fd4617d70fcf40ac5d58fae5890ede
3143566bd1a7330ee43570b480ec2491abf76b5914e06b16fc6aa86106ec2eb4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
337d1faf3071a595281b4aa1576dfb816077055db421988197191e999a15ed5e
33dcbe05f569c958c84d28f3b2a2b4d8af48176b4973806b7ebcca422f64b58b
345c9e00e0c9e2af71228159d1bc6c36e8856b8e4df8325877211828fe858204
351730eb707be16c49853b8c1cd1f8784bd1266a780b4eaa3c2a852f4b6d2a2b
36a8bc93c6d4a7cba80814f615030e5dd17c2583a07b2a9866df9ba43e830143
36b3ef184d4bf4b8528f6be1e38afbe0d4de311b4852d1bdb2b4d3ffe6e6329e
37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb
3855c09c3a15ec91465519abe9429e75562b6b2f1ae058809b86ff6084b6d651
38acc03107871fdca4db68bed1060c563f60faf56b3fa457d912af43cd70fc89
3b0d9f22f5fb1317e8b9a3a98b10e28dd253c81f807745d964a45b34fac6a600
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c688736ecaf95c6c36b49c0eb05ea4e59bdb2cb74f049fcfb1e63f4856af8f9
3cb1ac9f644d57fcd87a9671c9a3a6b63dbb21aa92aee07718dd0874d7fc0696
3d55fabeaf35b51f02912561c2bed1dd5abc574536f5bf4d3e4b72950e5ac14e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dd103ba888c627706f31656287652d5fceb9ef7a7099eec5a07aac2f7d397dd
3e5625cc815d767588a68b7db4993987c7344eaed8ab68476a7571ec4559387a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
425cb057b6ae2dba9ccbb3987295ba680a072ee0997b23c5b87b5b83a8bd195d
434d777ca4d1a2b4712be0f9f2747d871b778b6d833a3241b7de95c69d43472c
43bc6e0a3ad31b901cca8daa150674bcbcf50f7459081e74682b9cedaa52974c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4457ffa97145d2b7fd35811a71cb5e04cfa0c1a09b01015985d252e42f352e2d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46fbda9a97367cc61046dd658da965a26275b1aa2ce7249a70fe1c53abd77396
47008fbad7ca668c75006404b38653e743a3d711b493b22a3997411d86d48622
47d28f2d8e65dc2ee8bf14064d39a5915f75fca7c1c91b922f6955fe7fc02f68
480c1b1d6d8bd16724ea60900ff424216ca8ba42cfc1133bdcd4197e7254dc35
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e7e3144309053c6f7be2b3787f64931de04e7b782080929620ec1f9edf3873
49e8e879fc1cfe1de4eb1e19de9237c8254a455f47215b12417f6977f4dd9ade
4ac28f060464a9c2a7beea74360934edf0fc235d344a76a3037a790a4c822ae8
4ac9d4d153e71e993663b8c68942a1c53c272e0c54d0eafb1f6a87526c480df5
4c7c9bd6608d86b9f67977d25e645cb5d4e5ef8ba95de2a3d719c8de7e3347d0
4cb763bc5d7e945711d0d89656c54d20307d0c14c9b8845e9bcba37319155601
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4d3fd7b54daa426fbfea320bbaaa7c63920a099a55009e9ee951ecc567ff7b9c
4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0
4df769208278724f884dd039f76860f619d97f908d6c910483ff2e9ff2af1c62
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e155d10b8c246ac7664b527cb2d3ffd700a0eeb3d0fb8dca5dbaaacf29ff566
4eba0d268a328eb6a11b8b564820792344363d46ec02f74ee7d738c80d644621
4edbec098597b69fe06e29284df24227c12c5a87048fe44ef6243017931f6acb
4f3a21b94730cfdb31d07af19fb375d60f58deebda84da82411b7ea2ffae1538
504a4e1f88b4e0516fe561352b7a5583edd6537e59e03fa2664b62561735aafb
50ff8c1abec5fe06e6a3fa3d536c3f6a264d87dea71c314377dbd6120c20873b
53365de4339f9c2411e9bb1a56364597003ba69684c3d79182cbdb3eb64b6e60
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561a650ea8fb0e35cccbdd185618415b21f60c78cba87c38d75ce2855257e725
56bb17daa81fb37aab5dc53cee8886f9d7676490058e430f249b138a4485a6da
5c36563bdbe152010043cf4e53ba9644a3b0547455bbbe1f8a90a451caa4c67d
5c66d67fff1bb62059630c5c49de873b28548398847a2beff2f3f006c4388c86
5c75d583340c5c278c46b26f25874f7d767affba762bf08fdf18ba785011b6dc
5d0d2e62c56e5192215d40a6562530dba8c0d7293e904ec7fb6683bfb1d0f82f
5eb9f4a7df02745fe67cb8ba11c01e42797f6593727512270506d40f94d0c7d0
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
5f57f565c4c7279430677734ceb821c0150a786fa2f370ae60072bb3d6e61cbe
5f689a26dae9b3d64d05a61dafe9a94f7e05e9a949dfe2330b879d532b441843
5fbaa9ddf70a56787147f1f65d0a351c344a9fdf4f64aa45ad608d53b63174eb
5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c
60f52d034d5da2c2451a148186beb02c2f464cfd53c5e8bf09c804d3ff1c6ce2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b1f88090a5c27653ef2592252bb360fd75b303b5c1aec81ffb3c053161d195
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
65f19e259ed91ced7fe92470696089572d6fd6e3fe91d365ddfa1fb589c630b4
684644849f4a1bd1cf92ecd86a521c183c1afbf95ce55b6a6cdbaa65a217005e
693e102d7c8e34fc497f3172a2010feae6d5509babdc4d9d22c627b38072d2a0
69bd2df73c3c16a1a57407663d6598ffe1a349461a214c5e2aa816cb0fbcff44
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6ac8d06870be3a22f2f5e8be165018750d04e81f201747889d94788bc7d233f1
6d82e21331aeb7b154ce45f18bc4a76893c17b1e2db85c4b40397fabfc0b023e
6f018dc4df655753e7b942b8bb3f6eb04a6b7d6e162f184529a97c8ddd209204
702ecd49a02e24f6a8cd90db757f3da97673e55f9d64a5bd97de20c99921e440
725738f887a00d725239f9508e87e5e6019e4b092cd3fc778353df1d7d297c0f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72afec3698db07b794eebd045a464c969c7e4a0fbbd7cacc64ea63a41c2554f4
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7492a07a34ea15ef1f53a62f24747b2b851e21da4c08b47e7b641cbc3149a02c
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76ee0961e6fc5fe6be30f86e379b24c011ada622f43d9bf323548cc656d6cb28
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
772d2eeb93eff2e2a6fa3f926d81851b15e08c3a05b8d616de381e5a8bdbf476
77b16a4a85961955ad93aa9acc3d33c3a5adaf57642b76abb9cbc28226354c05
797d18dd5b7ac8e4cd1d57fcced7ff0cc8a3dbd174e451bd2b7d09dd194d4b4f
7a4da18e8baeea4d9b2f6efa2cf38b32db7d139feb7a5b6d1a2045278f44d425
7a6b8a6810bc6a0168091d508b0e907b920161fed432c55bbbb5129edb16b040
7c065d0e9608ec56c2a5c90d2288d455d2de645bfe0e87adfb975acc402d5c76
7c9ef352fc12c3e51a9d23acfac35d271222260eb4d61c91c95c95fbb7c82135
7f6d89ed748d2b8e1b25ae5f59d8a5109c8da9084c7131c510cffabeee01c738
7fce7c7ff4d31caeb48fe0f8ca462df64dbf03dcac8251d26145691c69ff637f
8116a189a195c3a28dc5c7268f3c147f938f7abb26100eae3f93e7def362775e
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
830cb3da1985ac08108018d9698b526e6f93ad075193bd1a142555cf70bcb308
830f9b2b1e7cef76f805e9a1e77458e158b766d79e59031459699b161222de59
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0
8354d043bdebec71c66c058e88ecc6f032f98e2dad2c9efe882a39e01619f101
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85f0ea3b2226011e7bb03d720b74b7a84c7d9a316fdd86fdae14f8412f300c36
8689e8982cb3a33ed0920a4d0ada44ea56a75ee734088045f64fb1b9293a5c07
883e525ec3685f0cb9a1263de1ef6b79fb3064a4222428eb71cdbd7a9bf4e952
88d6496cf7f3cf09daa65d1d49d6fbcc9ac52121931779ed040fa7fe94fd98f6
8b4b20f6dc2dc175957b8f2c82124fe8d9d7aa39f74b5f518a807a107df1c984
8bffb9d8bd43de44cc1dc1f5eb082ff3c5a9e66d2398e40bbb4ec5ea5a8c428a
8c53499e806502865188f4744c53ad5cbf60140fe197254ffb9fd6a2d4fc5fa5
8c9e788a177a5d3163318c3e2aa7cfc5671c363f7c58429d5c01db287f1c0e3d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e559ec7957cbaa1fd88ffb700f2a35401bab94f686cd5d3198445177d9697dc
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9166f512c27a1b68e880e4837eb3ce7291e8699d5c214cc1699cc181efd11699
92ad632cbc67af32998d9b07a4af5420b47efee300c76f67861816ba98a5070e
95767e63cd01709ecc9ba635292a11c5deb22f78cf4210a97698ab7c8392f112
95f6b74dff3c2ff6913590cdb45b955528e9771e813f90799da66708c45ab260
98a2fbbfdf666c4b875ed5d04436b77dc3890b85788f085967b51bb0305bbee8
9e6c8597ca3c472944eac5d26f4cd193e3e78257d74c5ecd4c4ab0f32fe81e09
9e773fec2e08baf2f3853d290a740be45d9700a208a619021934a3c60801e790
9ed44be97f6447d195f104e84e8b0e41012c37b7910b0c98663f1434f5dec66b
9f0ed2cae9c9d417843094637b59345557d8fd859965a8d7f21684c0f7947a40
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06c5a7910eed361c70a9cb9b1cd9d46383201166baf8532e05bef33c865b488
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a115f817f2bd8c8be9c52fe5224dfab831aa8e68b3118c67bfa06f7b26eb4c1d
a2d7b80b112a3c015bc60b173dfb97edb97d4a056fba0af7e07d420f7b9adff0
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a579ece73bc58f0116712063b534563b7648f991bd109e62255094863abe4b99
a600ef03752b6b35f4e7b8aaecf122b8a29c2d5e5be5dda1466e64ca2bdae52c
a611239b0171e932d983c83ed344b300a539371827c8773d3fee7e914f84359c
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7aec82c84ae07dd8511acc61f2a6d5203f615819e3091eb703d7de16996263a
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9a38d50de9f4fd1650d10c48aa62677962f5da07dcf8942a75525b6fa4567ea
abc3e5b7c4f477ff2289ebccbba4d30443495451f9a51c7cb7bd5fca87fbfc4f
abe835f857e3a5616be778b677a40f00b692bec42b5cb6bd742577790d82cf38
ade73d875348d5e8ce1cb2a9f5e022f195a1d6ffefd7ce9ff9234104e87b6002
adf19070c11a79abb5ad4d88f58c000ccb2960d282171a3cd91a45df6eb8009b
ae4c516b0c7dcaff00b626773104e5907d3827f97fa2a2f9ff8b88de41b69934
af6b5d68eca4987596ec8077f7303b40793959dcb6ff284b8f84be82d5922973
b0aa9e20eb139653a669332f164e1db0cfa7efce8e65b1767a44421c9b9bf4f5
b0b0691729750f6d160cebaf2dd98af7ba18d4fe2d260433b79161ee76fa2a25
b41bd12003814e69c0fd0fb82bf2e9c7f52424507d9fab42ee9f6f3923d11e23
b703243393a0862dcc95f1433f3de1225a53ba10bca646ea1787473d3fa28c94
b70ef18da644509d958df364541738ac6b910f8fbe3c2d33a52ac29ec2be4f1c
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
b87e6b848d527a101755853fad5777cb4e6380e7b2a8ee390711dac2a4222c9a
b9deac08511b98fa127fcf0d07e132b58d85b56662aabeafd82029d6257cdd2f
ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485
bad8cdf07954efcbb02d017bf79c1ac5916059f68d6e6b46cf9d3fbcaae5c998
bb0d5ee963c4d984ef47af7cd3a2bd39294479bb3596cdeb28b4d2df5f953c76
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8d6dd71a47968d46badb8033c0ccccde6f4395761a44a7cb6e5930519c5d29
bbfd11be8ef21e1c20fcbb1a97d6e90e07784a8b824d4ff3e76b2600527388f9
bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd341f27e904052486412b96e0ca71a49501b74f82fde318cb3d8f197e78520e
c03c8c81ec732de22eef38a59be9d9eeee0416021f88d76934093e7ad6676255
c076552073e3280941ecbe50f83104765b9b30970316a206585fe9f7446fbb6f
c0b008533de20649e9cee5d20770a5631716ee56164bc7c850e590712c31e0e3
c10826263509cfec1ad0e4ac3114f07e567248a79054f34c1eba79ec26f01158
c1208a0459d6d88fd75fc08b62835ba9eb4bb4e7f5fcc6fd4828c7716a8e48ec
c1c5c7e983fbdafe64a32a6c98d1ab75895b3100504c9f73f46b5fba6187f681
c24b5bb44b2f3b368af8dd409ecd821ca7c7eda49203d1cd39be2c026d920b4b
c2cd01af6344eeeed32024af6f1396ecdee368faff5d4169f6969ff87c653004
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c742aff416f5e72b2caeb48fb4e07788a46b1a1180382976bb6ff004488090c2
c830b9091377eee7ca4d99a12784e19e1edb55bc327eaa977f8811a50fec979b
cb3abc90628dc46498869365df7c81fa012d69f80058fe6e0a9f8fa89f41a5aa
cb3e3395d2b42ced908b66aa47fe64d6c3669963a4f653bab216b185d0c6bc33
cd3781d6a3a8ccc498fad88b4858166b055e1b03be57655019419c8e39732a3a
ce1801f11910c7cbb7938b3f635ab9e4d6a3e0d5c67d3d087fba0f2cd3db94fe
cefb1aaba3d3802e8abdfa1eb82bea0bdbd02ffe6ee6c6096ab1b705bf51dcc6
cf36d17237615ce95ed79ee386d22d47d96782c3d77b9ca35beda3878e516c9d
cf9e92205faeb2fc9929f8aaf67ee6fb15084be8994babd310cfa01d62e29e5c
d17dbbdee3e5aad95afa42ced9fb9c6f97b25e78af823d81d895f6edd2bfa286
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5eac7b8dff91f6617a89f76b08184277c22ec9b8939912b9f03f0002ccd46a5
d60ecff8aee39b4ea3fd8d02ea0426d4099e4e593c964f054d2bc9a21d2a8116
d70e04af046ba5fc33949e04e1b673fa261f033aee8fa358650d84cf957daffe
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59
d93c365c5555a6ad59e69530c20607440b8009b1eb1b5d30f42e165107c8616d
d9947a0d34bb7791699252756f8a742be6c0b169ac673bee4e0a93bc7cb565b5
d9e9dcce4aab9694f3289223a7e5489e166f265498c7109e5a4f021f953b31ae
da2963449859c331dc341c7c604208a42c75760917d045d278dcd9da358359f7
db28c5376dd22170839ec007b395a68bcfb753c05b4869a5cd3f5340e5a4bfd9
dbb2a99989831a55296a560c113b27a02a540112aa8f91b34d0ef85715fc405e
de1b0f9ba87e29d9261e3b7d08f591436b83ebca54cf3e58d33b8df004a4f713
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0e249f066b2246c068d0869a49a1a2b8f1864685e4e55d392ce990ab1ba20f9
e1a95b020c0b7a75f9b7e3fe41cb315bf65559593b2cc485decf986edbe39f7f
e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a
e3ab0ee388c972cc6e2c2003d9be8a8dd878fb6028257ffac6111362a1c7452d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b1213f49ab58534490188196fc12a7c6be2c062d24bf31203a635058996c8d
e73d30f01ee8f986b061bab0895b1c05964d7d2906f353ebde1e97acf87d856c
e7791dbb0dadfb45f9b1438c94ab8e0a8574eaae376cdff6d793ae097d0d7d66
e847fd556512e5b37f566ef6f5579fa6f2aea6383fa67a6377eb08d23dcca188
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
e93cdb31b4ee57d013ecc7ce11ea97c9c8246302f5daaeb713412bacdd514dae
e9d627b37bb2437e38e178e2c5776d50a3163be9b0976526b4ab133922a34963
eaa38e4cddb8cbb0440e3c8bfadfb6b2bf35ee5836b8b85d23cd0b3a0f6122a9
eaf63232990695fca5bd7c545433ab78716d18888981e52af49636e8f7f11e84
eb682082174a781d6cf6e9471c42889e642bcac4791548d6ad89956facaa47d8
ec415ac8686169413c9f0796e31dfdd983fc132dec728380c9584a60c0ebf717
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ee052f31434a58a1ab8ba03cc8d6855f92333384310d58c7da919f70ca514b32
ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c
eee6d6cc4d888c51bfdd240608d0de62e555ee4a610acd51abb18ab37f2fb48b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd
f2a1dc03557016dae46b9b57e5abffb9c674fbd2f6a983e89f2b0a5b876db883
f3e7b6b79d1d8ee931d157927f8e653279a8b72ec7b4b2fce43683a02229000f
f3ee3452ae1fc68639f31d9147cb5fbccf0e04dfa4f12d6845ecc498b5d49fbf
f49dd7cfb82a2228d646c8ec68e9c6c19dab3566655f196aef893b4134b3f7f6
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5c409264f8fe520409571834803643b08e466a5c719bdcc9bf00ec35cf4a5c6
f62504abbb867b0d53b4d90d746313621819f2c5d39ceab4695ac2b0ef8cf223
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f78d287b6f09ec1d12a4d7441180fd68c3b170e0c62317a0aabcaf6631d14827
f7c7cce66953f74b522c42302738a76575ba2ae2214b96a01e07626d0397160c
f8789be6fecc9a96c3d3d6c73d5df021870ba7b31a72d7e8addb11ff88ca7419
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fcbfe3701531c9c0a1cdf0f9adaf43370498a8a46185ec0639f844a14f1f5541
fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876