www.malaysianow.com Open in urlscan Pro
2606:4700:10::6816:212 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Submission: On February 15 via manual (February 15th 2022, 3:35:44 am UTC) from IE — Scanned from DE

Summary HTTP 180 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 19 domains to perform 180 HTTP transactions. The main IP is 2606:4700:10::6816:212, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.malaysianow.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 26th 2021. Valid for: a year.

This is the only time www.malaysianow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	2606:4700:10:... 2606:4700:10::6816:212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
19	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
5 14	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3 4	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2 4	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.220.216 185.33.220.216	29990 (ASN-APPNEX) (ASN-APPNEX)
1	144.76.104.53 144.76.104.53	24940 (HETZNER-AS) (HETZNER-AS)
1 4	46.4.10.49 46.4.10.49	24940 (HETZNER-AS) (HETZNER-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
180	25

39 2606:4700:10::6816:212 (United States)

ASN13335 (CLOUDFLARENET, US)

www.malaysianow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.malaysianow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.21.141.232 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.216 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.104.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.10.49 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de

hal90001.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Baienfurt, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	malaysianow.com www.malaysianow.com media.malaysianow.com — Cisco Umbrella Rank: 795707	705 KB
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 120	453 KB
35	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 346	770 KB
32	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	259 KB
15	google.com 5 redirects adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	2 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	142 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 31122 hal90001.redintelligence.net — Cisco Umbrella Rank: 253307	10 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	4 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	4 KB
2	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 46456	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9027 www.google.de — Cisco Umbrella Rank: 6342	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 70137	17 KB
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 65528	628 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	38 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	418 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	36 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1184	5 KB
180	19

	Domain	Requested by
35	cdn.ampproject.org	securepubads.g.doubleclick.net
25	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com www.malaysianow.com googleads.g.doubleclick.net securepubads.g.doubleclick.net
22	www.malaysianow.com	www.malaysianow.com static.cloudflareinsights.com
18	securepubads.g.doubleclick.net	www.malaysianow.com securepubads.g.doubleclick.net
17	media.malaysianow.com	www.malaysianow.com
14	www.google.com	5 redirects tpc.googlesyndication.com www.malaysianow.com
11	pagead2.googlesyndication.com	www.malaysianow.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.malaysianow.com
6	fonts.gstatic.com	fonts.googleapis.com
4	hal90001.redintelligence.net	1 redirects fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com hal90001.redintelligence.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	www.malaysianow.com securepubads.g.doubleclick.net
2	pv.medialead.de	2 redirects
2	fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.gstatic.com	www.malaysianow.com
1	ad-server.eu	hal90001.redintelligence.net
1	pb.media01.eu	hal90001.redintelligence.net
1	hal9000.redintelligence.net	fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com
1	www.googletagservices.com	www.malaysianow.com
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.malaysianow.com
1	static.cloudflareinsights.com	www.malaysianow.com
180	29

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.linkedin.com
t.me
twitter.com
www.youtube.com
api.whatsapp.com
telegram.me
media.malaysianow.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
redintelligence.net R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Frame ID: 3B752CD5E539470989DD9120D7B4DCE0
Requests: 73 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20190131/zrt_lookup.html
Frame ID: F3D4560F6E19E15A4141A8732A88F976
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3590853924723071&output=html&adk=1812271804&adf=3025194257&lmt=1644892917&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.malaysianow.com%2Fnews%2F2021%2F11%2F29%2Fbusinessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644896140067&bpp=19&bdt=1264&idt=170&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4737996033974&frm=20&pv=2&ga_vid=1163831766.1644896140&ga_sid=1644896140&ga_hid=334635711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062423&oid=2&pvsid=3316557274000083&pem=334&tmod=436060942&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=188
Frame ID: 18BD9DBAA39563FE5E0EDD2B2B64E35F
Requests: 1 HTTP requests in this frame

Frame: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0FA279028BE3F152AA2758BCADEDC951
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 668A88DA7F530B94C23B548BE55A2420
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 947A5A8A22EFEEF821194BDC4C4E1355
Requests: 2 HTTP requests in this frame

Frame: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5CFC45CDA796AA0BA6F256ED4EB52A31
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNXknYPucZSlI9L5RTYkql5aMY-6mpbgBK118HxN1xb0KHuIOeKyt-WJDwqvoK3r5FohV44xsbww_Z5dOrMBYfpX_2rxxzAxs150GqQy2GVJQMp0R0zKBSKbOWZCULRHFlbGYYdSExFy9xI2LhamqNdQ25wrz70PZH_ufVL54ZSk7SNmpKk
Frame ID: D16D0847EF9FA7A2D8A45C1B0F83DBF5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ag3IFvOLXGghTpHWQzmGppOH5hOmILKfpO2Imb5tTexT1578vCJ9bDrJoo0HZOzQ2KpaC8flBHYhhe2fIvTVpmOOiMYZVwJH1n8GZjj6B9EXEnSALqp_rKapBnAJzQEcBfv5NLZG5MXm20SRRtpFvaTn9akw&cry=1&dbm_d=AKAmf-CAKhiEA5EExpvLo5mPkoWEP8KbHM1eLGDsGPQZKsWOHBNdrJF9dSjaYKi1ItD8wdrhfeeDsMb1utufP71HLRUKd_O5EzHGW57wMyTa3DvxhZx8oolhrb3ZUirqSGDBOuv04yWZYimFi3jmHbpz9DMV0LRR-MX5h8SmoM_QtTe4KdmbtXw0q69XG-i3PAKMW1V84B8UwvTFCcFh04fEkECp7mlIR_aemtoiEDuq4eDQ5voUbPrl_Yu_z-3sBhlDpajAazeTt9VkYFwrhOkcslMihPkA4pS7MFKFIYNDMadRXfIVC5Of7SKwVSLehZtcwIYaS_c-wtqLJtriN1oyio40i7NjKLgZ1oUly2pqYmHZgkhSDPZ9NKbRENG3vu__g8uDS1KuJN2X7-tt8hDVmT5Oq8okGF_dN4c7JtD4OUUfTVPui5FhalFcEBCnDOrn2TTwYmYBP03EOWrHRAUAW99SruJTq1Q-a2oh5GwzFRKtyaUW8hTSKf1BZWqOJ6V9pPrPS9wPu5lRQs1aJo74Tca6h6OpC3DFnZm99BqcXsaG2W-K1DJmgwqrcRwCCXoTwrhasKkSMhIFVeWlQ9OTzRhQ11Txrxos8ytnmzOA2a-tGUSTyZI6EMi9z6jMd2P_O1PnkrvI4UNWuD4o7H1EdAEzvRE8oOm_S3uRBc_lboojm0YZSkKJMUMiYw82oFjJiQadgW868lAanG7EKrrpQGgs-vsWtDQUJkh9Urq3G8l_yf0gzJMJzGVI0Q_jmCkxvIrIvlDdlRLIiqFaxmdrxSU04u4yBBrumfdiy8M1Nws92bWlQqhiAYjn8P_2BLaYbk2WnBf62FKgZ6pq0hjgIsk_v4O7toxxPNbxJiuicqnDg29MMMloY-v5VtSYad-5CEdmGP7qxaax-7Wk5MAJlNXR3qAx6NW8PIWvkQ3gPsqB2BRMl2wAftLNcTCiTDCRtehCYXbLqA77VM65AFOBmUiNlI3DxzbqjYPvexrXxnlPVKLc3nZEFDZzLcuL7XHhUky2Ja9FXv1B_O0IVa3EJHTCjvgwgGx-uudPM0-0-wsDcBu-HewbDNG2q_wSxbe9Ip2ae-3WPgfQjtd5MWvoBARwZKUM8N5XznKbg9Uf4Rd2BN00jgXUPhMO2Y-1rl_XoS9uTsNnLXamqqLMTv8TL5ro0gp2Xq_-lFxsDiZR02sH0foPV_1YB8x16sRslkAc1YoIXw3w06D861U8y3PHTdjB0xlzrt95-gSncd66nf24XeAMvkFSiqnBDrOwzeVVje0uTkOC3aLwMnOK-8yUjmKLiGmqXzQT-8f7v1530Ox3ubG-9XQ-smSK8bj5q6plh6V2mn1-j8CrvjKyxtgbmH2ruJ1kiuZ6NXhllht4fAIuctAAFlPKe7lwbcT2LbngoszHL7lRFqRHXr--sX09xR5WX7OL-iSGrvf-ppjYk_zleTVrY7TV897JoHWnZgk0KLEQHAK8F___8RSZcIcNdkBE4ONatjOTpygXWvsSnSdL9PrweaDFI5UVbKt1OznRE3EJ8bMWljg3Qf59i4JFkTs9BwD8wxXy_Rjq-YgTsf7YmZLaeJ3ZlrvrWCpoNn-yU0FdqjtDDOKv-6eeXzCT2Et2VH-09RnDhzrNQomzuQQeztqIQFNliTWzwyDzbN1538E15RW4fu3mXrFKF_97zpo-MkbWuWZrJW8pe6SsYWTmh4w-r7zl5XbA1Rl2Xqxuvb0wNa7gyozkbaDjQH1pZvH2-l2BZ3Va9q9PyPqQo_hM6BB87Av-Jcdo2Aehj2EwNfHo95DdFfWwqnQ7a8-iKFt6FPgOO8NiYoILZR4PQ_jHEeDuH9Bg6Yd48iZXwIqVzO05DI3LsD9X3nzjS8Z1-wzI8Ezin7BN4eouk_y2XuskxLr4YFdzhsPNXkwegquhR8-FXHgxXOqcVFJxFyiqvhGn15EwfJoABbFyoVVLRU-HZH9-LEUwPU24ZTrdA-ufgBj1pEtps5xTx5Iyd8vw1PtAb6ii0cAju8axc1EymIxCoeIgPItc9fnQ5HgIw3Pi1jFkRTztxBQ9X7EcGH7n7xYVMkutwAu7kMtQDL2ncxh_-f3upHKxbzlklt5q3kJVNZ5UpicAf-xvMTGN84qGOL_7xKEFTAX-zH031wOTaIB2DsKuygYWKwLQQyQKJ0URstRY_VIBDAPiLXW9zX8Xv0fwperF0ZS5wBy89MYPE0hfTPlF71SAn1Rjx4rDR6eLxwyhk6G_pAHiJ6UYdOmd02BImCtPTV123X9iJILkcvk3tjA129RG-w3mC06YAWJc910__WjV0A5w1tHlxvZdd7rOocb58wj75u7Vi00Req-U7enmkNfssJWQkvST3SB20WPxiYzU_PA1HGNuLnv59WuowebSMMts0SmsOy3cLtOt3Bex7llwSmNA0jFGJYY7q-CiGRN51ZhOUYYllHRkEYiYk8cCelyu3KDhWCWfnpHQU49O4vJNO9jHjbPZSYYjEZ6NYc86GlNMaWCJyKp9FI270AUmhwKdN6r_Im3PXhw7bmTQe93fkxgQxEBMMqmFEmd2DEw9iSGAA6phFVAC2I5PFyv41wKdS6MQk3cVY9-qkdfq5Sqz1AaYxcUEnXq0KXQnWketKQ739ddiGJqfXEnbWB2GauEGs1NrNfRrTyNvI6qB_pk0Df8SaCbtZ-JJohgNPQFBMSx8m6DvRNX0_QAJQWpH87l-rZ5GNhHeAqkR-hIWlcX8EWfwiF8Rf2wiQXGyUCsBH3AlT7XxCmIre_a7j5U1LIiIhohWdpoXxpDuY0rqf3Bb64_5UVWJHypxKN9D-XE68i5nguLK0Vx57ZgkTai6OwPiR2NfWBYOT6oPLNKEzPiTFY11_UhCC0wn_pklEwQ9CoYAatDV6Gm-GEwVCJxrYlK6UuVskf9a0DZSbEzbuVWBDpxvGZ1YLxoUkOYWQ9FdbvXtRQ0ZG-c7s7_YkRgguUlP6xRT4F3vUzEIzbvYEAzTW7IhuD-JerGNrP91je26qeWmG-1MXUXMrrLHJCPdQxsLW6O-rdVgR-YBvmTs4DRMOdRiJkFI7zSPB9UveQsEPDPqu8in5RZFpGmN4FXrdF3RtVPXEM6G9l6Q5BYMDu4XZQVIGAOeF1T_YJ3VF-95iLKgk8Nx2inebtJNunOuv7JB_qnfLHULqc3YA9Z26YizKbri8JnwbepBTDuaae0WGTrFA-YS6SZiPSS6R6IeeBK0tL0r_xAKDsnnkSda9ukkUCyGZWdVKEU6JCsWqYamMPyvvu44IvXxU6_TwoAucA4oWqzCDWRNcWJg0QNpo8sgRga8d1y-b7Hrc2yl4wrHM44TEJIovC8pfUKf8b3avXrG6SBhBQHVHGZPLVDFhGK77mB9IxnF6V1Xji9oyH3e&cid=CAASFeRoxTs-fFMbsEG9o27OpDynNWWBiw&rfl=2%2Chttps%253A%252F%252Fwww.malaysianow.com%252F%240
Frame ID: 5BF6903164C87A196981809DBEC375FF
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A2AF032AA243EFF8BC6E4C0E4A5FC134
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: 61FAA9EE8486EAA34B1E718F27798E34
Requests: 12 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95831900010493800757617011871001&actionid=981741&produktid=&dt_url=
Frame ID: EF51F7E32A091A4905B4DA1714A0AFBF
Requests: 1 HTTP requests in this frame

Frame: https://hal90001.redintelligence.net/request_content.php?s=95831900010493800757617011871001&a=9a6b64aa
Frame ID: A45EA6D70DF11EF8ADA3F8147FD16192
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: DA6B6985EB3DD207590CBE24266A3DB1
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: 57ADC6352A272BA22E0FAB4FDFE59010
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: 0689EE051AB6F276EEA028023561D9E9
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: CEF5AD6F7FEFAAE11633D25B78B49D7E
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022202072236000/amp4ads-v0.mjs
Frame ID: D3CB9BAD3154E2D7B179646621F30815
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: 2F17BDCD0CDD09E69A951956B4063C79
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Businessman’s Bangsar offices raided in major money laundering, tax evasion probe | MalaysiaNow

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

180
Requests

94 %
HTTPS

64 %
IPv6

19
Domains

29
Subdomains

25
IPs

6
Countries

2463 kB
Transfer

7127 kB
Size

31
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/MNowNews/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/MNowNews/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/malaysianow/

Search URL Search Domain Scan URL

URL: https://t.me/malaysianow

Search URL Search Domain Scan URL

URL: https://twitter.com/MNowNews/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC315KbRo_fiQ9fbaVUhEK0Q

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.malaysianow.com%2Fnews%2F2021%2F11%2F29%2Fbusinessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Businessman%E2%80%99s+Bangsar+offices+raided+in+major+money+laundering%2C+tax+evasion+probe&url=https%3A%2F%2Fwww.malaysianow.com%2Fnews%2F2021%2F11%2F29%2Fbusinessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe%2F&via=MNowNews
Title: Twitter

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Businessman%E2%80%99s+Bangsar+offices+raided+in+major+money+laundering%2C+tax+evasion+probe%20%0A%0A%20https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/&text=Businessman%E2%80%99s+Bangsar+offices+raided+in+major+money+laundering%2C+tax+evasion+probe
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/&title=Businessman%E2%80%99s+Bangsar+offices+raided+in+major+money+laundering%2C+tax+evasion+probe
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://media.malaysianow.com/wp-content/uploads/2021/11/28235024/vinodsekhar_facebook.jpg

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFaFZ4HFEbakImxMovOjE68&google_cver=1

Request Chain 80

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgsfjBB3AU7B98BZnOHvZAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFaFZ4HFEbakImxMovOjE68&google_cver=1

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAuLERq2lWs4Kawqtp5bXyg&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAuLERq2lWs4Kawqtp5bXyg%26google_cver%3D1

Request Chain 82

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU1OTg0MTgyODI4NTM5ODkzNA%3D%3D

Request Chain 87

https://hal90001.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=20170615f8&subid=&uid=9a3957ce26839e18&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6jWNjB8LYrGtFa7D7_UPzt6syAvdreioYM_qz-SfCvAuEAEgy_iRfmCVgoCAsAfIAQmpAt1xwpoW-LI-qAMBqgSVAk_Q4rObItuV4tjsMtud3SFCcQ3um6XZz0NCtHZwDw59IjccyOfk711mgGmQSb7tX7ui2PlkVHvEDT8WXIZ_MkUTwRm9Lhu5qiUjG6f806Z-4-1GRxWGnv_4RzoKrviwYjCRilz2NvilwG-g8NGiBLpPONoaHe03s-geZh6nLcAJ1BuyX_lhg7Ln2MiCVVUIG7P4HtK0IclWS2T-nOsh4cDrFnxFMtFDRAWn3NWhH0tLxhgVOiH25PPewKUTamYWqKdzkS64vyx7WyhWKnthGb2gy9EfEBysVLCv85HABzejOD8bQ4PVef3HxTXzTlwNvEWYoTQdYtsPTqElbrD6xLQDZBdNRYDN4XA9lJpmqheinINV3DvABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoxTs-fFMbsEG9o27OpDynNWWBiw%26sig%3DAOD64_0RMMIJI2UgrRq5pomzbUJHt5onLg%26client%3Dca-pub-3590853924723071%26dbm_c%3DAKAmf-CQjYX1Q2s7L3UMotv0dWys5xk9DkLOvk5uJeiG9sB7ZZC7jm1RVoVSNO4jz2X1XX2kRXahUhdEE0z3zuFE2OirP3S-0vRMEdZK1I9TRlHBep-KQDw5_jcL2J2kD6e7exXZOkNfvPtzbK7vZaqiCmwCBAZb0g%26cry%3D1%26dbm_d%3DAKAmf-A6079PQxFxkTORJjAYciPoWll32BzUSBRXJ5iH7rNd8B6RAcLUIT_aE5GgpSJKzYGOND7IjqR1ioelNMHS6NfcbBs2dJmIKrU7LPjOSVrX8_mdu_edKfUaR9EiKyzyDEJO4JDz_xq_SpLrsDqfvbRbyq5ab6pUXu1_px7j70f-DuYr8iKD8TZMzKVwsTCdhotovkguy5tSBF66fpez5bTSWaI7bDw4UTtVGubYsLAE3cvxOiNrfzDmdD5I1OBIO4SawuXmEH7boAIw5MP942quWUEStCaif2OjFOFMTVu-usaGaGWavRT8dwKjXIuKh4nQi_mDtijiPeTPWBvYahpbn6YF94dsJJRl8vG3jOrj0jw3AqGeXC7Kx5kUfrp6r8mbacCMrTKGPVCaD5SFbEiid1Q2u1VFZ9ZrpmSe5U9PyvpCUMGRDTQ5pkP149-AwcVZ1vPHcZKbv0fwnf2FpkWtXsNTNp2menIOfLvC-TGSdaOJEJOcy9mxfjdvsoR5rt611n_yhHhKrGizH-5z0DOmoj02kJq_7rlzYMzyJaZGZVsCMhCtDJlEU2BWxUyqgFpV6rmU%26adurl%3D&documentReferer=https%3A%2F%2Ffde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Ffde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.malaysianow.com&random=244856580860&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal90001.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=20170615f8&subid=&uid=9a3957ce26839e18&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6jWNjB8LYrGtFa7D7_UPzt6syAvdreioYM_qz-SfCvAuEAEgy_iRfmCVgoCAsAfIAQmpAt1xwpoW-LI-qAMBqgSVAk_Q4rObItuV4tjsMtud3SFCcQ3um6XZz0NCtHZwDw59IjccyOfk711mgGmQSb7tX7ui2PlkVHvEDT8WXIZ_MkUTwRm9Lhu5qiUjG6f806Z-4-1GRxWGnv_4RzoKrviwYjCRilz2NvilwG-g8NGiBLpPONoaHe03s-geZh6nLcAJ1BuyX_lhg7Ln2MiCVVUIG7P4HtK0IclWS2T-nOsh4cDrFnxFMtFDRAWn3NWhH0tLxhgVOiH25PPewKUTamYWqKdzkS64vyx7WyhWKnthGb2gy9EfEBysVLCv85HABzejOD8bQ4PVef3HxTXzTlwNvEWYoTQdYtsPTqElbrD6xLQDZBdNRYDN4XA9lJpmqheinINV3DvABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoxTs-fFMbsEG9o27OpDynNWWBiw%26sig%3DAOD64_0RMMIJI2UgrRq5pomzbUJHt5onLg%26client%3Dca-pub-3590853924723071%26dbm_c%3DAKAmf-CQjYX1Q2s7L3UMotv0dWys5xk9DkLOvk5uJeiG9sB7ZZC7jm1RVoVSNO4jz2X1XX2kRXahUhdEE0z3zuFE2OirP3S-0vRMEdZK1I9TRlHBep-KQDw5_jcL2J2kD6e7exXZOkNfvPtzbK7vZaqiCmwCBAZb0g%26cry%3D1%26dbm_d%3DAKAmf-A6079PQxFxkTORJjAYciPoWll32BzUSBRXJ5iH7rNd8B6RAcLUIT_aE5GgpSJKzYGOND7IjqR1ioelNMHS6NfcbBs2dJmIKrU7LPjOSVrX8_mdu_edKfUaR9EiKyzyDEJO4JDz_xq_SpLrsDqfvbRbyq5ab6pUXu1_px7j70f-DuYr8iKD8TZMzKVwsTCdhotovkguy5tSBF66fpez5bTSWaI7bDw4UTtVGubYsLAE3cvxOiNrfzDmdD5I1OBIO4SawuXmEH7boAIw5MP942quWUEStCaif2OjFOFMTVu-usaGaGWavRT8dwKjXIuKh4nQi_mDtijiPeTPWBvYahpbn6YF94dsJJRl8vG3jOrj0jw3AqGeXC7Kx5kUfrp6r8mbacCMrTKGPVCaD5SFbEiid1Q2u1VFZ9ZrpmSe5U9PyvpCUMGRDTQ5pkP149-AwcVZ1vPHcZKbv0fwnf2FpkWtXsNTNp2menIOfLvC-TGSdaOJEJOcy9mxfjdvsoR5rt611n_yhHhKrGizH-5z0DOmoj02kJq_7rlzYMzyJaZGZVsCMhCtDJlEU2BWxUyqgFpV6rmU%26adurl%3D&documentReferer=https%3A%2F%2Ffde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Ffde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.malaysianow.com&random=244856580860&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 103

https://pv.medialead.de/trck/epv/e99aace94e6e58739e35f36ecdaea4b4?subid=95831900010493800757617011871001&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95831900010493800757617011871001&actionid=981741&produktid=&dt_url=

Request Chain 110

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 112

https://pv.medialead.de/trck/eview/e99aace94e6e58739e35f36ecdaea4b4?subid=95831900010493800757617011871001 HTTP 302
https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_320x50.gif

Request Chain 137

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 149

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 172

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 184

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

180 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/ 342 KB
42 KB 53ms
23ms Document
text/html 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.0.33
Resource Hash: 7f35fcccc4ed146643e90823d919bd70569dfb9ab8058573ed74063cedb8d5a6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.0.33
link: <https://www.malaysianow.com/wp-json/>; rel="https://api.w.org/" <https://www.malaysianow.com/wp-json/wp/v2/posts/77476>; rel="alternate"; type="application/json" <https://www.malaysianow.com/?p=77476>; rel=shortlink
cf-cache-status: HIT
age: 3221
last-modified: Tue, 15 Feb 2022 02:41:57 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6ddb7cc35a3991e9-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
www.malaysianow.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 24ms
22ms Stylesheet
text/css 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.1
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
age: 1785344
etag: W/"604788b4-d293"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
cf-ray: 6ddb7cc3aaa791e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 24 Feb 2022 11:39:54 GMT

GET
H2 200 style.css
www.malaysianow.com/wp-content/plugins/td-newsletter/ 6 KB
2 KB 22ms
21ms Stylesheet
text/css 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/wp-content/plugins/td-newsletter/style.css?ver=10.3.9.1
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df1325dc2b48fea85fffd3aaa71e2d5724a52f374b37d82dd03c410d81f61042

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 1785344
cf-polished: origSize=6504
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
etag: W/"604788b4-1968"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
cf-ray: 6ddb7cc3aaab91e9-FRA
expires: Thu, 24 Feb 2022 11:39:54 GMT

GET
H2 200 style.css
www.malaysianow.com/wp-content/plugins/td-composer/td-multi-purpose/ 67 KB
9 KB 21ms
20ms Stylesheet
text/css 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ce8bffe9993debe0780d6912df0ac9350f43416d4a7f23c5fd86702281328dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 1785344
cf-polished: origSize=69458
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
etag: W/"604788b4-10f52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
cf-ray: 6ddb7cc3aaac91e9-FRA
expires: Thu, 24 Feb 2022 11:39:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 44ms
17ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CSource+Sans+Pro%3A400%2C700%2C600%7CGelasio%3A500&display=swap&ver=10.3.9.1

Requested by

Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40c3b592316e78b5555174382ecf5c0e3d35194fe903b49456bb17be3c642a57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 03:35:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 03:35:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 03:35:38 GMT

GET
H2 200 font-awesome.css
www.malaysianow.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 34 KB
7 KB 28ms
28ms Stylesheet
text/css 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 430eb07dfa4aa941ac583048830d1ef450b9fccf2111bb751e057668a5d375e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 1787229
cf-polished: origSize=43809
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
etag: W/"604788b4-ab21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
cf-ray: 6ddb7cc3aaad91e9-FRA
expires: Thu, 24 Feb 2022 11:08:29 GMT

GET
H2 200 style.css
www.malaysianow.com/wp-content/themes/Newspaper/ 110 KB
20 KB 29ms
28ms Stylesheet
text/css 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/wp-content/themes/Newspaper/style.css?ver=10.3.9.1
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ea234be37abb1b803a59de89393fa78be54e35744ec7880017b6d41b39e15e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 1785344
cf-polished: origSize=156101
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
etag: W/"604788b4-261c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
cf-ray: 6ddb7cc3aaae91e9-FRA
expires: Thu, 24 Feb 2022 11:39:54 GMT

GET
H2 200 td_legacy_main.css
www.malaysianow.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 198 KB
30 KB 24ms
23ms Stylesheet
text/css 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddf1f42a7bec68c72f80f6fecf6c7c3d934fff93d7aa035cff8468614c438d48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 1785344
cf-polished: origSize=249828
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
etag: W/"604788b4-3cfe4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
cf-ray: 6ddb7cc3aaaf91e9-FRA
expires: Thu, 24 Feb 2022 11:39:54 GMT

GET
H2 200 td_standard_pack_main.css
www.malaysianow.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 494 KB
42 KB 31ms
30ms Stylesheet
text/css 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=6b62588d33477b8e3dc5b8b3c9c8d86c
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f0722a81c1b03ebc18826f4f29bca688a1aee89619de0be687dde8c8fab0800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 1785344
cf-polished: origSize=635683
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
etag: W/"604788b4-9b323"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
cf-ray: 6ddb7cc3aab091e9-FRA
expires: Thu, 24 Feb 2022 11:39:54 GMT

GET
H2 200 tdb_less_front.css
www.malaysianow.com/wp-content/plugins/td-cloud-library/assets/css/ 85 KB
13 KB 21ms
21ms Stylesheet
text/css 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/wp-content/plugins/td-cloud-library/assets/css/tdb_less_front.css?ver=a50385a2d79d6600973a7e697f735a0b
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32bbb415575937d96b0e0987e865afb5d6fb6cca0573cc30d2d2cebd3b817fb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 1785344
cf-polished: origSize=108923
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
etag: W/"604788b4-1a97b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
cf-ray: 6ddb7cc3aab191e9-FRA
expires: Thu, 24 Feb 2022 11:39:54 GMT

GET
H2 200 logo-s-d.png
media.malaysianow.com/wp-content/uploads/2020/08/27211132/ 5 KB
6 KB 33ms
23ms Image
image/png 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.malaysianow.com/wp-content/uploads/2020/08/27211132/logo-s-d.png
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd12873ac9f51066962f44adfaff78de100d40e48364d0269dd46e0dfe852fc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
cf-cache-status: HIT
age: 8095
cf-polished: origSize=7017
cf-ray: 6ddb7cc3bacd91e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5448
x-amz-id-2: e02e8/X/Tm37YL05336zbF+bfDGENu2AWJbn2AyBuPV6ZczasnfBF0575JUq8vtaqKrWiAfw+2Y=
last-modified: Thu, 27 Aug 2020 13:11:33 GMT
server: cloudflare
etag: "7f697c0cf9f829aa8f0885877aaeec53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 0SG2MB4E9M8HVZJ8
expires: Fri, 27 Aug 2021 13:11:32 GMT
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/png
cf-bgj: imgq:85,h2pri

GET
H2 200 vinodsekhar_facebook.jpg
media.malaysianow.com/wp-content/uploads/2021/11/28235024/ 72 KB
73 KB 1198ms
1193ms Image
image/jpeg 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.malaysianow.com/wp-content/uploads/2021/11/28235024/vinodsekhar_facebook.jpg
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2fd36321c9cf7e4ac0275269a7ba52f6c2683a307da09b94a4bac026ede3919

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:40 GMT
cf-cache-status: MISS
x-amz-request-id: FD55JAC289KJC8WD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74009
x-amz-id-2: BysBrH5AGW2oYDA9Z0KK+SB5bgweBrGW++qf+04R1KGk4VnlIYyXzeeeMcnevlv6i5Cvfu3wv6E=
last-modified: Sun, 28 Nov 2021 15:50:26 GMT
server: cloudflare
etag: "6c9a8910685df5d3d08f93a0d09c019c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ddb7cc3bace91e9-FRA
expires: Mon, 28 Nov 2022 15:50:24 GMT

GET
H2 200 rocket-loader.min.js Show response
www.malaysianow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 20ms
19ms Script
application/javascript 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malaysianow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 11 Feb 2022 20:14:10 GMT
server: cloudflare
etag: W/"6206c392-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6ddb7cc3bacb91e9-FRA
vary: Accept-Encoding
expires: Thu, 17 Feb 2022 03:35:38 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 59ms
41ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.malaysianow.com/
Origin: https://www.malaysianow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6ddb7cc3d88b9153-FRA

GET
H3 200 init.js Show response
www.malaysianow.com/notify/ 4 KB
2 KB 27ms
27ms Script
application/javascript 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/notify/init.js?v=1.0.1
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faaaef5cc552bedab501907ee4bf801c516a92eecfe9c1ec3aa2f6ff4f430406

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 1783553
cf-polished: origSize=5800
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
etag: W/"604788b4-16a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
cf-ray: 6ddb7cc40c3e9273-FRA
expires: Thu, 24 Feb 2022 12:09:45 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
9 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Host: www.malaysianow.com
URL: https://www.malaysianow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 09:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8653
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 09:09:57 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 34ms
11ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Host: www.malaysianow.com
URL: https://www.malaysianow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 04:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3945
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Sat, 11 Feb 2023 04:41:41 GMT

GET
H3 200 wp-embed.min.js Show response
www.malaysianow.com/wp-includes/js/ 1 KB
1 KB 24ms
23ms Script
application/javascript 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/wp-includes/js/wp-embed.min.js?ver=5.5.1
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
age: 448336
etag: W/"604788b4-59a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
cf-ray: 6ddb7cc40c419273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 11 Mar 2022 23:03:22 GMT

GET
H3 200 js_files_for_front.min.js Show response
www.malaysianow.com/wp-content/plugins/td-cloud-library/assets/js/ 33 KB
8 KB 27ms
25ms Script
application/javascript 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=a50385a2d79d6600973a7e697f735a0b
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4efd43ff6d6dc2c922d3ba71a80f7f499eb56f65df5fe2c60305b35e66062eae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
age: 448336
etag: W/"604788b4-8387"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
cf-ray: 6ddb7cc40c439273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 11 Mar 2022 23:03:22 GMT

GET
H3 200 comment-reply.min.js Show response
www.malaysianow.com/wp-includes/js/ 3 KB
2 KB 25ms
23ms Script
application/javascript 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/wp-includes/js/comment-reply.min.js?ver=5.5.1
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d06df4184ba84e09a4be6a6ed101d1c3adefea0eaa833ddecf2f2251f6af33a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
age: 448336
etag: W/"604788b4-b2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
cf-ray: 6ddb7cc40c449273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 11 Mar 2022 23:03:22 GMT

GET
H3 200 tagdiv_theme.min.js Show response
www.malaysianow.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 253 KB
59 KB 39ms
37ms Script
application/javascript 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=10.3.9.1
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7246ea8f0ede1f2eadd6aa077545b7e0423f39e19d33c7c9a99d400afbe1bbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
age: 1783553
etag: W/"604788b4-3f512"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
cf-ray: 6ddb7cc40c469273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 24 Feb 2022 12:09:45 GMT

GET
H3 200 js_posts_autoload.min.js Show response
www.malaysianow.com/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 47ms
45ms Script
application/javascript 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=a50385a2d79d6600973a7e697f735a0b
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18ec45978f0a68004bbcff5a150f9eb62cfac449a51f15c5a61336a2ad1d4675

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
age: 1783553
etag: W/"604788b4-13fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
cf-ray: 6ddb7cc40c479273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 24 Feb 2022 12:09:45 GMT

GET
H3 200 underscore.min.js Show response
www.malaysianow.com/wp-includes/js/ 16 KB
6 KB 24ms
23ms Script
application/javascript 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b5fc275c98a58b1073a713920cefa54fab60ad9d85a67cf6907aaf8fbb3c474

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
age: 1783553
etag: W/"604788b4-3f1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
cf-ray: 6ddb7cc40c489273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 24 Feb 2022 12:09:45 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 47ms
21ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.malaysianow.com
URL: https://www.malaysianow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

5ac903cf375e85f77ade37ce4b7681564e93d4825dcab75b58317665134a539a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27167
x-xss-protection: 0
server: sffe
etag: "1132 / 631 of 1000 / last-modified: 1644879984"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Feb 2022 03:35:38 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
53 KB 75ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.malaysianow.com
URL: https://www.malaysianow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fff9ad0c7475bc21194cef8745ed73b1deb929c412e60510763a2ce7c47e4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53640
x-xss-protection: 0
server: cafe
etag: 18275676593269863369
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 03:35:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 71ms
29ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-175322716-1

Requested by

Host: www.malaysianow.com
URL: https://www.malaysianow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b09298879c552326691dee50f55de36b7b7d8904c48f44252cc0706ef49cde97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36078
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Feb 2022 03:35:38 GMT

GET
H3 200 jquery.js Show response
www.malaysianow.com/wp-includes/js/jquery/ 95 KB
34 KB 30ms
29ms Script
application/javascript 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 29991
cf-polished: origSize=96873
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
etag: W/"604788b4-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
cf-ray: 6ddb7cc40c499273-FRA
expires: Wed, 16 Mar 2022 19:15:47 GMT

GET
H3 200 placeholder-2.png
media.malaysianow.com/wp-content/uploads/2020/08/27145941/ 19 KB
19 KB 65ms
63ms Image
image/png 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.malaysianow.com/wp-content/uploads/2020/08/27145941/placeholder-2.png
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad6a1901c9b10af1f6fc584663c580ee927b947a1c48f596a6d554b460ce38be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
cf-cache-status: HIT
age: 193359
cf-polished: origSize=21009
cf-ray: 6ddb7cc42c7e9273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19336
x-amz-id-2: j6uPNZzWwinx0iIJuGifiTwwRV6m8q0FOl34O0hj3ke+1k9kCclRDmhGu5CotEeHHgInvvmbtes=
last-modified: Thu, 27 Aug 2020 06:59:42 GMT
server: cloudflare
etag: "8878a49978101bf96f5a345e522c6d5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: W2Y1G6KS21BJFHTY
expires: Fri, 27 Aug 2021 06:59:41 GMT
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/png
cf-bgj: imgq:85,h2pri

GET
H3 200 newspaper.woff
www.malaysianow.com/wp-content/themes/Newspaper/images/icons/ 123 KB
123 KB 21ms
19ms Font
font/woff 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/wp-content/themes/Newspaper/style.css?ver=10.3.9.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 557c7d8dd32557129cec3d5d4f221eef6e8706e0855f826f5f6db4278e08420b

Request headers

Referer: https://www.malaysianow.com/wp-content/themes/Newspaper/style.css?ver=10.3.9.1
Origin: https://www.malaysianow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
cf-cache-status: HIT
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
age: 1781146
etag: "604788b4-1eab4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
accept-ranges: bytes
cf-ray: 6ddb7cc43c9a9273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 125620

GET
H3 200 fontawesome-webfont.woff2
www.malaysianow.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 75 KB
76 KB 42ms
40ms Font
font/woff2 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.malaysianow.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Origin: https://www.malaysianow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:38 GMT
cf-cache-status: HIT
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
age: 1781146
etag: "604788b4-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
accept-ranges: bytes
cf-ray: 6ddb7cc43c9c9273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
13 KB 64ms
27ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CSource+Sans+Pro%3A400%2C700%2C600%7CGelasio%3A500&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malaysianow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 11:22:37 GMT
x-content-type-options: nosniff
age: 490381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 11:22:37 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
13 KB 67ms
29ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malaysianow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 20:17:49 GMT
x-content-type-options: nosniff
age: 544669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13072
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:17:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 20:17:49 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 45ms
16ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malaysianow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 00:14:34 GMT
x-content-type-options: nosniff
age: 530464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 00:14:34 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malaysianow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 511340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 05:33:18 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malaysianow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 549349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 18:59:49 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.malaysianow.com/wp-includes/js/ 14 KB
5 KB 19ms
19ms Script
application/javascript 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malaysianow.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.1
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Mar 2021 14:39:48 GMT
server: cloudflare
age: 1783555
etag: W/"604788b4-37a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
cf-ray: 6ddb7ccb4ce29273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 24 Feb 2022 12:09:45 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/ 289 KB
104 KB 54ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3590853924723071&plah=www.malaysianow.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d05bf9988fd0a6f13f729125be669d13334bff8add33b07256a23560b339096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106378
x-xss-protection: 0
server: cafe
etag: 8611684181560300902
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 03:35:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220210/r20190131/ Frame F3D4 13 KB
6 KB 49ms
12ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220210/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cfdef7cd1a0fab390d940b7b61ea3afc340838418bb94d460fe451d654331ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 5933
x-xss-protection: 0
date: Mon, 14 Feb 2022 15:36:44 GMT
expires: Mon, 28 Feb 2022 15:36:44 GMT
cache-control: public, max-age=1209600
age: 43136
etag: 17376176057921392695
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_2022020901.js Show response
securepubads.g.doubleclick.net/gpt/ 357 KB
120 KB 21ms
6ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

8a4fd9dc6db644313269ca0055f0cef11c1361c8879480f45393332ae2c8e027

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 22:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122359
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 09:36:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 14 Feb 2023 22:57:16 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 78 B
104 B 34ms
20ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.malaysianow.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

43910ccaf2394239b9ee9bfd8f2cd748d2ab585e170970521ca589ebe9ad8642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 03:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
x-xss-protection: 0
expires: Tue, 15 Feb 2022 03:35:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
10ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-175322716-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 46
date: Tue, 15 Feb 2022 03:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 15 Feb 2022 05:34:54 GMT

GET
H3 200 FW1218953_PTJ14_11012022_MACC-lpr-1024x682-1-218x150.jpg
media.malaysianow.com/wp-content/uploads/2022/02/15080858/ 7 KB
7 KB 594ms
594ms Image
image/jpeg 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.malaysianow.com/wp-content/uploads/2022/02/15080858/FW1218953_PTJ14_11012022_MACC-lpr-1024x682-1-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 718c81b4e19e36f6028563dd94bcec3e400680d19e439a22687c753eab9ea84e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:40 GMT
cf-cache-status: MISS
x-amz-request-id: VVABFRKKGA22G1C4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7140
x-amz-id-2: cn5oRmWREwtzna0Ds9Ud+bHqKej+eb7RjkbFZWiwPVQ/m+DEx+pmJ5MF9ZIqAeYFXl+S6NvAXbU=
last-modified: Tue, 15 Feb 2022 00:09:00 GMT
server: cloudflare
etag: "bb0b91228562ad54f651c8b05ef7f43d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ddb7ccc3dc69273-FRA
expires: Wed, 15 Feb 2023 00:08:59 GMT

POST
H3 200 rum Show response
www.malaysianow.com/cdn-cgi/ 0
169 B 18ms
17ms XHR
text/plain 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malaysianow.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: application/json

Response headers

date: Tue, 15 Feb 2022 03:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.malaysianow.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6ddb7ccc5de59273-FRA
vary: Origin

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
14ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=334635711&t=pageview&_s=1&dl=https%3A%2F%2Fwww.malaysianow.com%2Fnews%2F2021%2F11%2F29%2Fbusinessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe%2F&ul=en-us&de=UTF-8&dt=Businessman%E2%80%99s%20Bangsar%20offices%20raided%20in%20major%20money%20laundering%2C%20tax%20evasion%20probe%20%7C%20MalaysiaNow&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1937483982&gjid=1232780627&cid=1163831766.1644896140&tid=UA-175322716-1&_gid=151651728.1644896140&_r=1&gtm=2ou290&z=1625610868

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malaysianow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 03:35:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.malaysianow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
418 B 16ms
15ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.malaysianow.com&callback=_gfp_s_&client=ca-pub-3590853924723071

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3590853924723071&plah=www.malaysianow.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

f94753653b2648769fbb0aeea4ccd0060de8cd7ce35c6e1c3acffde08f6f67d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 38ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.malaysianow.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 03:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 37ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.malaysianow.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 03:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 18BD 0
19 B 115ms
85ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3590853924723071&output=html&adk=1812271804&adf=3025194257&lmt=1644892917&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.malaysianow.com%2Fnews%2F2021%2F11%2F29%2Fbusinessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644896140067&bpp=19&bdt=1264&idt=170&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4737996033974&frm=20&pv=2&ga_vid=1163831766.1644896140&ga_sid=1644896140&ga_hid=334635711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062423&oid=2&pvsid=3316557274000083&pem=334&tmod=436060942&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=188

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Feb 2022 03:35:40 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Feb 2022 03:35:40 GMT
cache-control: private

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
10 KB 34ms
19ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220210&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ea5f36ff6be97f36ef9bf9b5854cf7a27354bc342f5bdf5a291579f743c2c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 03:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9707
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 226ms
225ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3316557274000083&correlator=496531606444310&output=ldjh&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=22118255942%2CMNow_Mobile_Main_Leaderboard_320x100&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100%7C300x100%7C320x50&cookie_enabled=1&bc=31&abxe=1&dt=1644896140297&lmt=1644892917&dlt=1644896138803&idt=1464&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=3305665206&ucis=1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.malaysianow.com%2Fnews%2F2021%2F11%2F29%2Fbusinessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1163831766.1644896140&ga_sid=1644896140&ga_hid=334635711&ga_fc=true&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

c976213f54869765675619d355c73a787b39ba24d51bc8b44a34663150edf544

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9482
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.malaysianow.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
12 KB 2923ms
2922ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3316557274000083&correlator=496531606444310&output=ldjh&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=22118255942%2CMNow_Main_Billboard_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&cookie_enabled=1&bc=31&abxe=1&dt=1644896140302&lmt=1644892917&dlt=1644896138803&idt=1464&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=15&adks=890449846&ucis=2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.malaysianow.com%2Fnews%2F2021%2F11%2F29%2Fbusinessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe%2F&vis=1&scr_x=0&scr_y=0&psz=970x15&msz=970x0&ga_vid=1163831766.1644896140&ga_sid=1644896140&ga_hid=334635711&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

312b07f5f961b4444ae4fe543aad3a174511d18d38b0cca99136f90261189e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12102
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.malaysianow.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 64 KB
13 KB 871ms
870ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3316557274000083&correlator=496531606444310&output=ldjh&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=22118255942%2CMNow_Main_Billboard_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&cookie_enabled=1&bc=31&abxe=1&dt=1644896140303&lmt=1644892917&dlt=1644896138803&idt=1464&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1257182537&ucis=3&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.malaysianow.com%2Fnews%2F2021%2F11%2F29%2Fbusinessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe%2F&vis=1&scr_x=0&scr_y=0&psz=970x15&msz=0x0&ga_vid=1163831766.1644896140&ga_sid=1644896140&ga_hid=334635711&ga_fc=true&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

4cff8af8e6ef9e8bc8cbfab9552ae2cfdf35170ddcf2f4be9ce18e6da29270ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13454
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.malaysianow.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 55 KB
12 KB 2611ms
2610ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3316557274000083&correlator=496531606444310&output=ldjh&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=22118255942%2CMNow_Main_Billboard_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&dt=1644896140306&lmt=1644892917&dlt=1644896138803&idt=1464&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=3210932242&ucis=4&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.malaysianow.com%2Fnews%2F2021%2F11%2F29%2Fbusinessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe%2F&vis=1&scr_x=0&scr_y=0&psz=728x120&msz=0x-1&ga_vid=1163831766.1644896140&ga_sid=1644896140&ga_hid=334635711&ga_fc=true&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

82d0b41df1c9a1918fcbdd76952bbf7020a833a496578bbb1e5926aa69473063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12480
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.malaysianow.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
11 KB 594ms
593ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3316557274000083&correlator=496531606444310&output=ldjh&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=22118255942%2CMNow_InArticle_LSidebar_1_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&dt=1644896140309&lmt=1644892917&dlt=1644896138803&idt=1464&frm=20&biw=1600&bih=1200&oid=2&adxs=100&adys=1469&adks=1746935518&ucis=5&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.malaysianow.com%2Fnews%2F2021%2F11%2F29%2Fbusinessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe%2F&vis=1&scr_x=0&scr_y=0&psz=333x0&msz=333x0&ga_vid=1163831766.1644896140&ga_sid=1644896140&ga_hid=334635711&ga_fc=true&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

2e0cecf156c6025f1884bb058819ffad1ece045cc556768551e1ecd1f1c0ccab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11022
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.malaysianow.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
11 KB 1760ms
1759ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3316557274000083&correlator=496531606444310&output=ldjh&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=22118255942%2CMNow_InArticle_Rect_1_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&dt=1644896140311&lmt=1644892917&dlt=1644896138803&idt=1464&frm=20&biw=1600&bih=1200&oid=2&adxs=463&adys=1790&adks=3139513981&ucis=6&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.malaysianow.com%2Fnews%2F2021%2F11%2F29%2Fbusinessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe%2F&vis=1&scr_x=0&scr_y=0&psz=696x0&msz=696x0&ga_vid=1163831766.1644896140&ga_sid=1644896140&ga_hid=334635711&ga_fc=true&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

b307fcf0455d2a42f60960f8644ef2ce1f5cbc010fa05ea22fcbab1334760fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11024
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.malaysianow.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
11 KB 3409ms
3407ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3316557274000083&correlator=496531606444310&output=ldjh&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=22118255942%2CMNow_InArticle_Rect_2_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&dt=1644896140315&lmt=1644892917&dlt=1644896138803&idt=1464&frm=20&biw=1600&bih=1200&oid=2&adxs=463&adys=2689&adks=2805947234&ucis=7&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.malaysianow.com%2Fnews%2F2021%2F11%2F29%2Fbusinessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe%2F&vis=1&scr_x=0&scr_y=0&psz=696x0&msz=696x0&ga_vid=1163831766.1644896140&ga_sid=1644896140&ga_hid=334635711&ga_fc=true&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

9f35ab78eff2bc7606c848119a87bf1c25d903d15b9af755d8a7ceb322f23d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10866
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.malaysianow.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
11 KB 2181ms
2180ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3316557274000083&correlator=496531606444310&output=ldjh&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=22118255942%2CMNow_InArticle_RSidebar_1_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&dt=1644896140317&lmt=1644892917&dlt=1644896138803&idt=1464&frm=20&biw=1600&bih=1200&oid=2&adxs=1190&adys=325&adks=1499013526&ucis=8&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.malaysianow.com%2Fnews%2F2021%2F11%2F29%2Fbusinessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe%2F&vis=1&scr_x=0&scr_y=0&psz=310x0&msz=310x0&ga_vid=1163831766.1644896140&ga_sid=1644896140&ga_hid=334635711&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

9b3f4a140e60708e55c7f6afbe1ba517f9e39cdf2bc0969a6c319b70f904c0ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11019
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.malaysianow.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0FA2 6 KB
4 KB 86ms
15ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 15 Feb 2022 03:35:40 GMT
expires: Wed, 15 Feb 2023 03:35:40 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 PSX_20220211_113408-218x150.jpg
media.malaysianow.com/wp-content/uploads/2022/02/14231635/ 11 KB
11 KB 630ms
630ms Image
image/jpeg 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.malaysianow.com/wp-content/uploads/2022/02/14231635/PSX_20220211_113408-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 114c84d26d37dc6859199d2c04cdcfdddf1d723c73e3bc36211caecfba352b8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:40 GMT
cf-cache-status: MISS
x-amz-request-id: VVAA118EH3JD79SB
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10777
x-amz-id-2: q5xOTFS3ugiETewdd/9qmpqAQH4A44Ko2kzyzfZvy6xMAjmM3uarMVOrbxn0M7HLPPQzw4C+Ydk=
last-modified: Mon, 14 Feb 2022 15:16:37 GMT
server: cloudflare
etag: "c0c8ead5a39103a9171c3d23b681894b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ddb7ccd2eac9273-FRA
expires: Tue, 14 Feb 2023 15:16:36 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-175322716-1&cid=1163831766.1644896140&jid=1937483982&gjid=1232780627&_gid=151651728.1644896140&_u=YEBAAUAAAAAAAC~&z=49548146

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malaysianow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 15 Feb 2022 03:35:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.malaysianow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 66ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 03:35:40 GMT

GET
H3 200 tony_kamaruddin_airasia_instapic-218x150.jpg
media.malaysianow.com/wp-content/uploads/2022/02/14101126/ 8 KB
8 KB 621ms
621ms Image
image/jpeg 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.malaysianow.com/wp-content/uploads/2022/02/14101126/tony_kamaruddin_airasia_instapic-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91855b507681266c83e1671a60d2ca397c16682eeeff613ec51e59ab8526b5ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:40 GMT
cf-cache-status: MISS
x-amz-request-id: VVA0RFE7MDEGCJHD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8227
x-amz-id-2: F9qwr8gfErJFCUmPAF0xI7KL0CxtoNFUF5v2ZBSMhkhafhuakPAGMt2CTFV4pQ0lGYrDawiBNoA=
last-modified: Mon, 14 Feb 2022 02:11:28 GMT
server: cloudflare
etag: "6dab2d6d30872be761ad2d8778ea73c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ddb7ccd4ed39273-FRA
expires: Tue, 14 Feb 2023 02:11:27 GMT

GET
H3 200 Sarawak_Poverty4_Mnow_220121-218x150.jpg
media.malaysianow.com/wp-content/uploads/2022/02/13231751/ 10 KB
10 KB 583ms
582ms Image
image/jpeg 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.malaysianow.com/wp-content/uploads/2022/02/13231751/Sarawak_Poverty4_Mnow_220121-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d57c5fe6ed06f7bcc17fda1afc2a15dfe2959e696e9049764b00098a20633a16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:40 GMT
cf-cache-status: MISS
x-amz-request-id: VVACQEQ2ATXBYDF4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9733
x-amz-id-2: l+nwUmX6OW8QFN+19Mdcazpxafx4LLEdKG2McTrSSFQkLDLzsiIunVkopTbm5KLR2UCfOl6W1No=
last-modified: Sun, 13 Feb 2022 15:17:53 GMT
server: cloudflare
etag: "d5c23ceb9b1c3815dd5bc49497086a24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ddb7ccd7f049273-FRA
expires: Mon, 13 Feb 2023 15:17:52 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 42ms
18ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-175322716-1&cid=1163831766.1644896140&jid=1937483982&_u=YEBAAUAAAAAAAC~&z=1934380913

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 03:35:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 43ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-175322716-1&cid=1163831766.1644896140&jid=1937483982&_u=YEBAAUAAAAAAAC~&z=1934380913

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 03:35:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 668A 13 KB
5 KB 49ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Feb 2022 23:31:01 GMT
expires: Tue, 14 Feb 2023 23:31:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 14679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 947A 783 B
1 KB 22ms
17ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

941a8838a800adaf292e44a67962c9ab7094a0b6c7a70c264daef0ca36e5ba3d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F0rI9lGHkhv8CJeXfmMeIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 15 Feb 2022 03:35:40 GMT
date: Tue, 15 Feb 2022 03:35:40 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-F0rI9lGHkhv8CJeXfmMeIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Gedong03_Mnow_121221-1024x682-1-218x150.jpg
media.malaysianow.com/wp-content/uploads/2022/02/13192246/ 6 KB
7 KB 580ms
580ms Image
image/jpeg 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.malaysianow.com/wp-content/uploads/2022/02/13192246/Gedong03_Mnow_121221-1024x682-1-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f5f9b65a3ff7723227a49ac548c75ff0e828cf8af10cdcb2013668614947cb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:41 GMT
cf-cache-status: MISS
x-amz-request-id: VVA573TWE181G8NN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6418
x-amz-id-2: gWD7g7hMTyJJdgKmrEMjNawvj+BPrHx/nxWvL5UefBxwDrKMNpX/coC6k2RO4F6+lLX2ZA7EwJY=
last-modified: Sun, 13 Feb 2022 11:22:48 GMT
server: cloudflare
etag: "a255fd0b0706bb188a22ec51f2e3c4da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ddb7ccdbf529273-FRA
expires: Mon, 13 Feb 2023 11:22:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 947A 0
0 32ms
32ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220210&jk=3316557274000083&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 QXXtNV2_rimJ59THO8yAvlzUBzNnyKLIOF0f-vbqXN4.js Show response
pagead2.googlesyndication.com/bg/ Frame 668A 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QXXtNV2_rimJ59THO8yAvlzUBzNnyKLIOF0f-vbqXN4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4175ed355dbfae2989e7d4c73bcc80be5cd4073367c8a2c8385d1ffaf6ea5cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 20:30:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13571
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 20:30:04 GMT

GET
H3 200 container.html Show response
fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5CFC 6 KB
3 KB 24ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Feb 2022 03:35:40 GMT
expires: Wed, 15 Feb 2023 03:35:40 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 668A 0
9 B 18ms
18ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fzhlcw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D16D 624 B
300 B 18ms
18ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNXknYPucZSlI9L5RTYkql5aMY-6mpbgBK118HxN1xb0KHuIOeKyt-WJDwqvoK3r5FohV44xsbww_Z5dOrMBYfpX_2rxxzAxs150GqQy2GVJQMp0R0zKBSKbOWZCULRHFlbGYYdSExFy9xI2LhamqNdQ25wrz70PZH_ufVL54ZSk7SNmpKk

Requested by

Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 15 Feb 2022 03:35:40 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Feb 2022 03:35:40 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5BF6 26 KB
15 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ag3IFvOLXGghTpHWQzmGppOH5hOmILKfpO2Imb5tTexT1578vCJ9bDrJoo0HZOzQ2KpaC8flBHYhhe2fIvTVpmOOiMYZVwJH1n8GZjj6B9EXEnSALqp_rKapBnAJzQEcBfv5NLZG5MXm20SRRtpFvaTn9akw&cry=1&dbm_d=AKAmf-CAKhiEA5EExpvLo5mPkoWEP8KbHM1eLGDsGPQZKsWOHBNdrJF9dSjaYKi1ItD8wdrhfeeDsMb1utufP71HLRUKd_O5EzHGW57wMyTa3DvxhZx8oolhrb3ZUirqSGDBOuv04yWZYimFi3jmHbpz9DMV0LRR-MX5h8SmoM_QtTe4KdmbtXw0q69XG-i3PAKMW1V84B8UwvTFCcFh04fEkECp7mlIR_aemtoiEDuq4eDQ5voUbPrl_Yu_z-3sBhlDpajAazeTt9VkYFwrhOkcslMihPkA4pS7MFKFIYNDMadRXfIVC5Of7SKwVSLehZtcwIYaS_c-wtqLJtriN1oyio40i7NjKLgZ1oUly2pqYmHZgkhSDPZ9NKbRENG3vu__g8uDS1KuJN2X7-tt8hDVmT5Oq8okGF_dN4c7JtD4OUUfTVPui5FhalFcEBCnDOrn2TTwYmYBP03EOWrHRAUAW99SruJTq1Q-a2oh5GwzFRKtyaUW8hTSKf1BZWqOJ6V9pPrPS9wPu5lRQs1aJo74Tca6h6OpC3DFnZm99BqcXsaG2W-K1DJmgwqrcRwCCXoTwrhasKkSMhIFVeWlQ9OTzRhQ11Txrxos8ytnmzOA2a-tGUSTyZI6EMi9z6jMd2P_O1PnkrvI4UNWuD4o7H1EdAEzvRE8oOm_S3uRBc_lboojm0YZSkKJMUMiYw82oFjJiQadgW868lAanG7EKrrpQGgs-vsWtDQUJkh9Urq3G8l_yf0gzJMJzGVI0Q_jmCkxvIrIvlDdlRLIiqFaxmdrxSU04u4yBBrumfdiy8M1Nws92bWlQqhiAYjn8P_2BLaYbk2WnBf62FKgZ6pq0hjgIsk_v4O7toxxPNbxJiuicqnDg29MMMloY-v5VtSYad-5CEdmGP7qxaax-7Wk5MAJlNXR3qAx6NW8PIWvkQ3gPsqB2BRMl2wAftLNcTCiTDCRtehCYXbLqA77VM65AFOBmUiNlI3DxzbqjYPvexrXxnlPVKLc3nZEFDZzLcuL7XHhUky2Ja9FXv1B_O0IVa3EJHTCjvgwgGx-uudPM0-0-wsDcBu-HewbDNG2q_wSxbe9Ip2ae-3WPgfQjtd5MWvoBARwZKUM8N5XznKbg9Uf4Rd2BN00jgXUPhMO2Y-1rl_XoS9uTsNnLXamqqLMTv8TL5ro0gp2Xq_-lFxsDiZR02sH0foPV_1YB8x16sRslkAc1YoIXw3w06D861U8y3PHTdjB0xlzrt95-gSncd66nf24XeAMvkFSiqnBDrOwzeVVje0uTkOC3aLwMnOK-8yUjmKLiGmqXzQT-8f7v1530Ox3ubG-9XQ-smSK8bj5q6plh6V2mn1-j8CrvjKyxtgbmH2ruJ1kiuZ6NXhllht4fAIuctAAFlPKe7lwbcT2LbngoszHL7lRFqRHXr--sX09xR5WX7OL-iSGrvf-ppjYk_zleTVrY7TV897JoHWnZgk0KLEQHAK8F___8RSZcIcNdkBE4ONatjOTpygXWvsSnSdL9PrweaDFI5UVbKt1OznRE3EJ8bMWljg3Qf59i4JFkTs9BwD8wxXy_Rjq-YgTsf7YmZLaeJ3ZlrvrWCpoNn-yU0FdqjtDDOKv-6eeXzCT2Et2VH-09RnDhzrNQomzuQQeztqIQFNliTWzwyDzbN1538E15RW4fu3mXrFKF_97zpo-MkbWuWZrJW8pe6SsYWTmh4w-r7zl5XbA1Rl2Xqxuvb0wNa7gyozkbaDjQH1pZvH2-l2BZ3Va9q9PyPqQo_hM6BB87Av-Jcdo2Aehj2EwNfHo95DdFfWwqnQ7a8-iKFt6FPgOO8NiYoILZR4PQ_jHEeDuH9Bg6Yd48iZXwIqVzO05DI3LsD9X3nzjS8Z1-wzI8Ezin7BN4eouk_y2XuskxLr4YFdzhsPNXkwegquhR8-FXHgxXOqcVFJxFyiqvhGn15EwfJoABbFyoVVLRU-HZH9-LEUwPU24ZTrdA-ufgBj1pEtps5xTx5Iyd8vw1PtAb6ii0cAju8axc1EymIxCoeIgPItc9fnQ5HgIw3Pi1jFkRTztxBQ9X7EcGH7n7xYVMkutwAu7kMtQDL2ncxh_-f3upHKxbzlklt5q3kJVNZ5UpicAf-xvMTGN84qGOL_7xKEFTAX-zH031wOTaIB2DsKuygYWKwLQQyQKJ0URstRY_VIBDAPiLXW9zX8Xv0fwperF0ZS5wBy89MYPE0hfTPlF71SAn1Rjx4rDR6eLxwyhk6G_pAHiJ6UYdOmd02BImCtPTV123X9iJILkcvk3tjA129RG-w3mC06YAWJc910__WjV0A5w1tHlxvZdd7rOocb58wj75u7Vi00Req-U7enmkNfssJWQkvST3SB20WPxiYzU_PA1HGNuLnv59WuowebSMMts0SmsOy3cLtOt3Bex7llwSmNA0jFGJYY7q-CiGRN51ZhOUYYllHRkEYiYk8cCelyu3KDhWCWfnpHQU49O4vJNO9jHjbPZSYYjEZ6NYc86GlNMaWCJyKp9FI270AUmhwKdN6r_Im3PXhw7bmTQe93fkxgQxEBMMqmFEmd2DEw9iSGAA6phFVAC2I5PFyv41wKdS6MQk3cVY9-qkdfq5Sqz1AaYxcUEnXq0KXQnWketKQ739ddiGJqfXEnbWB2GauEGs1NrNfRrTyNvI6qB_pk0Df8SaCbtZ-JJohgNPQFBMSx8m6DvRNX0_QAJQWpH87l-rZ5GNhHeAqkR-hIWlcX8EWfwiF8Rf2wiQXGyUCsBH3AlT7XxCmIre_a7j5U1LIiIhohWdpoXxpDuY0rqf3Bb64_5UVWJHypxKN9D-XE68i5nguLK0Vx57ZgkTai6OwPiR2NfWBYOT6oPLNKEzPiTFY11_UhCC0wn_pklEwQ9CoYAatDV6Gm-GEwVCJxrYlK6UuVskf9a0DZSbEzbuVWBDpxvGZ1YLxoUkOYWQ9FdbvXtRQ0ZG-c7s7_YkRgguUlP6xRT4F3vUzEIzbvYEAzTW7IhuD-JerGNrP91je26qeWmG-1MXUXMrrLHJCPdQxsLW6O-rdVgR-YBvmTs4DRMOdRiJkFI7zSPB9UveQsEPDPqu8in5RZFpGmN4FXrdF3RtVPXEM6G9l6Q5BYMDu4XZQVIGAOeF1T_YJ3VF-95iLKgk8Nx2inebtJNunOuv7JB_qnfLHULqc3YA9Z26YizKbri8JnwbepBTDuaae0WGTrFA-YS6SZiPSS6R6IeeBK0tL0r_xAKDsnnkSda9ukkUCyGZWdVKEU6JCsWqYamMPyvvu44IvXxU6_TwoAucA4oWqzCDWRNcWJg0QNpo8sgRga8d1y-b7Hrc2yl4wrHM44TEJIovC8pfUKf8b3avXrG6SBhBQHVHGZPLVDFhGK77mB9IxnF6V1Xji9oyH3e&cid=CAASFeRoxTs-fFMbsEG9o27OpDynNWWBiw&rfl=2%2Chttps%253A%252F%252Fwww.malaysianow.com%252F%240

Requested by

Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

137c2c9208370792c9acb91d495d77e62ec53ffeced33de23110e742b81d5c04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 03:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15480
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame 5BF6 2 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 03:16:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BF6 124 KB
38 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 03:35:40 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame 5BF6 15 KB
6 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06b89615824177c02fe88a115183da6905bd3bb4d5136997ca35a0bdfa86f422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 02:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6395
x-xss-protection: 0
server: cafe
etag: 14935107822106690633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 02:34:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5BF6 0
0 34ms
15ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTassGUkWebC2fbbsCRWVc6gYbUf1t174UaFGMdRI5XLTLafaOSufDk6zUXkuZdvxXpLumSod5GKK5KLYcAeSaTAG-urQ
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BF6 42 B
63 B 15ms
15ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DZ3-gGgKkG5YZxJvva3zQ3NaJOmp67xLF6YyeWVHySO0S2LliQNkUg7Lxe_JDP5QxLcS6iLOMKFhLZcJ-bfPGP1O1Pu9a8d6VehDTSOJVJFpxGQcI

Requested by

Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 03:35:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 19ms
19ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220210&jk=3316557274000083&bg=!ZmWlZSHNAAbAtJCDwLQ7ACkAdvg8Wq6QWWzzD-2kNsM7CC8enVdn3rmUJOsuNYNLB3R57736MxltpwIAAAB8UgAAAAFoAQeZAskGi06cesbFawmpaLPc5VDQRr7qjOT3YeleZthEQMM_2M9pohufZ4W1XQqZeePl5ubX9TBdxs828HsjwHqm2X2Fay6Dmtout9VVVSbnsNMgPfcwI17EeYcUSkRKH-eknxfuDf8V7jsy3wLyzxfFTyomPGNjAOiyKVgEK_s77GD4PN_e5-0FTd58Cwake3DuyavbZeWnk5r7AI7O4XqFJF21xlPEhw5JItIZX0MyLxojAkgAWJlnvkunK_w0KbVU2nCpFr4tOrw10icRWSDBVlJbPKiYKbivAPGsCQRxC-iJHlfIl2RJ9KXtveTOqeZqrwPYmMGOZ6k7xBn_b4QKzV-2mmGFI-Yu8-soHa6HvfxoeIzuGGyb-WNF7mbvYO44gVfkBPjINtULn-4AGdeFe0ebA__GB-BxnYnQNW7oHJJpVo0cl5SS0TKyit_-goJhP7ySJLgn4aqXZXk-YniKOxFFkRPLv8A50YhWoGCpQAVCGC_brALxKJAjEbC3As-WSTUovfBL-gkpxmdKCt3M2FFM3naotdd08tpnpIzkdozrYQbYOGgMsAQgpz7GVw1J1DZrD3sHKNx_MbGXEaRMqnf4PSbFKXGwvZQITokqg2FClM8Mxn01pSOkEJGHlpBQh0KOCfQczTa7GDVEVIM3VuITFHNumi9N1WchjG_r0DmdBv2KO_XYuS7WjLEEC7Ht5f8ygQA96N9BtLbB4rwnVB5Hm1xNIhWSj_5mQdhudx8ZDsrp9Tll4qZAA1upFd0xY0uviYYrwW__YwTN_UQ8x7u1bzorp14coIKmMYS1iKYk2hhHnjVstTqGAv7bTeT0_JtOO_atNeqVI8u-P_5pX1TPGbNkWNhYhyM94GogHNlu8SkF5kdaiVJ1-vVf6X9U4MnXydKhO2Iv0ubCkNwjiGXe3sbKyui8t8Qt4yAa0FzT3S19Hi19_ncrLA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 03:35:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D16D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFaFZ4HFEbakImxMovOjE68&google_cver=1

43 B
1014 B

27ms
14ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFaFZ4HFEbakImxMovOjE68&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNXknYPucZSlI9L5RTYkql5aMY-6mpbgBK118HxN1xb0KHuIOeKyt-WJDwqvoK3r5FohV44xsbww_Z5dOrMBYfpX_2rxxzAxs150GqQy2GVJQMp0R0zKBSKbOWZCULRHFlbGYYdSExFy9xI2LhamqNdQ25wrz70PZH_ufVL54ZSk7SNmpKk
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 03:35:40 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 15 Feb 2022 03:35:40 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 03:35:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFaFZ4HFEbakImxMovOjE68&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D16D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgsfjBB3AU7B98BZnOHvZAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFaFZ4HFEbakImxMovOjE68&google_cver=1

43 B
894 B

13ms
12ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFaFZ4HFEbakImxMovOjE68&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNXknYPucZSlI9L5RTYkql5aMY-6mpbgBK118HxN1xb0KHuIOeKyt-WJDwqvoK3r5FohV44xsbww_Z5dOrMBYfpX_2rxxzAxs150GqQy2GVJQMp0R0zKBSKbOWZCULRHFlbGYYdSExFy9xI2LhamqNdQ25wrz70PZH_ufVL54ZSk7SNmpKk
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 03:35:40 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 15 Feb 2022 03:35:40 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 03:35:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFaFZ4HFEbakImxMovOjE68&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame D16D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAuLERq2lWs4Kawqtp5bXyg&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAuLERq2lWs4Kawqtp5bXyg%26google_cver%3D1

43 B
1 KB

13ms
13ms

Image
image/gif

185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAuLERq2lWs4Kawqtp5bXyg%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNXknYPucZSlI9L5RTYkql5aMY-6mpbgBK118HxN1xb0KHuIOeKyt-WJDwqvoK3r5FohV44xsbww_Z5dOrMBYfpX_2rxxzAxs150GqQy2GVJQMp0R0zKBSKbOWZCULRHFlbGYYdSExFy9xI2LhamqNdQ25wrz70PZH_ufVL54ZSk7SNmpKk

Protocol

HTTP/1.1

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 03:35:40 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1975f6b3-7455-4873-98cb-45efd91e9b29
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 03:35:40 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f8970687-9e52-4ed6-b387-ace836eadb0f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAuLERq2lWs4Kawqtp5bXyg%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D16D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU1OTg0MTgyODI4NTM5ODkzNA%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU1OTg0MTgyODI4NTM5ODkzNA%3D%3D

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 03:35:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 03:35:40 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ea27519e-6ca3-47fd-aa88-10df2f688715
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU1OTg0MTgyODI4NTM5ODkzNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220210/r20110914/ Frame 5BF6 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220210/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ag3IFvOLXGghTpHWQzmGppOH5hOmILKfpO2Imb5tTexT1578vCJ9bDrJoo0HZOzQ2KpaC8flBHYhhe2fIvTVpmOOiMYZVwJH1n8GZjj6B9EXEnSALqp_rKapBnAJzQEcBfv5NLZG5MXm20SRRtpFvaTn9akw&cry=1&dbm_d=AKAmf-CAKhiEA5EExpvLo5mPkoWEP8KbHM1eLGDsGPQZKsWOHBNdrJF9dSjaYKi1ItD8wdrhfeeDsMb1utufP71HLRUKd_O5EzHGW57wMyTa3DvxhZx8oolhrb3ZUirqSGDBOuv04yWZYimFi3jmHbpz9DMV0LRR-MX5h8SmoM_QtTe4KdmbtXw0q69XG-i3PAKMW1V84B8UwvTFCcFh04fEkECp7mlIR_aemtoiEDuq4eDQ5voUbPrl_Yu_z-3sBhlDpajAazeTt9VkYFwrhOkcslMihPkA4pS7MFKFIYNDMadRXfIVC5Of7SKwVSLehZtcwIYaS_c-wtqLJtriN1oyio40i7NjKLgZ1oUly2pqYmHZgkhSDPZ9NKbRENG3vu__g8uDS1KuJN2X7-tt8hDVmT5Oq8okGF_dN4c7JtD4OUUfTVPui5FhalFcEBCnDOrn2TTwYmYBP03EOWrHRAUAW99SruJTq1Q-a2oh5GwzFRKtyaUW8hTSKf1BZWqOJ6V9pPrPS9wPu5lRQs1aJo74Tca6h6OpC3DFnZm99BqcXsaG2W-K1DJmgwqrcRwCCXoTwrhasKkSMhIFVeWlQ9OTzRhQ11Txrxos8ytnmzOA2a-tGUSTyZI6EMi9z6jMd2P_O1PnkrvI4UNWuD4o7H1EdAEzvRE8oOm_S3uRBc_lboojm0YZSkKJMUMiYw82oFjJiQadgW868lAanG7EKrrpQGgs-vsWtDQUJkh9Urq3G8l_yf0gzJMJzGVI0Q_jmCkxvIrIvlDdlRLIiqFaxmdrxSU04u4yBBrumfdiy8M1Nws92bWlQqhiAYjn8P_2BLaYbk2WnBf62FKgZ6pq0hjgIsk_v4O7toxxPNbxJiuicqnDg29MMMloY-v5VtSYad-5CEdmGP7qxaax-7Wk5MAJlNXR3qAx6NW8PIWvkQ3gPsqB2BRMl2wAftLNcTCiTDCRtehCYXbLqA77VM65AFOBmUiNlI3DxzbqjYPvexrXxnlPVKLc3nZEFDZzLcuL7XHhUky2Ja9FXv1B_O0IVa3EJHTCjvgwgGx-uudPM0-0-wsDcBu-HewbDNG2q_wSxbe9Ip2ae-3WPgfQjtd5MWvoBARwZKUM8N5XznKbg9Uf4Rd2BN00jgXUPhMO2Y-1rl_XoS9uTsNnLXamqqLMTv8TL5ro0gp2Xq_-lFxsDiZR02sH0foPV_1YB8x16sRslkAc1YoIXw3w06D861U8y3PHTdjB0xlzrt95-gSncd66nf24XeAMvkFSiqnBDrOwzeVVje0uTkOC3aLwMnOK-8yUjmKLiGmqXzQT-8f7v1530Ox3ubG-9XQ-smSK8bj5q6plh6V2mn1-j8CrvjKyxtgbmH2ruJ1kiuZ6NXhllht4fAIuctAAFlPKe7lwbcT2LbngoszHL7lRFqRHXr--sX09xR5WX7OL-iSGrvf-ppjYk_zleTVrY7TV897JoHWnZgk0KLEQHAK8F___8RSZcIcNdkBE4ONatjOTpygXWvsSnSdL9PrweaDFI5UVbKt1OznRE3EJ8bMWljg3Qf59i4JFkTs9BwD8wxXy_Rjq-YgTsf7YmZLaeJ3ZlrvrWCpoNn-yU0FdqjtDDOKv-6eeXzCT2Et2VH-09RnDhzrNQomzuQQeztqIQFNliTWzwyDzbN1538E15RW4fu3mXrFKF_97zpo-MkbWuWZrJW8pe6SsYWTmh4w-r7zl5XbA1Rl2Xqxuvb0wNa7gyozkbaDjQH1pZvH2-l2BZ3Va9q9PyPqQo_hM6BB87Av-Jcdo2Aehj2EwNfHo95DdFfWwqnQ7a8-iKFt6FPgOO8NiYoILZR4PQ_jHEeDuH9Bg6Yd48iZXwIqVzO05DI3LsD9X3nzjS8Z1-wzI8Ezin7BN4eouk_y2XuskxLr4YFdzhsPNXkwegquhR8-FXHgxXOqcVFJxFyiqvhGn15EwfJoABbFyoVVLRU-HZH9-LEUwPU24ZTrdA-ufgBj1pEtps5xTx5Iyd8vw1PtAb6ii0cAju8axc1EymIxCoeIgPItc9fnQ5HgIw3Pi1jFkRTztxBQ9X7EcGH7n7xYVMkutwAu7kMtQDL2ncxh_-f3upHKxbzlklt5q3kJVNZ5UpicAf-xvMTGN84qGOL_7xKEFTAX-zH031wOTaIB2DsKuygYWKwLQQyQKJ0URstRY_VIBDAPiLXW9zX8Xv0fwperF0ZS5wBy89MYPE0hfTPlF71SAn1Rjx4rDR6eLxwyhk6G_pAHiJ6UYdOmd02BImCtPTV123X9iJILkcvk3tjA129RG-w3mC06YAWJc910__WjV0A5w1tHlxvZdd7rOocb58wj75u7Vi00Req-U7enmkNfssJWQkvST3SB20WPxiYzU_PA1HGNuLnv59WuowebSMMts0SmsOy3cLtOt3Bex7llwSmNA0jFGJYY7q-CiGRN51ZhOUYYllHRkEYiYk8cCelyu3KDhWCWfnpHQU49O4vJNO9jHjbPZSYYjEZ6NYc86GlNMaWCJyKp9FI270AUmhwKdN6r_Im3PXhw7bmTQe93fkxgQxEBMMqmFEmd2DEw9iSGAA6phFVAC2I5PFyv41wKdS6MQk3cVY9-qkdfq5Sqz1AaYxcUEnXq0KXQnWketKQ739ddiGJqfXEnbWB2GauEGs1NrNfRrTyNvI6qB_pk0Df8SaCbtZ-JJohgNPQFBMSx8m6DvRNX0_QAJQWpH87l-rZ5GNhHeAqkR-hIWlcX8EWfwiF8Rf2wiQXGyUCsBH3AlT7XxCmIre_a7j5U1LIiIhohWdpoXxpDuY0rqf3Bb64_5UVWJHypxKN9D-XE68i5nguLK0Vx57ZgkTai6OwPiR2NfWBYOT6oPLNKEzPiTFY11_UhCC0wn_pklEwQ9CoYAatDV6Gm-GEwVCJxrYlK6UuVskf9a0DZSbEzbuVWBDpxvGZ1YLxoUkOYWQ9FdbvXtRQ0ZG-c7s7_YkRgguUlP6xRT4F3vUzEIzbvYEAzTW7IhuD-JerGNrP91je26qeWmG-1MXUXMrrLHJCPdQxsLW6O-rdVgR-YBvmTs4DRMOdRiJkFI7zSPB9UveQsEPDPqu8in5RZFpGmN4FXrdF3RtVPXEM6G9l6Q5BYMDu4XZQVIGAOeF1T_YJ3VF-95iLKgk8Nx2inebtJNunOuv7JB_qnfLHULqc3YA9Z26YizKbri8JnwbepBTDuaae0WGTrFA-YS6SZiPSS6R6IeeBK0tL0r_xAKDsnnkSda9ukkUCyGZWdVKEU6JCsWqYamMPyvvu44IvXxU6_TwoAucA4oWqzCDWRNcWJg0QNpo8sgRga8d1y-b7Hrc2yl4wrHM44TEJIovC8pfUKf8b3avXrG6SBhBQHVHGZPLVDFhGK77mB9IxnF6V1Xji9oyH3e&cid=CAASFeRoxTs-fFMbsEG9o27OpDynNWWBiw&rfl=2%2Chttps%253A%252F%252Fwww.malaysianow.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1fc1430cd75c53c33175084b982a96bf011411382359e98c9c327f7c229acae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:24:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9601
x-xss-protection: 0
server: cafe
etag: 14683223144942375712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 03:24:02 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5BF6 41 KB
15 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 14:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Feb 2023 14:50:20 GMT

GET
H/1.1 200
OK kumirww3i0oj Show response
hal9000.redintelligence.net/zone/ Frame 5BF6 11 KB
4 KB 51ms
13ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/kumirww3i0oj?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6jWNjB8LYrGtFa7D7_UPzt6syAvdreioYM_qz-SfCvAuEAEgy_iRfmCVgoCAsAfIAQmpAt1xwpoW-LI-qAMBqgSVAk_Q4rObItuV4tjsMtud3SFCcQ3um6XZz0NCtHZwDw59IjccyOfk711mgGmQSb7tX7ui2PlkVHvEDT8WXIZ_MkUTwRm9Lhu5qiUjG6f806Z-4-1GRxWGnv_4RzoKrviwYjCRilz2NvilwG-g8NGiBLpPONoaHe03s-geZh6nLcAJ1BuyX_lhg7Ln2MiCVVUIG7P4HtK0IclWS2T-nOsh4cDrFnxFMtFDRAWn3NWhH0tLxhgVOiH25PPewKUTamYWqKdzkS64vyx7WyhWKnthGb2gy9EfEBysVLCv85HABzejOD8bQ4PVef3HxTXzTlwNvEWYoTQdYtsPTqElbrD6xLQDZBdNRYDN4XA9lJpmqheinINV3DvABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoxTs-fFMbsEG9o27OpDynNWWBiw%26sig%3DAOD64_0RMMIJI2UgrRq5pomzbUJHt5onLg%26client%3Dca-pub-3590853924723071%26dbm_c%3DAKAmf-CQjYX1Q2s7L3UMotv0dWys5xk9DkLOvk5uJeiG9sB7ZZC7jm1RVoVSNO4jz2X1XX2kRXahUhdEE0z3zuFE2OirP3S-0vRMEdZK1I9TRlHBep-KQDw5_jcL2J2kD6e7exXZOkNfvPtzbK7vZaqiCmwCBAZb0g%26cry%3D1%26dbm_d%3DAKAmf-A6079PQxFxkTORJjAYciPoWll32BzUSBRXJ5iH7rNd8B6RAcLUIT_aE5GgpSJKzYGOND7IjqR1ioelNMHS6NfcbBs2dJmIKrU7LPjOSVrX8_mdu_edKfUaR9EiKyzyDEJO4JDz_xq_SpLrsDqfvbRbyq5ab6pUXu1_px7j70f-DuYr8iKD8TZMzKVwsTCdhotovkguy5tSBF66fpez5bTSWaI7bDw4UTtVGubYsLAE3cvxOiNrfzDmdD5I1OBIO4SawuXmEH7boAIw5MP942quWUEStCaif2OjFOFMTVu-usaGaGWavRT8dwKjXIuKh4nQi_mDtijiPeTPWBvYahpbn6YF94dsJJRl8vG3jOrj0jw3AqGeXC7Kx5kUfrp6r8mbacCMrTKGPVCaD5SFbEiid1Q2u1VFZ9ZrpmSe5U9PyvpCUMGRDTQ5pkP149-AwcVZ1vPHcZKbv0fwnf2FpkWtXsNTNp2menIOfLvC-TGSdaOJEJOcy9mxfjdvsoR5rt611n_yhHhKrGizH-5z0DOmoj02kJq_7rlzYMzyJaZGZVsCMhCtDJlEU2BWxUyqgFpV6rmU%26adurl%3D
Requested by: Host: fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com
URL: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 90bc33a203c8a5e4c734e5ad5f816945b7ca0ab341f3d18788a09275346f535e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 03:35:40 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4051
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A2AF 22 KB
8 KB 18ms
18ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Feb 2022 14:50:20 GMT
expires: Tue, 14 Feb 2023 14:50:20 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 45920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

request.php Show response
hal90001.redintelligence.net/ Frame 5BF6
Redirect Chain

https://hal90001.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=20170615f8&subid=&uid=9a3957ce26839e18&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90001.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=20170615f8&subid=&uid=9a3957ce26839e18&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

183ms
159ms

Script
application/x-javascript

46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=20170615f8&subid=&uid=9a3957ce26839e18&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6jWNjB8LYrGtFa7D7_UPzt6syAvdreioYM_qz-SfCvAuEAEgy_iRfmCVgoCAsAfIAQmpAt1xwpoW-LI-qAMBqgSVAk_Q4rObItuV4tjsMtud3SFCcQ3um6XZz0NCtHZwDw59IjccyOfk711mgGmQSb7tX7ui2PlkVHvEDT8WXIZ_MkUTwRm9Lhu5qiUjG6f806Z-4-1GRxWGnv_4RzoKrviwYjCRilz2NvilwG-g8NGiBLpPONoaHe03s-geZh6nLcAJ1BuyX_lhg7Ln2MiCVVUIG7P4HtK0IclWS2T-nOsh4cDrFnxFMtFDRAWn3NWhH0tLxhgVOiH25PPewKUTamYWqKdzkS64vyx7WyhWKnthGb2gy9EfEBysVLCv85HABzejOD8bQ4PVef3HxTXzTlwNvEWYoTQdYtsPTqElbrD6xLQDZBdNRYDN4XA9lJpmqheinINV3DvABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoxTs-fFMbsEG9o27OpDynNWWBiw%26sig%3DAOD64_0RMMIJI2UgrRq5pomzbUJHt5onLg%26client%3Dca-pub-3590853924723071%26dbm_c%3DAKAmf-CQjYX1Q2s7L3UMotv0dWys5xk9DkLOvk5uJeiG9sB7ZZC7jm1RVoVSNO4jz2X1XX2kRXahUhdEE0z3zuFE2OirP3S-0vRMEdZK1I9TRlHBep-KQDw5_jcL2J2kD6e7exXZOkNfvPtzbK7vZaqiCmwCBAZb0g%26cry%3D1%26dbm_d%3DAKAmf-A6079PQxFxkTORJjAYciPoWll32BzUSBRXJ5iH7rNd8B6RAcLUIT_aE5GgpSJKzYGOND7IjqR1ioelNMHS6NfcbBs2dJmIKrU7LPjOSVrX8_mdu_edKfUaR9EiKyzyDEJO4JDz_xq_SpLrsDqfvbRbyq5ab6pUXu1_px7j70f-DuYr8iKD8TZMzKVwsTCdhotovkguy5tSBF66fpez5bTSWaI7bDw4UTtVGubYsLAE3cvxOiNrfzDmdD5I1OBIO4SawuXmEH7boAIw5MP942quWUEStCaif2OjFOFMTVu-usaGaGWavRT8dwKjXIuKh4nQi_mDtijiPeTPWBvYahpbn6YF94dsJJRl8vG3jOrj0jw3AqGeXC7Kx5kUfrp6r8mbacCMrTKGPVCaD5SFbEiid1Q2u1VFZ9ZrpmSe5U9PyvpCUMGRDTQ5pkP149-AwcVZ1vPHcZKbv0fwnf2FpkWtXsNTNp2menIOfLvC-TGSdaOJEJOcy9mxfjdvsoR5rt611n_yhHhKrGizH-5z0DOmoj02kJq_7rlzYMzyJaZGZVsCMhCtDJlEU2BWxUyqgFpV6rmU%26adurl%3D&documentReferer=https%3A%2F%2Ffde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Ffde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.malaysianow.com&random=244856580860&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com
URL: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 26ccbc68cfd388f01b58c871e6598790f8d50cb15f1a2bdafd6b10f89ed67439

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 03:35:40 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 95831900010493800757617011871001
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 722
Expires: Tue, 15 Feb 2022 03:35:40 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 03:35:40 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=20170615f8&subid=&uid=9a3957ce26839e18&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6jWNjB8LYrGtFa7D7_UPzt6syAvdreioYM_qz-SfCvAuEAEgy_iRfmCVgoCAsAfIAQmpAt1xwpoW-LI-qAMBqgSVAk_Q4rObItuV4tjsMtud3SFCcQ3um6XZz0NCtHZwDw59IjccyOfk711mgGmQSb7tX7ui2PlkVHvEDT8WXIZ_MkUTwRm9Lhu5qiUjG6f806Z-4-1GRxWGnv_4RzoKrviwYjCRilz2NvilwG-g8NGiBLpPONoaHe03s-geZh6nLcAJ1BuyX_lhg7Ln2MiCVVUIG7P4HtK0IclWS2T-nOsh4cDrFnxFMtFDRAWn3NWhH0tLxhgVOiH25PPewKUTamYWqKdzkS64vyx7WyhWKnthGb2gy9EfEBysVLCv85HABzejOD8bQ4PVef3HxTXzTlwNvEWYoTQdYtsPTqElbrD6xLQDZBdNRYDN4XA9lJpmqheinINV3DvABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoxTs-fFMbsEG9o27OpDynNWWBiw%26sig%3DAOD64_0RMMIJI2UgrRq5pomzbUJHt5onLg%26client%3Dca-pub-3590853924723071%26dbm_c%3DAKAmf-CQjYX1Q2s7L3UMotv0dWys5xk9DkLOvk5uJeiG9sB7ZZC7jm1RVoVSNO4jz2X1XX2kRXahUhdEE0z3zuFE2OirP3S-0vRMEdZK1I9TRlHBep-KQDw5_jcL2J2kD6e7exXZOkNfvPtzbK7vZaqiCmwCBAZb0g%26cry%3D1%26dbm_d%3DAKAmf-A6079PQxFxkTORJjAYciPoWll32BzUSBRXJ5iH7rNd8B6RAcLUIT_aE5GgpSJKzYGOND7IjqR1ioelNMHS6NfcbBs2dJmIKrU7LPjOSVrX8_mdu_edKfUaR9EiKyzyDEJO4JDz_xq_SpLrsDqfvbRbyq5ab6pUXu1_px7j70f-DuYr8iKD8TZMzKVwsTCdhotovkguy5tSBF66fpez5bTSWaI7bDw4UTtVGubYsLAE3cvxOiNrfzDmdD5I1OBIO4SawuXmEH7boAIw5MP942quWUEStCaif2OjFOFMTVu-usaGaGWavRT8dwKjXIuKh4nQi_mDtijiPeTPWBvYahpbn6YF94dsJJRl8vG3jOrj0jw3AqGeXC7Kx5kUfrp6r8mbacCMrTKGPVCaD5SFbEiid1Q2u1VFZ9ZrpmSe5U9PyvpCUMGRDTQ5pkP149-AwcVZ1vPHcZKbv0fwnf2FpkWtXsNTNp2menIOfLvC-TGSdaOJEJOcy9mxfjdvsoR5rt611n_yhHhKrGizH-5z0DOmoj02kJq_7rlzYMzyJaZGZVsCMhCtDJlEU2BWxUyqgFpV6rmU%26adurl%3D&documentReferer=https%3A%2F%2Ffde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Ffde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.malaysianow.com&random=244856580860&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Tue, 15 Feb 2022 03:35:40 +0100

GET
H3 200 QXXtNV2_rimJ59THO8yAvlzUBzNnyKLIOF0f-vbqXN4.js Show response
pagead2.googlesyndication.com/bg/ Frame A2AF 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QXXtNV2_rimJ59THO8yAvlzUBzNnyKLIOF0f-vbqXN4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4175ed355dbfae2989e7d4c73bcc80be5cd4073367c8a2c8385d1ffaf6ea5cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 20:30:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13571
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 20:30:04 GMT

GET
H3 200 FW1218953_PTJ14_11012022_MACC-lpr-1024x682-1-218x150.jpg
media.malaysianow.com/wp-content/uploads/2022/02/15080858/ 6 KB
7 KB 16ms
15ms Image
image/jpeg 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.malaysianow.com/wp-content/uploads/2022/02/15080858/FW1218953_PTJ14_11012022_MACC-lpr-1024x682-1-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a81d8ce9b6db9419adbc3fe17cd972edd93ecf42d27745de4b5f8b893504cf9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:40 GMT
cf-cache-status: HIT
age: 0
cf-polished: degrade=85, origSize=7140
cf-ray: 6ddb7cd009eb9273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6491
x-amz-id-2: cn5oRmWREwtzna0Ds9Ud+bHqKej+eb7RjkbFZWiwPVQ/m+DEx+pmJ5MF9ZIqAeYFXl+S6NvAXbU=
last-modified: Tue, 15 Feb 2022 00:09:00 GMT
server: cloudflare
etag: "bb0b91228562ad54f651c8b05ef7f43d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: VVABFRKKGA22G1C4
expires: Wed, 15 Feb 2023 00:08:59 GMT
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3 200 FW1218953_PTJ14_11012022_MACC-lpr-1024x682-1-218x150.jpg
media.malaysianow.com/wp-content/uploads/2022/02/15080858/ 6 KB
7 KB 15ms
15ms Image
image/jpeg 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.malaysianow.com/wp-content/uploads/2022/02/15080858/FW1218953_PTJ14_11012022_MACC-lpr-1024x682-1-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a81d8ce9b6db9419adbc3fe17cd972edd93ecf42d27745de4b5f8b893504cf9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:40 GMT
cf-cache-status: HIT
age: 0
cf-polished: degrade=85, origSize=7140
cf-ray: 6ddb7cd03a0f9273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6491
x-amz-id-2: cn5oRmWREwtzna0Ds9Ud+bHqKej+eb7RjkbFZWiwPVQ/m+DEx+pmJ5MF9ZIqAeYFXl+S6NvAXbU=
last-modified: Tue, 15 Feb 2022 00:09:00 GMT
server: cloudflare
etag: "bb0b91228562ad54f651c8b05ef7f43d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: VVABFRKKGA22G1C4
expires: Wed, 15 Feb 2023 00:08:59 GMT
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A2AF 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B01BzjB8LYtz8JoKE3gOk7pHwAwAAAAA4AeAEAg&bg=!cnGlcTXNAAbAtJCDwLQ7ACkAdvg8WjVvXcX-NdOSbInCmK0HeOmFQ_pCnuaTWhVIRyNmkrxIb4EAZQIAAABPUgAAAANoAQeZA0cHWwJLL2VqEa_bVoClQdV4aoN0c1fI3fMTGKPu94-1fMuvy4RRhXL-f_UFsLdmV3vgimBrYkpQjuVqOgQy9-9pjcGY0yuCrs-FXiNRn5uDY4xoT0eg7NSpU_MKYppOWElIoT8cFwBiHi4b1ftJoEYcokKOPCCD6DB-VEx38YoV9CBjKzNSzc6iorsJ415oDRn9etapsB8eEhyKhjko_2XkxRg6G4sg6t06n4ddlykhuICMhzsqqHkTpR4yyN5Qrax3PfbrNIWL3nLcBWzr--NI2ng23eGLnIimsmqlOemv7QChPjQkcVOMsTTOjxZahPIXsf5VttxXgwMfGwlJWwWHo7hUP3ZKLWXczrrwBWPV3JgulaRkZmsHBu487bChM8JfrGnrf8gYL5tEzBFfwN8RRK6dqM_fhDnQo8wcIdmyNOWAciFerYalRVf98A19SHPX6usoMKT83RVvv0855YreeNumTePWKxm2gWp5RyPEP1vYfFvYF4wpjM9oPnPH-EkktoAfvQKmj20-hPFVlrLtPbgqXmNE7i3OAJWIA9pd1vCmfd3V2PTuc2vYUBJS7qLqK0GlgKz-Dj1Lb9wnLzr6h1-dDMz2Hwa4fRmyr4CSmj27SYrvu8e8JGUqwo7MqGde5azZ7NWsTFAU65BwSQLZzbScfkkJmVT9JKT96TJqH26dmLlOtS_j61y_qvVWbILBVMbPyiRJiKp-8ywkltbY4Pi4MS3JsB41iQDXq3aVG7BDF5XIWBGdpM2p-q_7QHbYWf0S8ycbZRl86enkf_WxvTMsMp2rtbYzuh-iiZ5Ce8WZhcCCWLyMrlBNtgCimQ7Kpm1gT0LyAWZ9Yltdz_vM75mWtghk0pomIwAYpfQLd0NKyiQsYp3gQu8hL_TXPN0d5zh_Bed-UTUZtrP1DWNPqI7I-qLJm0NdK0NKrpOZpGSHysatjgjj08BOeVM6tLRV8PsY0uUnZZuod-ewX0vfLZ6ouT_IQN0ep_9XMDc9J_CekRU85qULNB16-OhDIHVPoTnOhQblBTf9Nru2HYCpOrQP9v0w3kS2c54j32hbmlVvsiX3yRGS_aXa2xhiNjxO1yjlSXNK3aLt2aVnp0IXGLdNyxO2tQ

Requested by

Host: fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com
URL: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 03:35:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202072236000/ Frame 61FA 220 KB
60 KB 55ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61519
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "609f9f524fc23ab6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 61FA 16 KB
7 KB 53ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5708
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4c9170e21c83610c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 61FA 96 KB
29 KB 69ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29623
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f660f99fdfd5d6c6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 61FA 5 KB
2 KB 68ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1844
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0f41eb8e6d0a727"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 61FA 42 KB
13 KB 66ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13623
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14164defe327400f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
DATA 200
OK truncated
/ Frame 61FA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e77c2815174dd045c6fbb51b0b11bba37d4ef73d43d02f3480138096ad9c8bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14828492229214819266
tpc.googlesyndication.com/simgad/ Frame 61FA 46 KB
46 KB 22ms
21ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14828492229214819266?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qntK6diN12SXYqD1N1Z_zlXziQvPw

Requested by

Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90398d274e093821b066f9bc367d1ddb8e2fa9d18d7660c10cc3704c4d9f519f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 19:39:43 GMT
x-content-type-options: nosniff
age: 201357
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46612
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 09:20:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Feb 2023 19:39:43 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 61FA 2 KB
2 KB 20ms
19ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 64442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 15 Feb 2022 09:41:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 61FA 295 B
319 B 20ms
20ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 63755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 15 Feb 2022 09:53:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 61FA 0
0 16ms
15ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2-DDZRP4N_zHR18uXF88x3qEqa0zj1KaYBZYcPUF9QuvyNWA9Q8k842NO_LkS1j3CEcTJzuzjfVyCn01yLuM0ogGC_w
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 61FA 0
0 25ms
25ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMGanjB8LYobQINKalQfElp_ADKDyo4Vo3rX49pIP3NkeEAEgy_iRfmCVgoCAsAegAZyv-6gCyAEC4AIAqAMByAMIqgSdA0_Qk5cMF8sx80udYR5tg8cab7tv1OXEcDn8V94kTyDUK1KbeAHo0kBwzxTi5Vjvci7B2LtSefy2MaKfuL1M3G0Ybn3Hsv58DnOwwB8ZweJ-EpX60QbDeHxyCh9GtEnSsQzzEm0-OXs4mcd38ax2dPMx33THPJ_0LZ_9EIZlZrbbXew5C7r4XMqZSxe3-KrUPtDQJatgzcfNnPFLUoFpd0zCXzx8Hr38iWDSM8K6bNUkqTBY8WqewipnhDNY6Ehf_4zCOEKD2PCHScit-ClVU7VO8oGUXduc_QoyqoorZeZ1iqDkkKSn1IjmhTtFTxKHGbC6dtH9qkT0YLq9o7w07muG7gVo6gJbVdKDJyQ-ucKDxCBW7GE1ejTUlIx4sTvFUOgw0dniUuRd_I6CjLuNjQ7Bljccp3CSGFWAu-1BiEjSUg5RMCFmJ6qKSjpZaAOzFr2EEym3zzvLrcgqd5bia_wnlyBMdZnPzxS6EsCPyjHbAJH7oC3Xqlk1CzQDCBfL6z5KLjZjO4iCWc287emYVFBWMMPsaoyiHDvhdrMLwATm7vea6QPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHzNCE1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCh_hHSCAkIiOGAEBABGB2ACgHICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMzU5MDg1MzkyNDcyMzA3MRi3y3c&sigh=pnQHO_Qm4ys&uach_m=[UACH]
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame EF51
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58739e35f36ecdaea4b4?subid=95831900010493800757617011871001&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95831900010493800757617011871001&actionid=981741&produktid=&dt_url=

0
628 B

77ms
39ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95831900010493800757617011871001&actionid=981741&produktid=&dt_url=

Requested by

Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=20170615f8&subid=&uid=9a3957ce26839e18&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6jWNjB8LYrGtFa7D7_UPzt6syAvdreioYM_qz-SfCvAuEAEgy_iRfmCVgoCAsAfIAQmpAt1xwpoW-LI-qAMBqgSVAk_Q4rObItuV4tjsMtud3SFCcQ3um6XZz0NCtHZwDw59IjccyOfk711mgGmQSb7tX7ui2PlkVHvEDT8WXIZ_MkUTwRm9Lhu5qiUjG6f806Z-4-1GRxWGnv_4RzoKrviwYjCRilz2NvilwG-g8NGiBLpPONoaHe03s-geZh6nLcAJ1BuyX_lhg7Ln2MiCVVUIG7P4HtK0IclWS2T-nOsh4cDrFnxFMtFDRAWn3NWhH0tLxhgVOiH25PPewKUTamYWqKdzkS64vyx7WyhWKnthGb2gy9EfEBysVLCv85HABzejOD8bQ4PVef3HxTXzTlwNvEWYoTQdYtsPTqElbrD6xLQDZBdNRYDN4XA9lJpmqheinINV3DvABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoxTs-fFMbsEG9o27OpDynNWWBiw%26sig%3DAOD64_0RMMIJI2UgrRq5pomzbUJHt5onLg%26client%3Dca-pub-3590853924723071%26dbm_c%3DAKAmf-CQjYX1Q2s7L3UMotv0dWys5xk9DkLOvk5uJeiG9sB7ZZC7jm1RVoVSNO4jz2X1XX2kRXahUhdEE0z3zuFE2OirP3S-0vRMEdZK1I9TRlHBep-KQDw5_jcL2J2kD6e7exXZOkNfvPtzbK7vZaqiCmwCBAZb0g%26cry%3D1%26dbm_d%3DAKAmf-A6079PQxFxkTORJjAYciPoWll32BzUSBRXJ5iH7rNd8B6RAcLUIT_aE5GgpSJKzYGOND7IjqR1ioelNMHS6NfcbBs2dJmIKrU7LPjOSVrX8_mdu_edKfUaR9EiKyzyDEJO4JDz_xq_SpLrsDqfvbRbyq5ab6pUXu1_px7j70f-DuYr8iKD8TZMzKVwsTCdhotovkguy5tSBF66fpez5bTSWaI7bDw4UTtVGubYsLAE3cvxOiNrfzDmdD5I1OBIO4SawuXmEH7boAIw5MP942quWUEStCaif2OjFOFMTVu-usaGaGWavRT8dwKjXIuKh4nQi_mDtijiPeTPWBvYahpbn6YF94dsJJRl8vG3jOrj0jw3AqGeXC7Kx5kUfrp6r8mbacCMrTKGPVCaD5SFbEiid1Q2u1VFZ9ZrpmSe5U9PyvpCUMGRDTQ5pkP149-AwcVZ1vPHcZKbv0fwnf2FpkWtXsNTNp2menIOfLvC-TGSdaOJEJOcy9mxfjdvsoR5rt611n_yhHhKrGizH-5z0DOmoj02kJq_7rlzYMzyJaZGZVsCMhCtDJlEU2BWxUyqgFpV6rmU%26adurl%3D&documentReferer=https%3A%2F%2Ffde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Ffde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.malaysianow.com&random=244856580860&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Baienfurt, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Tue, 15 Feb 2022 04:35:40 GMT
server: Microsoft-IIS/10.0
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Tue, 15 Feb 2022 03:35:40 GMT
content-length: 0

Redirect headers

Server: nginx/1.17.5
Date: Tue, 15 Feb 2022 03:35:41 GMT
Content-Type: application/javascript
Content-Length: 0
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95831900010493800757617011871001&actionid=981741&produktid=&dt_url=
Host: pv.medialead.de
Proxy-Host: pv.medialead.de
X-IPLB-Request-ID: 8AC72684:926A_91EFC182:01BB_620B1F8D_6DE22F9:157AE
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028

GET
H/1.1 200
OK request_content.php Show response
hal90001.redintelligence.net/ Frame A45E 4 KB
2 KB 39ms
14ms Document
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request_content.php?s=95831900010493800757617011871001&a=9a6b64aa
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=20170615f8&subid=&uid=9a3957ce26839e18&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6jWNjB8LYrGtFa7D7_UPzt6syAvdreioYM_qz-SfCvAuEAEgy_iRfmCVgoCAsAfIAQmpAt1xwpoW-LI-qAMBqgSVAk_Q4rObItuV4tjsMtud3SFCcQ3um6XZz0NCtHZwDw59IjccyOfk711mgGmQSb7tX7ui2PlkVHvEDT8WXIZ_MkUTwRm9Lhu5qiUjG6f806Z-4-1GRxWGnv_4RzoKrviwYjCRilz2NvilwG-g8NGiBLpPONoaHe03s-geZh6nLcAJ1BuyX_lhg7Ln2MiCVVUIG7P4HtK0IclWS2T-nOsh4cDrFnxFMtFDRAWn3NWhH0tLxhgVOiH25PPewKUTamYWqKdzkS64vyx7WyhWKnthGb2gy9EfEBysVLCv85HABzejOD8bQ4PVef3HxTXzTlwNvEWYoTQdYtsPTqElbrD6xLQDZBdNRYDN4XA9lJpmqheinINV3DvABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoxTs-fFMbsEG9o27OpDynNWWBiw%26sig%3DAOD64_0RMMIJI2UgrRq5pomzbUJHt5onLg%26client%3Dca-pub-3590853924723071%26dbm_c%3DAKAmf-CQjYX1Q2s7L3UMotv0dWys5xk9DkLOvk5uJeiG9sB7ZZC7jm1RVoVSNO4jz2X1XX2kRXahUhdEE0z3zuFE2OirP3S-0vRMEdZK1I9TRlHBep-KQDw5_jcL2J2kD6e7exXZOkNfvPtzbK7vZaqiCmwCBAZb0g%26cry%3D1%26dbm_d%3DAKAmf-A6079PQxFxkTORJjAYciPoWll32BzUSBRXJ5iH7rNd8B6RAcLUIT_aE5GgpSJKzYGOND7IjqR1ioelNMHS6NfcbBs2dJmIKrU7LPjOSVrX8_mdu_edKfUaR9EiKyzyDEJO4JDz_xq_SpLrsDqfvbRbyq5ab6pUXu1_px7j70f-DuYr8iKD8TZMzKVwsTCdhotovkguy5tSBF66fpez5bTSWaI7bDw4UTtVGubYsLAE3cvxOiNrfzDmdD5I1OBIO4SawuXmEH7boAIw5MP942quWUEStCaif2OjFOFMTVu-usaGaGWavRT8dwKjXIuKh4nQi_mDtijiPeTPWBvYahpbn6YF94dsJJRl8vG3jOrj0jw3AqGeXC7Kx5kUfrp6r8mbacCMrTKGPVCaD5SFbEiid1Q2u1VFZ9ZrpmSe5U9PyvpCUMGRDTQ5pkP149-AwcVZ1vPHcZKbv0fwnf2FpkWtXsNTNp2menIOfLvC-TGSdaOJEJOcy9mxfjdvsoR5rt611n_yhHhKrGizH-5z0DOmoj02kJq_7rlzYMzyJaZGZVsCMhCtDJlEU2BWxUyqgFpV6rmU%26adurl%3D&documentReferer=https%3A%2F%2Ffde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Ffde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.malaysianow.com&random=244856580860&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: bdb208020bdc53ba06118c097b4f8aac85ed990f71dabc9aa67a565c8bb66b18

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com/

Response headers

Date: Tue, 15 Feb 2022 03:35:41 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 15 Feb 2022 03:35:41 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1426
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3 200 tony_kamaruddin_airasia_instapic-218x150.jpg
media.malaysianow.com/wp-content/uploads/2022/02/14101126/ 7 KB
8 KB 17ms
16ms Image
image/jpeg 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.malaysianow.com/wp-content/uploads/2022/02/14101126/tony_kamaruddin_airasia_instapic-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe5383efb3768b579a13f6e3f8dd2a17677746614367d24d1e033532dab6cd71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:41 GMT
cf-cache-status: HIT
age: 1
cf-polished: degrade=85, origSize=8227
cf-ray: 6ddb7cd16b2f9273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7555
x-amz-id-2: F9qwr8gfErJFCUmPAF0xI7KL0CxtoNFUF5v2ZBSMhkhafhuakPAGMt2CTFV4pQ0lGYrDawiBNoA=
last-modified: Mon, 14 Feb 2022 02:11:28 GMT
server: cloudflare
etag: "6dab2d6d30872be761ad2d8778ea73c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: VVA0RFE7MDEGCJHD
expires: Tue, 14 Feb 2023 02:11:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3 200 Sarawak_Poverty4_Mnow_220121-218x150.jpg
media.malaysianow.com/wp-content/uploads/2022/02/13231751/ 9 KB
9 KB 15ms
15ms Image
image/jpeg 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.malaysianow.com/wp-content/uploads/2022/02/13231751/Sarawak_Poverty4_Mnow_220121-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00ae4ea16ee63624a7e05769653a6d2b6157328dd88db881127f651fbbc4cdd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:41 GMT
cf-cache-status: HIT
age: 1
cf-polished: degrade=85, origSize=9733
cf-ray: 6ddb7cd17b429273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8897
x-amz-id-2: l+nwUmX6OW8QFN+19Mdcazpxafx4LLEdKG2McTrSSFQkLDLzsiIunVkopTbm5KLR2UCfOl6W1No=
last-modified: Sun, 13 Feb 2022 15:17:53 GMT
server: cloudflare
etag: "d5c23ceb9b1c3815dd5bc49497086a24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: VVACQEQ2ATXBYDF4
expires: Mon, 13 Feb 2023 15:17:52 GMT
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3 200 PSX_20220211_113408-218x150.jpg
media.malaysianow.com/wp-content/uploads/2022/02/14231635/ 10 KB
10 KB 14ms
14ms Image
image/jpeg 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.malaysianow.com/wp-content/uploads/2022/02/14231635/PSX_20220211_113408-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e653ab21aad7046caa14b05f1e7882f32d649b12f4015537db80ae370881ee0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:41 GMT
cf-cache-status: HIT
age: 1
cf-polished: degrade=85, origSize=10777
cf-ray: 6ddb7cd1bb7d9273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9845
x-amz-id-2: q5xOTFS3ugiETewdd/9qmpqAQH4A44Ko2kzyzfZvy6xMAjmM3uarMVOrbxn0M7HLPPQzw4C+Ydk=
last-modified: Mon, 14 Feb 2022 15:16:37 GMT
server: cloudflare
etag: "c0c8ead5a39103a9171c3d23b681894b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: VVAA118EH3JD79SB
expires: Tue, 14 Feb 2023 15:16:36 GMT
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3 200 Sarawak_Poverty4_Mnow_220121-218x150.jpg
media.malaysianow.com/wp-content/uploads/2022/02/13231751/ 9 KB
9 KB 16ms
15ms Image
image/jpeg 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.malaysianow.com/wp-content/uploads/2022/02/13231751/Sarawak_Poverty4_Mnow_220121-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00ae4ea16ee63624a7e05769653a6d2b6157328dd88db881127f651fbbc4cdd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:41 GMT
cf-cache-status: HIT
age: 1
cf-polished: degrade=85, origSize=9733
cf-ray: 6ddb7cd1bb7f9273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8897
x-amz-id-2: l+nwUmX6OW8QFN+19Mdcazpxafx4LLEdKG2McTrSSFQkLDLzsiIunVkopTbm5KLR2UCfOl6W1No=
last-modified: Sun, 13 Feb 2022 15:17:53 GMT
server: cloudflare
etag: "d5c23ceb9b1c3815dd5bc49497086a24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: VVACQEQ2ATXBYDF4
expires: Mon, 13 Feb 2023 15:17:52 GMT
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3 200 Gedong03_Mnow_121221-1024x682-1-218x150.jpg
media.malaysianow.com/wp-content/uploads/2022/02/13192246/ 6 KB
6 KB 17ms
16ms Image
image/jpeg 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.malaysianow.com/wp-content/uploads/2022/02/13192246/Gedong03_Mnow_121221-1024x682-1-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fac200a450c549e6b210575871c833dd36d572c9786f18f58bd1ee4afc39e35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:41 GMT
cf-cache-status: HIT
age: 1
cf-polished: degrade=85, origSize=6418
cf-ray: 6ddb7cd1bb819273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5868
x-amz-id-2: gWD7g7hMTyJJdgKmrEMjNawvj+BPrHx/nxWvL5UefBxwDrKMNpX/coC6k2RO4F6+lLX2ZA7EwJY=
last-modified: Sun, 13 Feb 2022 11:22:48 GMT
server: cloudflare
etag: "a255fd0b0706bb188a22ec51f2e3c4da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: VVA573TWE181G8NN
expires: Mon, 13 Feb 2023 11:22:47 GMT
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 61FA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

29ms
28ms

Image
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Tue, 15 Feb 2022 03:35:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 tony_kamaruddin_airasia_instapic-218x150.jpg
media.malaysianow.com/wp-content/uploads/2022/02/14101126/ 7 KB
8 KB 17ms
17ms Image
image/jpeg 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.malaysianow.com/wp-content/uploads/2022/02/14101126/tony_kamaruddin_airasia_instapic-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe5383efb3768b579a13f6e3f8dd2a17677746614367d24d1e033532dab6cd71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:41 GMT
cf-cache-status: HIT
age: 1
cf-polished: degrade=85, origSize=8227
cf-ray: 6ddb7cd1db979273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7555
x-amz-id-2: F9qwr8gfErJFCUmPAF0xI7KL0CxtoNFUF5v2ZBSMhkhafhuakPAGMt2CTFV4pQ0lGYrDawiBNoA=
last-modified: Mon, 14 Feb 2022 02:11:28 GMT
server: cloudflare
etag: "6dab2d6d30872be761ad2d8778ea73c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: VVA0RFE7MDEGCJHD
expires: Tue, 14 Feb 2023 02:11:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

pb_ratenkredit_320x50.gif
ad-server.eu/wm/pb/rate/aktion/ Frame A45E
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e58739e35f36ecdaea4b4?subid=95831900010493800757617011871001
https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_320x50.gif

17 KB
17 KB

191ms
62ms

Image
image/gif

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_320x50.gif
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=95831900010493800757617011871001&a=9a6b64aa
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 6c37d37a5a490c8cf97394f6d349add532d05321bb097a8836e1a00890093ad7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 03:41:20 GMT
Last-Modified: Wed, 05 Jan 2022 11:26:52 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "61d5807c-434a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17226

Redirect headers

Date: Tue, 15 Feb 2022 03:35:41 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 8AC72684:926A_91EFC182:01BB_620B1F8D_6DE22FD:157AE
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_320x50.gif
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 200 Gedong03_Mnow_121221-1024x682-1-218x150.jpg
media.malaysianow.com/wp-content/uploads/2022/02/13192246/ 6 KB
6 KB 19ms
17ms Image
image/jpeg 2606:4700:10::6816:212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.malaysianow.com/wp-content/uploads/2022/02/13192246/Gedong03_Mnow_121221-1024x682-1-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fac200a450c549e6b210575871c833dd36d572c9786f18f58bd1ee4afc39e35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:35:41 GMT
cf-cache-status: HIT
age: 1
cf-polished: degrade=85, origSize=6418
cf-ray: 6ddb7cd1fbb99273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5868
x-amz-id-2: gWD7g7hMTyJJdgKmrEMjNawvj+BPrHx/nxWvL5UefBxwDrKMNpX/coC6k2RO4F6+lLX2ZA7EwJY=
last-modified: Sun, 13 Feb 2022 11:22:48 GMT
server: cloudflare
etag: "a255fd0b0706bb188a22ec51f2e3c4da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: VVA573TWE181G8NN
expires: Mon, 13 Feb 2023 11:22:47 GMT
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK viewability Show response
hal90001.redintelligence.net/ Frame A45E 0
150 B 37ms
12ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/viewability?s=95831900010493800757617011871001&a=44512ebb&vb=m
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=95831900010493800757617011871001&a=9a6b64aa
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/request_content.php?s=95831900010493800757617011871001&a=9a6b64aa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 03:35:41 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame A45E 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202072236000/ Frame DA6B 220 KB
60 KB 28ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61519
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "609f9f524fc23ab6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame DA6B 16 KB
6 KB 42ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5708
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4c9170e21c83610c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame DA6B 96 KB
29 KB 39ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29623
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f660f99fdfd5d6c6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame DA6B 5 KB
2 KB 41ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1844
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0f41eb8e6d0a727"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame DA6B 42 KB
13 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13623
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14164defe327400f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DA6B 8 KB
888 B 37ms
19ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 02:36:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 03:35:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 03:35:41 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA6B 2 KB
2 KB 18ms
18ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 64443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 15 Feb 2022 09:41:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA6B 295 B
319 B 19ms
19ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 63756
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 15 Feb 2022 09:53:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DA6B 0
0 16ms
16ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-gKBB3kGwk3kJUjO48ub5TV9wkvriQclmr3qM09JCpdqVKO7r59bL9RqYFWs2r9PZL7JsVqJta5m859N-u1WT39HEFg
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DA6B 0
0 29ms
28ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CiFowjB8LYuXxNumi7_UP4Ze1wAGFvNyRaMnlvOXMD8yH3JTqIRABIMv4kX5glYKAgLAHoAHTsfnIA8gBCakCOWWmKbPzsj7gAgCoAwHIAwqqBI0DT9Aq7VWfKs3YUskCEviwepE91TaTPxb53ylbJUUakz6E3UAyflrcz4h6JVui5PHsbKP5KXUczlSQsEx6xh7c48bu43Fw4kArpH-Ip0yMX1oxYpqe51l4hRhAGe5LuhbDRPJQLl1IPZTamVmwZdqYLbFn7z9uj-Vd0C8NGHlc_-u5D-pmzvv46tKe9wPwNXKCfDf_GNkXxKBlarpnlZ2-wqKKAXQnBriaVfHHzYP9SB5GvVH7NNhV0bE4hRaKvy8xQEVI0Shfxi7mlBiJCVo8C3tLoTsksd-_MIm87xMND2rswpBWHXftc6c87_oV0qrOVox1XuG84TbjHbV64KHWFZaFB0j1iqh7NklTK8vJsylJd-kJwO-_zj89ti6RAdR2Eh89e7kE-kma-Q_n2JeJdKIaKQIa-7DDpC_VdNb8p0kZcNkbRzqnZWOgExfm1B4hYKV-106FYuT3RWiAOYb30anK_BPElX7RiZAB8_tSv-gNCDhl2uZodf5f1daWup7Lw5y7OfjX9ftNpgf7IsAEu5bOne0D4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB9aT5TioB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDevwPSCAkIiOGAEBABGB2ACgHICwG4E4gn2BMCiBQB0BUBgBcBshceChwIABIUcHViLTM1OTA4NTM5MjQ3MjMwNzEYt8t3&sigh=2oxYcdtto2c&uach_m=[UACH]&template_id=5000
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202072236000/ Frame 57AD 220 KB
60 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61519
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "609f9f524fc23ab6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 57AD 16 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5708
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4c9170e21c83610c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 57AD 96 KB
29 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29623
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f660f99fdfd5d6c6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 57AD 5 KB
2 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1844
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0f41eb8e6d0a727"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 57AD 42 KB
13 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13623
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14164defe327400f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 14828492229214819266
tpc.googlesyndication.com/simgad/ Frame 57AD 46 KB
46 KB 21ms
20ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14828492229214819266?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qntK6diN12SXYqD1N1Z_zlXziQvPw

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90398d274e093821b066f9bc367d1ddb8e2fa9d18d7660c10cc3704c4d9f519f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 19:39:43 GMT
x-content-type-options: nosniff
age: 201359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46612
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 09:20:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Feb 2023 19:39:43 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 57AD 2 KB
2 KB 24ms
24ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 64444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 15 Feb 2022 09:41:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 57AD 295 B
319 B 25ms
25ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 63757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 15 Feb 2022 09:53:05 GMT

GET
DATA 200
OK truncated
/ Frame 57AD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7342ed6a60a9a451683816936b701c0081da7df69e3de965b957fda84f7dd29c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 l
www.google.com/ads/measurement/ Frame 57AD 0
0 17ms
17ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCb_IGUal7YYBjCVPMW2VE4ibdnE9jJ2t_X6IpMN4kgDW7Zt5g1yeAlmIWGumZ8wnnTISosCYEWXBpWabBGwaRYa6qSQ
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 57AD 0
0 37ms
36ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CN8eRjR8LYuvSCYyA7_UP8d-rsAqg8qOFaN61-PaSD9zZHhABIMv4kX5glYKAgLAHoAGcr_uoAsgBAuACAKgDAcgDCKoEkwNP0EZFKeDWMGGiUE9R_f_0AwqhbkOqUcyEVQGnl9lnJBIX9S1qXE8VyEOfQR_-O_hwncKogA2dz_LZtSyiZ_suAaA4qE0EfJidnjJne0TSE3c81I-rSH4nnoUYXgha1-6tsWRRYqQtoRL6CFdLW6yZXcw8HBRxT3lanWCDqTAhNR1_yKBUSOU0JA-NI5dTDKekCHe7S5rsIL-U6bioZIrw8Yz6j_RiDDynlHVAzvO9F8i9MuI0BMCDkN2XWm2mnO_w7_z2DIP6KSV4oxvJigsWaGf1N0xc61_3C2jGyXjSO_rQfs7viSjOgZNMaV4UmnCtv9DyZX25bbS25_wY4KO0JWdfJ2qDekOU_zbc17escvDazVD3X_S1i2N_-H8QQOa-fSqJGXbIdeaVusZKdY_lqFQv224tXIKl3l6A89tsMaKvFaZd1eZF60eKHbIs8IwImaIqHvp0DeSb2SxRbmuoZme8nJvCYDxjNMzXk9TrTf5SX6BZyLnvX1lkQMX7avOcTlR_QHzuRtgO7giDA2Z_Eds0wATm7vea6QPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHzNCE1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDL_RzSCAkIiOGAEBABGB2ACgHICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMzU5MDg1MzkyNDcyMzA3MRi3y3c&sigh=qDxCpZVuzmI&uach_m=[UACH]
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 57AD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

38ms
38ms

Image
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Tue, 15 Feb 2022 03:35:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202072236000/ Frame 0689 220 KB
60 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61519
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "609f9f524fc23ab6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 0689 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5708
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4c9170e21c83610c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 0689 96 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29623
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f660f99fdfd5d6c6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 0689 5 KB
2 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1844
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0f41eb8e6d0a727"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 0689 42 KB
13 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13623
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14164defe327400f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 14828492229214819266
tpc.googlesyndication.com/simgad/ Frame 0689 46 KB
46 KB 18ms
18ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14828492229214819266?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qntK6diN12SXYqD1N1Z_zlXziQvPw

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90398d274e093821b066f9bc367d1ddb8e2fa9d18d7660c10cc3704c4d9f519f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 19:39:43 GMT
x-content-type-options: nosniff
age: 201359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46612
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 09:20:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Feb 2023 19:39:43 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0689 2 KB
2 KB 23ms
23ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 64444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 15 Feb 2022 09:41:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0689 295 B
319 B 23ms
23ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 63757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 15 Feb 2022 09:53:05 GMT

GET
DATA 200
OK truncated
/ Frame 0689 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5be11609d62e8250a3ee4a6910054c1c24f42f53edd335ac39534b3801f1597

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0689 0
0 16ms
16ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQjLpvK82AOCE8fa-Q4S9n2B9cmVS9AWcos6yzA1hoEovsTo0p-8H-EoREtKV3DLlwLqmER-Bh1PftzSZ5-7c8YbDj-uA
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0689 0
0 24ms
23ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWwpKjh8LYsSDBI2R7_UPnJqP4AGg8qOFaN61-PaSD9zZHhABIMv4kX5glYKAgLAHoAGcr_uoAsgBAuACAKgDAcgDCKoElwNP0AANnrhlEuzOYS_IpF8tq18SmotqInOu4H63LoE-uKR12TqilXUDEfubx2p8OLYQ6YBRM4f_-djBcnqD9UZyeBcqSgfpFpbc33hq3cWfBBal2jODgRTIwWDKgKVu-XulOnzXdkmE-bwfcf3S4KgyGpHrM2jaryDRNWtdDW9pgk0Pl-puyIn0JCgfJDs1iQWPe4-YPTZmnh3p47bMdknWP6I8vIn1RQH_HkgZIn0fsSI4LncImXzEKWnJK0iqZNgCLKlPd6KCix2r19ndP_FZyzN_lzBCCDPI7p_a_iB2GODw3Tvau7YpjrF_VbIpv3XF4EJD4UjIIcX6QITIpOE-RE7Du8CQFKQ_Hdl7-RYwJFhY07TZ6tkAUrclDPL-3BNm2PzDj6YJt3CS6D9Teh013QNl59OJO5_DK8YAKmpFa6uU9bWMXUvffRc1MSa-1E5CkwQ0gJX7Y824uab9FJ1cqYmQaPWUWhPpwv64QbEVaBbsOc2evz4bdCui5iWs5rSbkyiqzfIZwefjxVVb1hdBmTd0s0glWcAE5u73mukD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB8zQhNcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQm6YX0ggJCIjhgBAQARgdgAoByAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTM1OTA4NTM5MjQ3MjMwNzEYt8t3&sigh=Upgzg_VG2gI&uach_m=[UACH]
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0689
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

38ms
38ms

Image
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Tue, 15 Feb 2022 03:35:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202072236000/ Frame CEF5 220 KB
60 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61519
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "609f9f524fc23ab6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame CEF5 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5708
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4c9170e21c83610c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame CEF5 96 KB
29 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29623
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f660f99fdfd5d6c6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame CEF5 5 KB
2 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1844
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0f41eb8e6d0a727"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame CEF5 42 KB
13 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13623
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14164defe327400f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CEF5 8 KB
888 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 03:24:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 03:35:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 03:35:42 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CEF5 2 KB
2 KB 19ms
18ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 64444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 15 Feb 2022 09:41:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CEF5 295 B
319 B 19ms
19ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 63757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 15 Feb 2022 09:53:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CEF5 0
0 17ms
17ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJ4UYR-P0gNwVPO2F-uGG5aVumMi7Wi4T2BkHFDEK3l6BkR06azQFt-4nN3g7V_aIDtfgyMwWzCCsAtPA_K9ucRL6E8Q
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CEF5 0
0 23ms
23ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CD3O7jh8LYrDUHdqR7_UPiceUmAHZus6saLvryOLoDtzZHhABIMv4kX5glYKAgLAHoAH-y4KfA8gBCakCTdMrEIr3sj7gAgCoAwHIAwqqBJsDT9Cfir4pNZawoAUvWpxmABMQrGqLWg5IXpaFpxOPgUV4UssxY36hLiT3XROAVTYz-6HDWcMHCmjm4XHDzGdw1VF9UtcoFyMH3yn9mYz9wXAgy3afXmUy5CBpJqMYBCh2onYggUHOtKlSu4PGKA4kf3WHjXbhaAXHXCoKJRfi-PYK70XOMj0ugwVkqaefDx9nE1JZtsTb6-CeCEpLdjMsYn0oC4qJUMPMx9COLlnLW8GbNrBtg8RKSr6UnWbNhtEeDMnFdS3XYBjBl-b9kIJt7W4_WQMFaXJPijApis_zy68AioBUrMxw-anCSCHP3y8LZ4yFBlJl2sdSPrEzZGYiuvF3GKC5rDECslhmk8FMb_b_03j801Y2GvYzA_aA2SnxPN2NLjW1D0u--T8WCWY_wKDUrRIzc7LhApamGlE-TYUynebcamswxz3x4Xp7rjnQETbEAs4kf4GnH_5Xf30FnJvzWvKH62N32ZBrQ6z8acmTszREqJJG3CxxGIqzHfAnS8L5qKRXUzz8MmEnoiCe85FtBh9DMRHGqtADwATe44j93APgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH6rP9YKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJChAdIICQiI4YAQEAEYHYAKAcgLAbgTiCfYEwyIFATQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzU5MDg1MzkyNDcyMzA3MRi3y3c&sigh=eFDgHnbhRmQ&uach_m=[UACH]&template_id=5000
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022202072236000/ Frame D3CB 220 KB
60 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022202072236000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c141103b57e547274799df03069c30320e8cb3ec4facad8e6fe7f658f985fb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61570
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "55d07b8fd23efb21"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022202072236000/v0/ Frame D3CB 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022202072236000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5708
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4c9170e21c83610c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022202072236000/v0/ Frame D3CB 96 KB
29 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022202072236000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29623
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f660f99fdfd5d6c6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022202072236000/v0/ Frame D3CB 5 KB
2 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022202072236000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1844
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0f41eb8e6d0a727"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022202072236000/v0/ Frame D3CB 42 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022202072236000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13623
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14164defe327400f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D3CB 8 KB
888 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 02:34:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 03:35:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 03:35:43 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D3CB 2 KB
2 KB 19ms
19ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 64445
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 15 Feb 2022 09:41:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D3CB 295 B
319 B 19ms
19ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 63758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 15 Feb 2022 09:53:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D3CB 0
0 17ms
17ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9coDy3sTiW9fESdwNnVf--BfhItB3-q5muzAqz1dt_dLaRH1Rcbob17158LEsCBVQEbvAhmzwZdymdEojBF021l3Qzw
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D3CB 0
0 23ms
22ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMCF-jh8LYsyONouR9u8PwrmAqA_44qasaNeC2-bvD9zZHhABIMv4kX5glYKAgLAHoAGKl_yIA8gBAakCNG07vEOokD7gAgCoAwHIAwqqBJsDT9Cso7oJlDg9j7axlxtceyWu3-rGvFH_UQ-EolJUwadgJzAhTX-WjcbO9z5cuiHz2S8KiZBsaHEt6L3s-J0c5GGN-B1_TPPOEyQFMGCHIjPqdJG7J5xpKlhuK0LiNPxdc6vao8d4NQcM3BLeqNsxIcIbV8FrJlDtjVI1Rqo2FWYzENhNqvGROOjEGJ1dD2QDcWTB9LvjyVKhPKSFxg6SJKes5_L22z7DwWkOYa6Y0AUbm6McomOS-4ZDz9y1rzpUFGy58ipkDcqad5g_-ZzK7_284iSfF-KNGVPpa_qbsblHdasRg_-cRP9SDl_Kizo9XzZl9cWtPZpkmmY-YezGUeQfybmOLPgEukACICbVNHEn1CJuADDTTPHNslxBEHES15boCaDU8p6gpXWjUA6A22vngcrv6BW9PohSOkuoDvm7r-zygQi3aD6jb06FaY51_Nsz8G_M6jzs8aKS5BE8KI7kEIejpT0IC7tgS03RE06D7TNQiQM2eyF8K2wwGVCuIkd3IpqQ4K02wwesK2x7PgSG0URZcYJsB0NCwATLqsKi3gPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH3uiDd6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEIqDPtIICQiI4YAQEAEYHYAKAcgLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi0zNTkwODUzOTI0NzIzMDcxGLfLdw&sigh=YULoC8CTfHo&uach_m=[UACH]
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame D3CB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6111e11deef7a500f2221fd3c2f7790b9f906c9ea483bbdd23bf83fafbeecabb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame D3CB 28 KB
28 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malaysianow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 00:52:22 GMT
x-content-type-options: nosniff
age: 355401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 11 Feb 2023 00:52:22 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D3CB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

29ms
28ms

Image
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Tue, 15 Feb 2022 03:35:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0689 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIpXZiJ5GWQoH2P_3EmOckrvFdnbQ769W0SV4UpN4G7CWca2ZyUJ3skmOTzlS9H-er4eLA_cB35889DBatFklem6FfEbYtg4v-u7UhLvywARI6vf4u-A&sai=AMfl-YTj3SzSDja9Bkvtmh6ltxOrLUES9d_5AWlHr3oAkP6yic5W23tNeQga9npSVC9OlGSLlI6kkKwK6A4vGQ4nlCsHEqMBsjH4vRZxO5YNqG8hKBGbCXSllz1a6YiStIdM&sig=Cg0ArKJSzA-vSeeC9q7-EAE&id=ampim&o=1195,295&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=56&tls=1057&g=100&h=100&tt=1057&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1499013526

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 03:35:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202072236000/ Frame 2F17 220 KB
60 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61519
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "609f9f524fc23ab6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 2F17 16 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5708
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4c9170e21c83610c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 2F17 96 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29623
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f660f99fdfd5d6c6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 2F17 5 KB
2 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1844
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0f41eb8e6d0a727"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 2F17 42 KB
13 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13623
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14164defe327400f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 17:46:30 GMT

GET
H3 200 14828492229214819266
tpc.googlesyndication.com/simgad/ Frame 2F17 46 KB
46 KB 19ms
18ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14828492229214819266?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qntK6diN12SXYqD1N1Z_zlXziQvPw

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90398d274e093821b066f9bc367d1ddb8e2fa9d18d7660c10cc3704c4d9f519f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 19:39:43 GMT
x-content-type-options: nosniff
age: 201360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46612
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 09:20:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Feb 2023 19:39:43 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2F17 2 KB
2 KB 25ms
25ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 64445
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 15 Feb 2022 09:41:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2F17 295 B
319 B 26ms
25ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 63758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 15 Feb 2022 09:53:05 GMT

GET
DATA 200
OK truncated
/ Frame 2F17 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71758c899fbb9e1a8db077d93fca34747de4bd76cf26eed968157785a9901fe8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2F17 0
0 24ms
24ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cwia1jx8LYv2uDJDH7_UPov23wAmg8qOFaN61-PaSD9zZHhABIMv4kX5glYKAgLAHoAGcr_uoAsgBAuACAKgDAcgDCKoElANP0CR41g5yP0fy-wwl-yICa6opk2UhWLOibRBGgCtYOLnQq13NWiYwFjw6kus4iNbgiICyW0Xl_YFt3rbuV3wusL5vtbs3Dnqk3O7n64_m38DQswQkFfFnhSxgNWfiI7QTKkS7-cfaoz1CkRsxlGcyrw3pL0XkUxx-d8RaGdgDEUnF7oecKpvdG4e6Q_A_hyDvZ7A0UnILrczsjAL39FdhCgLoVfR7s_aFREm9uCKAd-2b9yvKdp0Ypis6zaxUaG978WTs8i_bLVDL6WTfaxffBAhdzEGHHuxVQr6t7bIkp7jBzZNIGXNRMQF9KGXq7Utycw59hb3K1HLYEzBDRAq8Ok55FmkX4D_U-cWNLcfEjNcoSw4u51L3KXiF8PljTJPI6yE5aZAfGrz8--gC4jVIM6KrXzBAlS2jF5W5e-u8KDDbe3-YbJxJ3i0F5fvZX9n4lH1TC_894e0mkVw95EnTZe-F4P_KL5g7iosd1Tj9Oj9iAz4142Z-sak-KrF5yFoaI0i9tB7Ko1Pjo-pdrf0VhxEKn8AE5u73mukD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB8zQhNcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ8I0t0ggJCIjhgBAQARgdgAoByAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTM1OTA4NTM5MjQ3MjMwNzEYt8t3&sigh=NPRBLPF0icQ&uach_m=[UACH]
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malaysianow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 2F17
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

40ms
40ms

Image
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.malaysianow.com
URL: https://www.malaysianow.com/news/2021/11/29/businessmans-bangsar-offices-raided-in-major-money-laundering-tax-evasion-probe/
Protocol: H3
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Tue, 15 Feb 2022 03:35:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.malaysianow.com/	1970-01-25 02:32:38	Name: mnow_berita_c Value: 0
www.malaysianow.com/	1970-01-25 02:32:38	Name: mnow_opinion_c Value: 0
www.malaysianow.com/	1970-01-25 02:32:38	Name: mnow_wacana_c Value: 0
www.malaysianow.com/	1970-01-25 02:32:38	Name: mnow_otnow_c Value: 0
www.malaysianow.com/	1970-01-25 02:32:38	Name: mnow_gallery_c Value: 0
www.malaysianow.com/	1970-01-25 02:32:38	Name: mnow_video_c Value: 0
www.malaysianow.com/	1970-01-25 02:32:38	Name: mnow_all_sub Value: false
www.malaysianow.com/	1970-01-25 02:32:38	Name: mnow_lead_sub Value: false
www.malaysianow.com/	1970-01-25 02:32:38	Name: mnow_berita_sub Value: false
www.malaysianow.com/	1970-01-25 02:32:38	Name: mnow_opinion_sub Value: false
www.malaysianow.com/	1970-01-25 02:32:38	Name: mnow_wacana_sub Value: false
www.malaysianow.com/	1970-01-25 02:32:38	Name: mnow_otnow_sub Value: false
www.malaysianow.com/	1970-01-25 02:32:38	Name: mnow_gallery_sub Value: false
www.malaysianow.com/	1970-01-25 02:32:38	Name: mnow_video_sub Value: false
www.malaysianow.com/	1970-01-25 02:32:38	Name: mnow_lead_c Value: 1
.malaysianow.com/	1970-01-20 18:26:08	Name: _ga Value: GA1.2.1163831766.1644896140
.malaysianow.com/	1970-01-20 00:56:22	Name: _gid Value: GA1.2.151651728.1644896140
.malaysianow.com/	1970-01-20 00:54:56	Name: _gat_gtag_UA_175322716_1 Value: 1
.doubleclick.net/	1970-01-20 10:16:32	Name: IDE Value: AHWqTUniaZfGGY27JKR86Jx-ERVEXGDhqb-sR8Fnqe3u-5aYWDeVzpzCnQrbM4Vr7qg
.casalemedia.com/	1970-01-20 09:40:32	Name: CMID Value: YgsfjBB3AU7B98BZnOHvZAAA
.casalemedia.com/	1970-01-20 03:04:32	Name: CMPS Value: 3239
.casalemedia.com/	1970-01-20 03:04:32	Name: CMPRO Value: 1207
.casalemedia.com/	1970-01-20 00:56:22	Name: CMST Value: YgsfjGILH4wA
.casalemedia.com/	1970-01-20 09:40:32	Name: CMRUM3 Value: 2d620b1f8c2760CAESEFaFZ4HFEbakImxMovOjE68
.adnxs.com/	1970-01-20 03:04:32	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%umn1j'!]tbPl1M>e)ZlrFUfJ+tGXxoP[O4lpXn#V3_(-`9L!x=vFn:C4ao7YD5(#YkbpRzqF1`b`Pu=V[?
.adnxs.com/	1970-01-20 03:04:32	Name: uuid2 Value: 8316833522682605034
.redintelligence.net/	1970-01-20 03:04:32	Name: 8lcfmzhxc8d6_uid Value: d9ad496dc1c5e7cc
.doubleclick.net/	1970-01-20 00:54:59	Name: DSID Value: NO_DATA
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: fieamvn0exrszhn11gkwcif2
pb.media01.eu/	1970-01-20 18:26:08	Name: DTU Value: 44D16008017C66A1395B91D11DBB1C67
.malaysianow.com/	1970-01-20 10:16:32	Name: __gads Value: ID=ae89b46bdcd21e18-22c3c40641cd006a:T=1644896140:S=ALNI_MbKw_74WSh8zJn2GgwwfkLxldOEVg

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/022202072236000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-server.eu
adservice.google.com
adservice.google.de
cdn.ampproject.org
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fde5a89a996c118b5c41c37fb87fb153.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90001.redintelligence.net
ib.adnxs.com
media.malaysianow.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pv.medialead.de
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.malaysianow.com
142.250.185.162
144.76.104.53
145.239.193.130
172.217.18.98
185.33.220.216
2.21.141.232
2606:4700:10::6816:212
2606:4700::6810:5f41
2a00:1450:4001:800::200a
2a00:1450:4001:803::2003
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:828::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:400c:c06::9a
46.4.10.49
54.76.176.197
88.198.250.30
00ae4ea16ee63624a7e05769653a6d2b6157328dd88db881127f651fbbc4cdd9
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
06b89615824177c02fe88a115183da6905bd3bb4d5136997ca35a0bdfa86f422
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f5f9b65a3ff7723227a49ac548c75ff0e828cf8af10cdcb2013668614947cb8
0fff9ad0c7475bc21194cef8745ed73b1deb929c412e60510763a2ce7c47e4b0
114c84d26d37dc6859199d2c04cdcfdddf1d723c73e3bc36211caecfba352b8a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
137c2c9208370792c9acb91d495d77e62ec53ffeced33de23110e742b81d5c04
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
18ec45978f0a68004bbcff5a150f9eb62cfac449a51f15c5a61336a2ad1d4675
1ce8bffe9993debe0780d6912df0ac9350f43416d4a7f23c5fd86702281328dd
26ccbc68cfd388f01b58c871e6598790f8d50cb15f1a2bdafd6b10f89ed67439
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e0cecf156c6025f1884bb058819ffad1ece045cc556768551e1ecd1f1c0ccab
2fac200a450c549e6b210575871c833dd36d572c9786f18f58bd1ee4afc39e35
312b07f5f961b4444ae4fe543aad3a174511d18d38b0cca99136f90261189e0c
32bbb415575937d96b0e0987e865afb5d6fb6cca0573cc30d2d2cebd3b817fb2
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
3e77c2815174dd045c6fbb51b0b11bba37d4ef73d43d02f3480138096ad9c8bc
40c3b592316e78b5555174382ecf5c0e3d35194fe903b49456bb17be3c642a57
4175ed355dbfae2989e7d4c73bcc80be5cd4073367c8a2c8385d1ffaf6ea5cde
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
430eb07dfa4aa941ac583048830d1ef450b9fccf2111bb751e057668a5d375e5
43910ccaf2394239b9ee9bfd8f2cd748d2ab585e170970521ca589ebe9ad8642
4a81d8ce9b6db9419adbc3fe17cd972edd93ecf42d27745de4b5f8b893504cf9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cff8af8e6ef9e8bc8cbfab9552ae2cfdf35170ddcf2f4be9ce18e6da29270ab
4d05bf9988fd0a6f13f729125be669d13334bff8add33b07256a23560b339096
4e653ab21aad7046caa14b05f1e7882f32d649b12f4015537db80ae370881ee0
4ea5f36ff6be97f36ef9bf9b5854cf7a27354bc342f5bdf5a291579f743c2c6d
4efd43ff6d6dc2c922d3ba71a80f7f499eb56f65df5fe2c60305b35e66062eae
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
557c7d8dd32557129cec3d5d4f221eef6e8706e0855f826f5f6db4278e08420b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ac903cf375e85f77ade37ce4b7681564e93d4825dcab75b58317665134a539a
6111e11deef7a500f2221fd3c2f7790b9f906c9ea483bbdd23bf83fafbeecabb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6c37d37a5a490c8cf97394f6d349add532d05321bb097a8836e1a00890093ad7
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
71758c899fbb9e1a8db077d93fca34747de4bd76cf26eed968157785a9901fe8
718c81b4e19e36f6028563dd94bcec3e400680d19e439a22687c753eab9ea84e
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
7342ed6a60a9a451683816936b701c0081da7df69e3de965b957fda84f7dd29c
7b5fc275c98a58b1073a713920cefa54fab60ad9d85a67cf6907aaf8fbb3c474
7cfdef7cd1a0fab390d940b7b61ea3afc340838418bb94d460fe451d654331ac
7f35fcccc4ed146643e90823d919bd70569dfb9ab8058573ed74063cedb8d5a6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82d0b41df1c9a1918fcbdd76952bbf7020a833a496578bbb1e5926aa69473063
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a4fd9dc6db644313269ca0055f0cef11c1361c8879480f45393332ae2c8e027
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8ea234be37abb1b803a59de89393fa78be54e35744ec7880017b6d41b39e15e0
8f0722a81c1b03ebc18826f4f29bca688a1aee89619de0be687dde8c8fab0800
90398d274e093821b066f9bc367d1ddb8e2fa9d18d7660c10cc3704c4d9f519f
90bc33a203c8a5e4c734e5ad5f816945b7ca0ab341f3d18788a09275346f535e
91855b507681266c83e1671a60d2ca397c16682eeeff613ec51e59ab8526b5ac
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
941a8838a800adaf292e44a67962c9ab7094a0b6c7a70c264daef0ca36e5ba3d
9b3f4a140e60708e55c7f6afbe1ba517f9e39cdf2bc0969a6c319b70f904c0ba
9f35ab78eff2bc7606c848119a87bf1c25d903d15b9af755d8a7ceb322f23d95
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1fc1430cd75c53c33175084b982a96bf011411382359e98c9c327f7c229acae
a2fd36321c9cf7e4ac0275269a7ba52f6c2683a307da09b94a4bac026ede3919
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad6a1901c9b10af1f6fc584663c580ee927b947a1c48f596a6d554b460ce38be
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
b09298879c552326691dee50f55de36b7b7d8904c48f44252cc0706ef49cde97
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b307fcf0455d2a42f60960f8644ef2ce1f5cbc010fa05ea22fcbab1334760fd4
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bdb208020bdc53ba06118c097b4f8aac85ed990f71dabc9aa67a565c8bb66b18
c976213f54869765675619d355c73a787b39ba24d51bc8b44a34663150edf544
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd12873ac9f51066962f44adfaff78de100d40e48364d0269dd46e0dfe852fc3
d06df4184ba84e09a4be6a6ed101d1c3adefea0eaa833ddecf2f2251f6af33a3
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
d57c5fe6ed06f7bcc17fda1afc2a15dfe2959e696e9049764b00098a20633a16
d7246ea8f0ede1f2eadd6aa077545b7e0423f39e19d33c7c9a99d400afbe1bbb
ddf1f42a7bec68c72f80f6fecf6c7c3d934fff93d7aa035cff8468614c438d48
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df1325dc2b48fea85fffd3aaa71e2d5724a52f374b37d82dd03c410d81f61042
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5be11609d62e8250a3ee4a6910054c1c24f42f53edd335ac39534b3801f1597
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
f94753653b2648769fbb0aeea4ccd0060de8cd7ce35c6e1c3acffde08f6f67d1
f9c141103b57e547274799df03069c30320e8cb3ec4facad8e6fe7f658f985fb
faaaef5cc552bedab501907ee4bf801c516a92eecfe9c1ec3aa2f6ff4f430406
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe5383efb3768b579a13f6e3f8dd2a17677746614367d24d1e033532dab6cd71

www.malaysianow.com Open in urlscan Pro 2606:4700:10::6816:212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

180 Requests

94 %HTTPS

64 %IPv6

19 Domains

29 Subdomains

25 IPs

6 Countries

2463 kBTransfer

7127 kBSize

31 Cookies

12 Outgoing links

Redirected requests

180 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.malaysianow.com Open in urlscan Pro
2606:4700:10::6816:212 Public Scan

Screenshot
Live screenshot

Full Image

180
Requests

94 %
HTTPS

64 %
IPv6

19
Domains

29
Subdomains

25
IPs

6
Countries

2463 kB
Transfer

7127 kB
Size

31
Cookies

180 HTTP transactions
6 data transactions