urlscan.io logo urlscan.io
SecurityTrails logo

siakapkeli.my Open in urlscan Pro
2a06:98c1:3121::c  Public Scan

Go To Rescan Add Verdict Report
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Submission: On August 29 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 82 IPs in 12 countries across 73 domains to perform 315 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is siakapkeli.my. The Cisco Umbrella rank of the primary domain is 665297.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.
This is the only time siakapkeli.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
2 205.185.216.42 20446 (STACKPATH...)
1 103.253.144.208 14061 (DIGITALOC...)
2 2a04:4e42:400... 54113 (FASTLY)
2 52.76.118.250 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
2 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
24 2a03:2880:f00... 32934 (FACEBOOK)
5 2a03:2880:f08... 32934 (FACEBOOK)
2 2.21.184.200 16625 (AKAMAI-AS)
1 2.18.79.142 20940 (AKAMAI-ASN1)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 23.106.127.48 59253 (LEASEWEB-...)
1 2a04:4e42:200... 54113 (FASTLY)
9 18.198.39.162 16509 (AMAZON-02)
1 3.65.55.62 16509 (AMAZON-02)
7 185.86.137.114 201081 (SMARTADSE...)
1 18.158.113.209 16509 (AMAZON-02)
1 34.107.148.139 15169 (GOOGLE)
2 5 185.89.210.90 29990 (ASN-APPNEX)
5 54.72.151.170 16509 (AMAZON-02)
3 35.244.159.8 15169 (GOOGLE)
1 198.47.127.22 62713 (AS-PUBMATIC)
1 2602:803:c003... 26667 (RUBICONPR...)
1 178.250.0.165 44788 (ASN-CRITE...)
1 12 104.18.19.126 13335 (CLOUDFLAR...)
14 2a00:1450:400... 15169 (GOOGLE)
36 2a00:1450:400... 15169 (GOOGLE)
1 34.102.146.192 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 54.200.17.135 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 108.138.17.94 16509 (AMAZON-02)
1 3.12.169.211 16509 (AMAZON-02)
1 52.222.236.18 16509 (AMAZON-02)
1 2 34.120.107.143 15169 (GOOGLE)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
2 8 2a00:1450:400... 15169 (GOOGLE)
1 52.214.46.176 16509 (AMAZON-02)
1 141.95.98.68 16276 (OVH)
3 178.250.2.146 44788 (ASN-CRITE...)
3 35.71.131.137 16509 (AMAZON-02)
1 185.80.36.212 27381 (CASALE-MEDIA)
1 142.250.186.66 15169 (GOOGLE)
2 4 104.18.18.126 13335 (CLOUDFLAR...)
2 3 169.50.137.182 36351 (SOFTLAYER)
2 14 142.250.184.194 15169 (GOOGLE)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 3 37.157.3.28 198622 (ADFORM)
2 3 51.89.9.251 16276 (OVH)
3 3 213.19.147.44 26120 (RHYTHMONE)
2 23.47.209.72 16625 (AKAMAI-AS)
1 185.170.60.202 27381 (CASALE-MEDIA)
1 2 52.46.155.104 16509 (AMAZON-02)
1 1 34.95.81.168 15169 (GOOGLE)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 52.54.46.88 14618 (AMAZON-AES)
1 1 52.204.37.210 14618 (AMAZON-AES)
3 23.47.209.6 16625 (AKAMAI-AS)
1 143.204.89.70 16509 (AMAZON-02)
3 66.155.71.25 13768 (COGECO-PEER1)
1 34.96.105.8 15169 (GOOGLE)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 2600:9000:206... 16509 (AMAZON-02)
2 185.89.210.46 29990 (ASN-APPNEX)
2 2 151.101.2.49 54113 (FASTLY)
1 2 3.126.56.137 16509 (AMAZON-02)
2 2 103.229.205.243 30419 (MEDIAMATH...)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 169.197.150.8 398989 (DEEPINTENT)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 52.222.214.49 16509 (AMAZON-02)
1 13.32.99.110 16509 (AMAZON-02)
1 130.211.115.4 396982 (GOOGLE-CL...)
1 13.248.245.213 ()
2 92.123.9.160 ()
1 104.17.120.107 ()
1 2.21.184.188 ()
1 1 37.157.6.242 ()
3 3 3.122.40.23 ()
1 198.47.127.19 ()
1 1 2a02:fa8:8806... ()
1 2606:4700::68... ()
1 35.244.174.68 ()
315 82
24    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
siakapkeli.my
5    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
19    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
sk-bucket.sgp1.cdn.digitaloceanspaces.com
1    103.253.144.208 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: sgp1.digitaloceanspaces.com
sk-bucket.sgp1.digitaloceanspaces.com
2    2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)
anymind360.com
2    52.76.118.250 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-118-250.ap-southeast-1.compute.amazonaws.com
xhr.invl.co
5    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
7    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
www.googletagservices.com
21    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
3    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
24    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
scontent.xx.fbcdn.net
5    2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
scontent-ams2-1.xx.fbcdn.net
2    2.21.184.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-184-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2.18.79.142 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-142.deploy.static.akamaitechnologies.com
ced.sascdn.com
3    2606:4700:10::6816:30fd (United States)

ASN13335 (CLOUDFLARENET, US)
tag.adbro.me
cdn.adbro.me
2    23.106.127.48 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
adnetwork.adasiaholdings.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
9    18.198.39.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-39-162.eu-central-1.compute.amazonaws.com
d.vidoomy.com
a-prebid.vidoomy.com
a.vidoomy.com
1    3.65.55.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-55-62.eu-central-1.compute.amazonaws.com
tlx.3lift.com
7    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
prg-apac.smartadserver.com
1    18.158.113.209 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-113-209.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
5    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
5    54.72.151.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-151-170.eu-west-1.compute.amazonaws.com
prebid.ad.smaato.net
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adasia-d.openx.net
google-bidout-d.openx.net
u.openx.net
1    198.47.127.22 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
12    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
r.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
14    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
googleads.g.doubleclick.net
36    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    54.200.17.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-17-135.us-west-2.compute.amazonaws.com
id.sharedid.org
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    108.138.17.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-94.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    3.12.169.211 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-169-211.us-east-2.compute.amazonaws.com
prod.uidapi.com
1    52.222.236.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-18.fra56.r.cloudfront.net
cnt.trvdp.com
2    34.120.107.143 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
8    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    52.214.46.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-46-176.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    141.95.98.68 (France)

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu
id5-sync.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    185.80.36.212 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a300.casalemedia.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
partner.googleadservices.com
4    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
3    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
14    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
1    85.114.159.93 (Waldshut-Tiengen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
3    213.19.147.44 (Beverwijk, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    23.47.209.72 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-72.deploy.static.akamaitechnologies.com
sync.teads.tv
1    185.170.60.202 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a2171.casalemedia.com
2    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.95.81.168 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    2a05:d018:d29:3601:ebd:fba0:5325:a4e6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    52.54.46.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-46-88.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    52.204.37.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-37-210.compute-1.amazonaws.com
sync.extend.tv
3    23.47.209.6 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-6.deploy.static.akamaitechnologies.com
js-sec.indexww.com
1    143.204.89.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-70.fra50.r.cloudfront.net
go.trvdp.com
3    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    2a05:d018:24:b002:d4fc:f527:7aed:872f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    2600:9000:206e:5600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    52.222.214.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-49.fra56.r.cloudfront.net
stg.truvidplayer.com
1    13.32.99.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-110.fra60.r.cloudfront.net
s.trvdp.com
1    130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
1    13.248.245.213 (None, )

ASN- ()
eb2.3lift.com
2    92.123.9.160 (None, )

ASN- ()
eus.rubiconproject.com
1    104.17.120.107 (None, )

ASN- ()
biddr.brealtime.com
1    2.21.184.188 (None, )

ASN- ()
acdn.adnxs.com
1    37.157.6.242 (None, )

ASN- ()
cm.adform.net
3    3.122.40.23 (None, )

ASN- ()
x.bidswitch.net
1    198.47.127.19 (None, )

ASN- ()
image6.pubmatic.com
1    2a02:fa8:8806:12::1370 (None, )

ASN- ()
casale-match.dotomi.com
1    2606:4700::6812:c4c (None, )

ASN- ()
cdn.indexww.com
1    35.244.174.68 (None, )

ASN- ()
id.rlcdn.com
Apex Domain
Subdomains		 Transfer
57 googlesyndication.com
051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
509 KB
46 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
stats.g.doubleclick.net — Cisco Umbrella Rank: 108
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
319 KB
29 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 631
scontent-ams2-1.xx.fbcdn.net — Cisco Umbrella Rank: 14436
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 344
351 KB
24 siakapkeli.my
siakapkeli.my — Cisco Umbrella Rank: 665297
264 KB
18 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 539
a300.casalemedia.com — Cisco Umbrella Rank: 369003
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456
r.casalemedia.com — Cisco Umbrella Rank: 778
a2171.casalemedia.com — Cisco Umbrella Rank: 593227
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525
dsum.casalemedia.com
17 KB
11 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
2 KB
9 vidoomy.com
d.vidoomy.com — Cisco Umbrella Rank: 11367
a-prebid.vidoomy.com
a.vidoomy.com
2 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 759
gum.criteo.com — Cisco Umbrella Rank: 407
mug.criteo.com — Cisco Umbrella Rank: 2790
9 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
secure.adnxs.com — Cisco Umbrella Rank: 463
acdn.adnxs.com
20 KB
7 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 13215
4 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
259 KB
6 smaato.net
prebid.ad.smaato.net — Cisco Umbrella Rank: 3179
s.ad.smaato.net — Cisco Umbrella Rank: 740
2 KB
5 openx.net
adasia-d.openx.net — Cisco Umbrella Rank: 38917
oajs.openx.net — Cisco Umbrella Rank: 3064
google-bidout-d.openx.net — Cisco Umbrella Rank: 2947
u.openx.net
1011 B
5 gstatic.com
fonts.gstatic.com
106 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
3 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 594
cdn.indexww.com
3 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 612
cm.adform.net
2 KB
4 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 492
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 493
image6.pubmatic.com
82 KB
3 bidswitch.net
x.bidswitch.net
2 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 602
573 B
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488
ups.analytics.yahoo.com — Cisco Umbrella Rank: 278
2 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
822 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 851
1 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 371
917 B
3 trvdp.com
cnt.trvdp.com — Cisco Umbrella Rank: 43967
go.trvdp.com — Cisco Umbrella Rank: 39926
s.trvdp.com — Cisco Umbrella Rank: 40648
138 KB
3 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 519
eus.rubiconproject.com
token.rubiconproject.com Failed
pixel.rubiconproject.com Failed
13 KB
3 adbro.me
tag.adbro.me — Cisco Umbrella Rank: 25828
cdn.adbro.me — Cisco Umbrella Rank: 28126
32 KB
3 google.nl
adservice.google.nl — Cisco Umbrella Rank: 14414
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
region1.google-analytics.com — Cisco Umbrella Rank: 3094
20 KB
3 digitaloceanspaces.com
sk-bucket.sgp1.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 798184
sk-bucket.sgp1.digitaloceanspaces.com — Cisco Umbrella Rank: 989760
60 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
185 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 476
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 590
645 B
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1122
788 B
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 282
aax-eu.amazon-adsystem.com Failed
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1030
344 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 570
2 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1220
bcp.crwdcntrl.net — Cisco Umbrella Rank: 820
10 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1301
id5-sync.com — Cisco Umbrella Rank: 508
13 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
41 KB
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 617
eb2.3lift.com
646 B
2 adasiaholdings.com
adnetwork.adasiaholdings.com — Cisco Umbrella Rank: 59454
657 B
2 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1543
23 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
24 KB
2 invl.co
xhr.invl.co — Cisco Umbrella Rank: 115520
5 KB
2 anymind360.com
anymind360.com — Cisco Umbrella Rank: 17845
159 KB
1 rlcdn.com
id.rlcdn.com
1 dotomi.com
casale-match.dotomi.com
187 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 ad-score.com
data.ad-score.com — Cisco Umbrella Rank: 4531
722 B
1 truvidplayer.com
stg.truvidplayer.com — Cisco Umbrella Rank: 36179
2 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 743
755 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 913
44 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 792
425 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 13782
551 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2742
173 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1642
546 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 754
580 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 2596
269 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1049
573 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1558
583 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
648 B
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 3344
5 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 3504
904 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3290
8 KB
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1269
251 B
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 2636
158 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 422
1 KB
1 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 10546
32 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 219
1 KB
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 cognitivlabs.com Failed
beacon.lynx.cognitivlabs.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
315 73
Domain Requested by
36 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
24 siakapkeli.my siakapkeli.my
23 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
19 securepubads.g.doubleclick.net siakapkeli.my
securepubads.g.doubleclick.net
www.googletagservices.com
18 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
www.googletagservices.com
14 cm.g.doubleclick.net 2 redirects 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
r.casalemedia.com
12 googleads.g.doubleclick.net pagead2.googlesyndication.com
siakapkeli.my
051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
googleads.g.doubleclick.net
9 dsum-sec.casalemedia.com 1 redirects r.casalemedia.com
ssum-sec.casalemedia.com
8 www.google.com 2 redirects tpc.googlesyndication.com
051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
googleads.g.doubleclick.net
7 prg-apac.smartadserver.com anymind360.com
6 www.googletagservices.com securepubads.g.doubleclick.net
051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 prebid.ad.smaato.net anymind360.com
5 ib.adnxs.com 2 redirects anymind360.com
ssum-sec.casalemedia.com
acdn.adnxs.com
5 d.vidoomy.com anymind360.com
5 scontent-ams2-1.xx.fbcdn.net www.facebook.com
5 fonts.gstatic.com fonts.googleapis.com
5 fonts.googleapis.com siakapkeli.my
tpc.googlesyndication.com
4 ssum-sec.casalemedia.com 2 redirects 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
js-sec.indexww.com
4 gum.criteo.com 2 redirects static.criteo.net
3 x.bidswitch.net 3 redirects
3 a-prebid.vidoomy.com
3 pixel-sync.sitescout.com 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
3 js-sec.indexww.com r.casalemedia.com
ssum-sec.casalemedia.com
anymind360.com
3 onetag-sys.com 2 redirects 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
3 c1.adform.net 2 redirects ssum-sec.casalemedia.com
3 um.simpli.fi 2 redirects ssum-sec.casalemedia.com
3 match.adsrvr.org ads.pubmatic.com
r.casalemedia.com
3 mug.criteo.com
3 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 adservice.google.nl securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 www.googletagmanager.com siakapkeli.my
www.googletagmanager.com
2 eus.rubiconproject.com anymind360.com
eus.rubiconproject.com
2 sync.mathtag.com 2 redirects
2 ups.analytics.yahoo.com 1 redirects ssum-sec.casalemedia.com
2 sync-tm.everesttech.net 2 redirects
2 secure.adnxs.com ssum-sec.casalemedia.com
2 sync.tidaltv.com 2 redirects
2 s.amazon-adsystem.com 1 redirects r.casalemedia.com
2 sync.teads.tv 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
2 sync.1rx.io 2 redirects
2 oajs.openx.net 1 redirects
2 static.criteo.net securepubads.g.doubleclick.net
anymind360.com
2 adnetwork.adasiaholdings.com ced.sascdn.com
2 tag.adbro.me 1 redirects siakapkeli.my
2 ads.pubmatic.com anymind360.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 secure.gravatar.com siakapkeli.my
2 www.facebook.com siakapkeli.my
static.xx.fbcdn.net
2 xhr.invl.co siakapkeli.my
2 anymind360.com siakapkeli.my
anymind360.com
2 sk-bucket.sgp1.cdn.digitaloceanspaces.com siakapkeli.my
1 id.rlcdn.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 a.vidoomy.com
1 cm.adform.net 1 redirects
1 acdn.adnxs.com anymind360.com
1 biddr.brealtime.com anymind360.com
1 u.openx.net anymind360.com
1 eb2.3lift.com anymind360.com
1 data.ad-score.com s.trvdp.com
1 s.trvdp.com go.trvdp.com
1 stg.truvidplayer.com go.trvdp.com
1 p.rfihub.com 1 redirects
1 match.deepintent.com ssum-sec.casalemedia.com
1 ad.turn.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 ads.travelaudience.com 1 redirects
1 tr.blismedia.com 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
1 go.trvdp.com cnt.trvdp.com
1 sync.extend.tv 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 pr-bh.ybp.yahoo.com r.casalemedia.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 a2171.casalemedia.com 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 r.casalemedia.com 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 a300.casalemedia.com 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cnt.trvdp.com securepubads.g.doubleclick.net
1 prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 id.sharedid.org securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 htlb.casalemedia.com anymind360.com
1 bidder.criteo.com anymind360.com
1 fastlane.rubiconproject.com anymind360.com
1 hbopenbid.pubmatic.com anymind360.com
1 adasia-d.openx.net anymind360.com
1 prebid.media.net anymind360.com
1 hb.emxdgt.com anymind360.com
1 tlx.3lift.com anymind360.com
1 cdn.jsdelivr.net anymind360.com
1 cdn.adbro.me siakapkeli.my
1 ced.sascdn.com siakapkeli.my
1 scontent.xx.fbcdn.net www.facebook.com
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 sk-bucket.sgp1.digitaloceanspaces.com siakapkeli.my
1 cdnjs.cloudflare.com siakapkeli.my
0 aax-eu.amazon-adsystem.com Failed
0 pixel.rubiconproject.com Failed
0 token.rubiconproject.com Failed
0 b1sync.zemanta.com Failed ssum-sec.casalemedia.com
0 beacon.lynx.cognitivlabs.com Failed ssum-sec.casalemedia.com
0 match.prod.bidr.io Failed ssum-sec.casalemedia.com
315 114

This site contains links to these domains. Also see Links.

Domain
en.siakapkeli.my
www.youtube.com
maharsuri.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.sgp1.cdn.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-15 -
2023-05-02		 a year crt.sh
*.sgp1.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-23 -
2022-12-16		 a year crt.sh
anymind360.com
R3		 2022-07-02 -
2022-09-30		 3 months crt.sh
*.invl.co
Amazon		 2022-05-01 -
2023-05-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-07 -
2022-09-05		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.google.nl
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2021-09-13 -
2022-09-13		 a year crt.sh
*.adasiaholdings.com
Go Daddy Secure Certificate Authority - G2		 2022-05-15 -
2023-05-13		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-21 -
2023-04-22		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
smaato.net
Sectigo ECC Organization Validation Secure Server CA		 2020-07-28 -
2022-10-04		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-08-09 -
2022-11-07		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.trvdp.com
Amazon		 2022-08-25 -
2023-09-23		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-01-15 -
2023-01-13		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-08-18 -
2022-11-16		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-24 -
2023-02-15		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.truvidplayer.com
Amazon		 2022-02-07 -
2023-03-07		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2021-09-02 -
2022-10-04		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh

This page contains 34 frames:

Primary Page: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Frame ID: 66C38DAFDC2C3BB18D50F03A886794DA
Requests: 119 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Frame ID: E76BFF1AD991328B80F4719B987C5E18
Requests: 32 HTTP requests in this frame

Frame: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DB81F3A4378697BDF0ADBFFD202639FA
Requests: 1 HTTP requests in this frame

Frame: https://siakapkeli.my/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661760000
Frame ID: 2456D1F3610B876D8D68EFFD2EE7B89A
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssej5AxYZ4jDCmMSv82pkysmxCCyC6PbznRvlUp36gZ-5rkKh6S4Y22FtW4dh8LI_S39zBVsJG9yn795bCSrnm0u0DPF18sLI_J2a82MWIFJlEMC0udleu7TiPCS_c8TFI8FYPjOftpz5a5yQrdoaZkbzc_AGNgKocITVFG1j8bsqIwMReDp4tyhIulWeDdldFvgwsDB4CmOC-jy1hPCyTghGe5-QUeKW1pbkFi3LOiqHDCqowNgx7wfZ6mVmhQTQEyjEkKi7mCaurLZBeDbJ92ebS4NkdH8g5G-LDSGJqCHaTpcRJ36ZzDx9xDvNjwTeKOVpL1c0WS6Uq_YEpMmt97scmWygcstPM&sai=AMfl-YQ1psjoJrJZnxEYThqPO15RXub7UUuuhWgGnLR-Js7IV7M8zdeC3wokWao-cHnyPvdGXky0tiVfq660nWt0WbKgNcBGAZr2DmChTdM3FXOOI3NS4iQc5U940PzLnA&sig=Cg0ArKJSzOo8TmLmqTHGEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AB2396F799195002305FD8C7B98036A4
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=siakapkeli.my
Frame ID: CA4EA55E4B2E54491015C076EAC45A6D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A004C71FBE5ABD5138AF9C4C8A6B8A1D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 921E349210F6A84139F54E233C4BA3FE
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5FR-sj8BkyobeTi4uS7jaR7STwL6EYnUX5Vysmu7XY4XNLhm1zQQrbGX2MSRsnz12tlxS6EnI9a5i0UNPj42ldCo1hr9bzqy7SrQSOiZVCvvQ7r6cc7eh6ZYsVaBIbaYbOpzj0g5zV_aa9P1Jjpd_WlMxnUd0k7_bPBrf2rIJkFjEo18XWHspnnJzeExw5VakdJD2Cm5NBpHWDHA7FO_9wyTEfsh4ed-uMudjoWjOmjQh1prqw2QczEjtCB5NKPMDv_SqcX8i6LhxouP3qa7zb8OvSnEHnaJC4e7nOR3S9bcmQoYRDdzB2tQOXuvc7BJ1O4GCfncByWMsdhceI6iIMVbEFLs6C-EJl4La6MdyGwQnJDP7IQx23lV-kZwXyB-gzhSKsWgDRvGXJgAgndQ2pzaYKucDeQ-M&sai=AMfl-YRZpO0w-Kn3y7sE7sDUrmTT4xRZdQ5PVg-gJG8-x-Bu5XC5fFpC5OmkXg6aJVfm6RaCNMlKRSEXDsNs-q6gMdYpCb8ya8AdDl8bjyHCgo6URTC1Lq7pj8kDo4qlKA&sig=Cg0ArKJSzIcWSabg5ki1EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9BF77160A72FC1EC124B8FCEDEC902A0
Requests: 13 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 2587C3088D1E24F07AB20E3973C53F4D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html
Frame ID: 9BC8DF6F73405F569BC6E030DE447793
Requests: 1 HTTP requests in this frame

Frame: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0C96D6D211AF1AF479855E68F8107A0F
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MKoDHwCV7WoAMhm0AAIctAA61OYARls0AbFrNAGodTQBm3g0ATl6NAH0ejQBEHs0Aa97NAG8ezQB7Hs0AU58NAGBfDQBgnw0AbB8NAGxfDQB2Hw0AQB9NAEWfTQBGH00AR99NAE4fTQBRH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAY4T2gGvHVwCWB5cAtseXAKy94gCJfuIAnhAqgInQqoCKEKqAg9WqgJchqoC2Y6qAoCbqgKBm6oCgpuqAqKoqgK4sKoC7cCqAqbaqgJV3qoCR-CqAqDlqgIP8aoCBfSqAov0qgKX9KoC9PWqAmL4qgJ8-aoCJvuqAkH7qgIm_6oCPv-qAucBqwKoAqsC9gWrAmsGqwJ-BqsCxAmrAosMqwI8DasChxGrAkYTqwJpE6sC2xarAoUXqwKnF6sCAxmrAmYaqwJ8GqsCgRqrAmIcqwL2HKsClh2rAl0eqwKgHqsCAh-rAsIgqwLHIKsCZiGrAhMiqwIKI6sCDCOrAqwjqwIvJKsCoSSrAoUlqwL-JasCByirAjYoqwJgKKsCcSirAvEoqwL3KasCcCqrAiLtBQPWJhAD9XQkBOyzxQUjrfsSPbX7EnDM-xKv7_sSsfr7Egj9-xJTAPwS5wD8EmYB_BLuAfwS9AH8EmQC_BKZouoUnMscGEBAoxj4VmsaKyL6Qg&awbid_c=AKAmf-D_cLxnNUlNkLQ04SYjZ8uSCGWy9n11e3J2Whyka8VmP7GrakNwQMDeXBQotY8_pXwODzVv3PPENyVVcMG8Tc3S8MNaas0D_XywurqG--yhTQKspSVM8g7dcCGe9OseFsH62Z8rVF5mNs4bjiSrj0QFGbpbFJ7ZzQ-Gi5iaa9F8PuUrpxY&awbid_d=AKAmf-Arejj154C_CxvAVvh51UfYThNuQ7s930AWF_zHjJViRSRXgJ_ylxtQVBENabbkbfxiMKPNv-u4xpoZmnPiNTivOkjb6Ddvd-p0tgWhLZOCzraSSVnFXFGD-TC1EkNzmJkOT6HJ6u4JSy2wqz8TXlCTPa5Npw0DIDT9zN6e-ACVghgLSQQ0skDZsp-WzAqsp_uZwFyZ1EnaBOPJwvkJp4jjeoejIKQn2JPld1N5G9nOnZDq1W0IHoaB6b66rJXLgyJYT7fShAUQszZXVc0nn6xl5BeY7RRUShtjxcSFfD5Iqb6Ex4xEdbUJnAfji6XBp9wWXWOwpETbGH6noUDAp7FN4XLGfHrDk31xWpUvc8c8mpiLlK5j9mhC_gz04v1eXC17JOjm-vizt-N-6Nxks5tNQ6ygeEUj60-h7WL89GiX5LbaTFZUE7NGLuepLJtY2efnD8IDtzoei9QRJ0vNNBmQOYx9rDG9fK6qnlfFb5KRz6afFizBkdwjF0sxjRcNEtqbszQL75wH6vrkJ5bf4GwJ0CGdmtcFyZVIHlDRFTl2DYCPp-35TPkp8KPBw3HeCQEKR3pHVoYZdwUq42WT3yRawXYHU4QiAq3Iqmy3SYHMGxzFx4qiyclbW4nx25nzw1be21Q2lJnKi79T7po36OJc-SzVuX5X1CdPadvN7ow2JjBgJnEu_PATauGHEWl9HAffifwto-AQGIRdyQO_1omObI-dHRNjwv_4XgRJTaNVT8aqL-NnZv5dn7QKLRJL0EG9jg_3yQSUeJeQj3JO_7Xn0BhtkMDG4K9zCFGXf1F8PCkTAp8&cid=CAASBORo9jg&exk=180336296&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjwwAAAACgcZLUuDjYcStin0VT4i1AqQeA8g
Frame ID: 3B4C0C6D0FC3BE526439C7E9FD848661
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6998313219273257&output=html&h=200&slotname=8351444450&adk=3785225855&adf=3173046725&pi=t.ma~as.8351444450&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661772739952&bpp=4&bdt=264&idt=237&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&cookie=ID%3D32b76a1cd0524d07%3AT%3D1661772736%3AS%3DALNI_MYNVZiUJgtmfuadSgxAkZs0vJdviQ&correlator=7390313933281&frm=23&ife=4&pv=2&ga_vid=612483709.1661772736&ga_sid=1661772740&ga_hid=1425923184&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=606&biw=1600&bih=1200&isw=300&ish=250&ifk=3063820861&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44768832%2C31069108%2C31060049%2C31068919&oid=2&pvsid=1679003771417929&tmod=1408806778&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.knbiga7xtipi&fsb=1&dtd=251
Frame ID: 35771068BE64F9E95D961079D936CC62
Requests: 1 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Frame ID: A201A8C5C185D82B4FEBF69F06831C70
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AA98F06825A7B50DBE981967C7182DF2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html
Frame ID: 9D86E6F82A901747B6237B8E15895FBD
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A19024AC6842A586033542FBA911B5D0
Requests: 2 HTTP requests in this frame

Frame: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AC9346F4AFE68B535480BA6E05FBABC8
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MDasFQCqAx8Amha0APpYNAFGWzQB4mA0Aad1NAGbeDQBOXo0AWp6NAH0ejQBvHs0Aex7NAFOfDQBgXw0AYJ8NAGwfDQBsXw0Adh8NAEAfTQBFn00ARh9NAEffTQBOH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAXUQ2gH8ENoBjhPaAekdXAJYHlwC0B5cAtseXAJI-4gCafuIAidCqgIoQqoCfWKqAhRxqgLPeqoCXIaqAoCbqgKBm6oCgpuqAqKoqgLHtaoClriqAu7AqgIswaoCnceqAkjMqgJw0qoCVd6qAqDlqgJ08qoCl_SqAvT1qgJZ-KoCB_uqAib7qgJC-6oC9wCrAqsFqwL2BasCJAarArIHqwJIDKsCuwyrAjkRqwJmEqsCuBOrAmgWqwIDGasCcxmrAqwZqwJjHKsCuRyrAlIeqwJZHqsCXB6rAoIeqwKgHqsCRiCrAsIgqwI5IasCZiGrAokhqwKiIasCNSSrAn0kqwKeJKsCciWrAkwnqwKbJ6sCDiirAnEoqwL-KKsCFCmrAhYpqwJpKasCsimrAsApqwLvKasCDyqrAlQqqwJ_KqsC3CqrAhQrqwLmK6sC47PFBew2oAytzmUOzKE1EdCT-xJZtfsSU8r7EmL--xKY__sSVAD8EucA_BJPAfwSZAH8ErgB_BI2AvwSTwL8Eulb0BNbn-oU-FZrGjxJ-kLotb1p&awbid_c=AKAmf-DYWHl7rwcBuRynaovdR2x2Y2Uxqhubr9aGkOxbHzqAV2Ytv_TigiEdxz1GmQtlPA5LsCjJJqiQ44-0OVUvx_ddGw2DyuKA51TpEnrdUe331R2gX3xOWRfhr7AyckNxuNm5GexfWQ_j5ufzoq2P5iwuIZjzTgZvOeJaNbjceEQ3Mot-1IA&awbid_d=AKAmf-BvRxeq7TlEn65kDDtvsLj4AtqnDiso1TGIkgbxONyc8IJgnIXT62mh8JMNnNy_JKYO9j0w1oNcAKe4IDydjPp8yyczpKrXDNMBDEg2Sd2w0fXfpuNGJLDKdDGj6MG35LbGZJ6HY4luSxgDWO8GbIruoIyMchAw-53XycvuC3rdB_AWQcZu6eD_ow0gC3WAxVevbAwgNw7pZEkUYvMJZ7bQTTRZ9gevOfVrejZXzXBlq2c1-4qcObbJ3d7wmGHADye0chdKVdy9e8ZOp-phh7W3D8RdcGsGv6WTCGu73Q49t3OrDaBHWpvLI3Szb1QHvCnkorKl4WMlKz30uGvlEgOEV3BCywpo4-GyPn4VgQauJn5E_i44KPXERfOq-fCvv2dcQGzMnACToxEvqpmagPVQWK4hKDPt2Z6Iszp1n1xezcyOiCYWmXt7t_UCHyxdR7kpk4ec_ybrUZ0t8dQu0zd3Rbyny-umJr0qBPZEgPBo2E5JH1FkRagFkFrClJ6_8rT45ZSmgljixvEFS5YUgo9VZlltoYecNq-1hdm5ygh4-HFM00lygyTSVcTTAujYmTrVqmKq22x_WiNBJFWdqJOmZS3u2KXxi6Up6ysg1bnamI_Z5UQN0b6ho88cK7HNtQshU8zKi204t6NpnekDDqIh2toatlfOPzaPKvoyteUXuu6Nq-3zgsLWL0nJKjmQxljLfBtEEb3KtW8NzOrJVkw3RHgk09c357OFH5SxKeDqJeJjzSEqZcO5Ao9YkGi_1l76lo2TscWFHM6CZwy1W2TWOkkhnboUPVfOcVXubuBhtdIN4Rk&cid=CAASBORoMiU&exk=1682835312&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjxAAAAACZShAfdwF8at4OqgwpuoLz5iiNnw
Frame ID: E26B996BD4F99EE836DA7F0660F96981
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5949C1048237FB6D14439464B7FE72BB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4F2FCE97D909D6C904E0A399C7D3FA0C
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Frame ID: 8D55FD995C10B2F82838E7BEDF6E0C57
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 28FC6AFBFDB8F64A7A3059B090815C63
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html
Frame ID: 050580E49A8180E93863927820CB76B1
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 429290E29C93B33588491806F6E688AE
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Frame ID: F27BC182CAF2C5D1E6C70C69D105FE58
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 1CE530A632A6D7DC079DA663198BC8AB
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6C70B11D90AEC111E3EC6D0E85D6CA23
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 086FC02EAC603BD5213627E80D5652B5
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 8C6C32C4D7FF4C8DF55AC64B5F9543FD
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: C0609DF51EBBEF6BA347FA242BDDCC41
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F25EA1D7794B54182B3D27990C883DD7
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 00417030E647B8E04BE7F005062D02A0
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Saya Tolak Sumbangan Jika Tahu Sumbernya Daripada Aktiviti Haram - Ahmad Zahid

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

315
Requests

88 %
HTTPS

33 %
IPv6

73
Domains

114
Subdomains

82
IPs

12
Countries

2731 kB
Transfer

7536 kB
Size

44
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80
  • https://tag.adbro.me/tags/ptag.js HTTP 302
  • https://cdn.adbro.me/ptag.js
Request Chain 140
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&rid=esp&cc=1
Request Chain 148
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=siakapkeli.my&sn=ChromeSyncframe&so=0&topUrl=siakapkeli.my&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=j_PXBHxsMHdCazI1OWZWVGhJUEV0aW1vUGtTRlBibVJnS3BGL0cydjFNemxEcllvTUo4NnFIQWpma0V0ZitKUDVUa3RZWmZqVXg0cHp5QXBYNWtIS25SNDZaWmY4czZLTXczclEzeTJPQU9PZU5iQS94b0Q2SWN0b20wVTBkNlpOZlZUZm4vRFd1aURkWC9lRWRzTTJZam1vV3Z3VmxaSlpQZnVONXllcXNhYjdRUjhRcndvNHRPbTEzOURnMVNkbFhCd0t4bWZvSi9kN21HUk9sWENNUVdwKzZGUWp0SXpXYmRpdHVqSDBPa20vUnJKYnlHNVF0dlZITDJIclA4cjJQb1ZZY3JzSSttM0t6TVpWQlhUNWZsOGpqZz09fA&cppv=2
Request Chain 176
  • https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1 HTTP 302
  • https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Request Chain 179
  • https://um.simpli.fi/gp_match?google_gid=CAESEKrUO-xSjE3u0lepWd9AWKU&google_cver=1&google_push=AehlK4C2iKvvjmlsW7ABYD6caZDGXEIJ7mN76Lm1R_ncCEatGTWQ4VGHrSSqORrPQygzYR5Zld6g2jhJ5Fh6ENLkYIql-xTJ55Mr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=90062ED350C34CFABC78B9CE39542BB5&google_push=AehlK4C2iKvvjmlsW7ABYD6caZDGXEIJ7mN76Lm1R_ncCEatGTWQ4VGHrSSqORrPQygzYR5Zld6g2jhJ5Fh6ENLkYIql-xTJ55Mr
Request Chain 180
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEK9MiziXfjMgYmPFuR12NT4&google_cver=1&google_push=AehlK4BceGVCO-SfvscZDA2CtoTa1zPgTFCVg51lMjF5yubsUW92bVnNGO9Ik3K4oWKx6uUB75Cde5l-YDK0ANcUu66Mw2Cspg8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzNzI1OTU3MTY5NDUzMjc1Ng%3D%3D&google_push=AehlK4BceGVCO-SfvscZDA2CtoTa1zPgTFCVg51lMjF5yubsUW92bVnNGO9Ik3K4oWKx6uUB75Cde5l-YDK0ANcUu66Mw2Cspg8
Request Chain 181
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKdAS4kiFDZMqmaBr_XRXZ4&google_cver=1&google_push=AehlK4CvB3_cuq4odr2L5NxcUBEUfMYZrxyuVusaLQFcJWrHhGD7GWiSIHd5oDRmQg4IafRE5AKSjjj1S9BsIxXTHqc9m6jxTUw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKdAS4kiFDZMqmaBr_XRXZ4&google_cver=1&google_push=AehlK4CvB3_cuq4odr2L5NxcUBEUfMYZrxyuVusaLQFcJWrHhGD7GWiSIHd5oDRmQg4IafRE5AKSjjj1S9BsIxXTHqc9m6jxTUw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQyMTQ5MzU1OTMzNzIzNTE0NQ&google_push=AehlK4CvB3_cuq4odr2L5NxcUBEUfMYZrxyuVusaLQFcJWrHhGD7GWiSIHd5oDRmQg4IafRE5AKSjjj1S9BsIxXTHqc9m6jxTUw
Request Chain 182
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBWGEFj873hnsDoiQYzJcHc&google_cver=1&google_push=AehlK4BfQo75VQ37h0smNeDhF39V4ZiUV9nVS2IOFxoUYV3TlDFnyG7Zc3ZmLPTEBernDOAMSOw8TfVhhmuywzxiUutjkcTdGBU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4BfQo75VQ37h0smNeDhF39V4ZiUV9nVS2IOFxoUYV3TlDFnyG7Zc3ZmLPTEBernDOAMSOw8TfVhhmuywzxiUutjkcTdGBU
Request Chain 183
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB_g-YIXuh2a1RE-ZMDfKS4&google_cver=1&google_push=AehlK4BdsTV5TQR2gsHJnV85xoS0v-ZuFPx9wGkg0qwVgv-X-cFvmlrF-at9dMwAu2aYzMSVlbUX9t4NUsZeI9wmQMZyOPEuRFo HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4BdsTV5TQR2gsHJnV85xoS0v-ZuFPx9wGkg0qwVgv-X-cFvmlrF-at9dMwAu2aYzMSVlbUX9t4NUsZeI9wmQMZyOPEuRFo&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1661772740351 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0a0fb0d3-b846-4f35-bc07-8edc7578332e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4BdsTV5TQR2gsHJnV85xoS0v-ZuFPx9wGkg0qwVgv-X-cFvmlrF-at9dMwAu2aYzMSVlbUX9t4NUsZeI9wmQMZyOPEuRFo%26google_hm%3DAwoPsNO4Rk81vAeO3HV4My4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BdsTV5TQR2gsHJnV85xoS0v-ZuFPx9wGkg0qwVgv-X-cFvmlrF-at9dMwAu2aYzMSVlbUX9t4NUsZeI9wmQMZyOPEuRFo&google_hm=AwoPsNO4Rk81vAeO3HV4My4
Request Chain 184
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBWGEFj873hnsDoiQYzJcHc&google_cver=1&google_push=AehlK4DRtllJyGfx6nSuCgrUJtRKY-9mjy2cIgwT7roUVL0lBlB7igwfT2Ad1sxqZ9_ZGaIVn85KCKqHB6-a3xrFU74JjmClOMkO_A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DRtllJyGfx6nSuCgrUJtRKY-9mjy2cIgwT7roUVL0lBlB7igwfT2Ad1sxqZ9_ZGaIVn85KCKqHB6-a3xrFU74JjmClOMkO_A HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 204
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 223
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwyjxHvekt9-CuDihv_SaAAABKAAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwyjxHvekt9-CuDihv_SaAAABKAAAAAB&dcc=t
Request Chain 226
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YwyjxHvekt9.CuDihv-SaAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEK44Re4aZB3e-AWdxQqJrsc&google_cver=1&gdpr=1&google_hm=2
Request Chain 227
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=59ab621e-4d93-4fec-94b6-ecdb6acf403c
Request Chain 229
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Jeuf3sguSql9mVOrMc7Dqx_MlpM
Request Chain 230
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d09230dc-6937-41ca-babf-0f0d6bba4b91
Request Chain 241
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEOIUSaVxCeZWcMWmK5eFdlY&google_cver=1&google_push=AehlK4A29P_qmVmJk3PY1Q68myGkAxcSxbgP70rivDnGI5-wa15fBmaQkDlNYfDWz0-gYJDdVIOYK1ynrWJhIE3egyUyfl-SPSg HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEOIUSaVxCeZWcMWmK5eFdlY&google_cver=1&google_push=AehlK4A29P_qmVmJk3PY1Q68myGkAxcSxbgP70rivDnGI5-wa15fBmaQkDlNYfDWz0-gYJDdVIOYK1ynrWJhIE3egyUyfl-SPSg&s_h=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=kQOP05nBTBmO0Pfh5l-tQQ&gdpr=1&gdpr_consent=
Request Chain 242
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBTYtfGuLkxh7__hRjNNzWM&google_cver=1&google_push=AehlK4DruCeXi2C8ShUKVNIxXu1Ud3pN2X-53b-ckBr33sKAaPhCQKY-GE47-tlj8gmELtJZp8QJyVL3m78K3i7fCbctFmfDeUI HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oltKKsigTEyWip36jnzJgQ2&google_push=AehlK4DruCeXi2C8ShUKVNIxXu1Ud3pN2X-53b-ckBr33sKAaPhCQKY-GE47-tlj8gmELtJZp8QJyVL3m78K3i7fCbctFmfDeUI
Request Chain 243
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMgsueWREo4nqYiRQvWnO2w&google_cver=1&google_push=AehlK4C61s9XicAn_yfZkU3R1oNt9JUX9Qipxz-y-QogQaRGbicWFkbWTL5UY57VDYFMAQ5gXVq1Km4K6NModQGPFsZnRCK6HR8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMgsueWREo4nqYiRQvWnO2w&google_hm=YwyjxHvekt9-CuDihv_SaAAABKAAAAAB&google_nid=index&google_push=AehlK4C61s9XicAn_yfZkU3R1oNt9JUX9Qipxz-y-QogQaRGbicWFkbWTL5UY57VDYFMAQ5gXVq1Km4K6NModQGPFsZnRCK6HR8
Request Chain 244
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDJOnQ7-sRBcoQZEosOSYKk&google_cver=1&google_push=AehlK4BgQD6fqKlfo1jNdDgwPKZcibZ9YmUBL_mdmSWFqtMsMPIjyuWHrEbyne2kfaTmCkyynwYKBpYlViJXwj1AmJ9t2Xi5VKU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4BgQD6fqKlfo1jNdDgwPKZcibZ9YmUBL_mdmSWFqtMsMPIjyuWHrEbyne2kfaTmCkyynwYKBpYlViJXwj1AmJ9t2Xi5VKU
Request Chain 249
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YwyjxQADPum7lABN HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YwyjxQADPum7lABN&gdpr=1&_test=YwyjxQADPum7lABN
Request Chain 251
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1f09630c-a3c5-4000-bcee-f2b38edcbf7c&gdpr=1&gdpr_consent=
Request Chain 252
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3710702394994080249
Request Chain 254
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322322937487899
Request Chain 255
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 278
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 286
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsiakapkeli.my%2F&domain=siakapkeli.my&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=fOG-73w2ckhpb1RBR2xyMCtiT1FodWdWZlB6ZUFlRXdkblNKQTE4d1hDbzhFNngzK2llU21RQTJVRkFHVXVRcmc4RE1KeXZHcitvelRDMVh6MUtPZkUzM3AxS05nOGEvUVhTRjdZTUlyWER1ZkpIbXcvYXlkNXFWY2hBbisxUVJDNklRY0J4OU1LVmVhakFlckFRTDZ6czN4TmRCcFQvb0ZILzNHUnNqTHNoQVd2OXVvYS9XbW9VbkJ1Mms4UUZPUkQwYXY3V0pzdjFOZ2lNUTQ3dFEvTVR2OFJrVyt5VU9Lc2d3cFY2N0xVeXliTnFpS2Jpd2lobFprT3AxYStodkw2OWw3NXE3eFdGYk5rZkF2ZGVLVDlkOWwrQT09fA&cppv=2
Request Chain 295
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=&uid=7421493559337235145
Request Chain 297
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa-prebid.vidoomy.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=3946383378954944572
Request Chain 298
  • https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3Df1d7de81-b823-4757-9d45-c83dbc65cf4c&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=1f09630c-a3c5-4000-bcee-f2b38edcbf7c&expires=30&ssp=vidoomy&bsw_param=f1d7de81-b823-4757-9d45-c83dbc65cf4c&gdpr=&gdpr_consent= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=f1d7de81-b823-4757-9d45-c83dbc65cf4c
Request Chain 299
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-L1mYMMlE2uGME.JlkjWZV3TyjKvTC9LK8HRYcHA-~A&gdpr=0&gdpr_consent=
Request Chain 304
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661859145&gdpr=1
Request Chain 315
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOxKaQWJ7S_QQik-CVdrpNg&google_cver=1
Request Chain 321
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

315 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/ 		116 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f1dbd128d2dbea474c6e9b5a16846cdecee00cfd8327c4f557ca0769e9656f0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-cache-status
DYNAMIC
cf-ray
7424f70e3937b722-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 29 Aug 2022 11:32:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
<https://siakapkeli.my/wp-json/>; rel="https://api.w.org/" <https://siakapkeli.my/wp-json/wp/v2/posts/481831>; rel="alternate"; type="application/json" <https://siakapkeli.my/?p=481831>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTYLFgw25qEKpAfZpssBP0eUnP21jJug54Ht3ZD4ojNqcxM9QZ%2BGe5eStBEjuL0q8J5zY%2FHDBPKwlQG04BR20fWyi95cO5P3PnFb45TcEgsL02EW9TM%2BskqNnaJTWdD7uYfhhdwHUdJx8OOQ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
via
1.1 varnish (Varnish/5.2)
x-cache
HIT
x-cache-hits
1
x-ua-compatible
IE=edge,chrome=1
x-varnish
36321055 36520599
style.min.css
siakapkeli.my/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
113
x-cache
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish
458829
last-modified
Tue, 16 Aug 2022 01:50:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2Fgd4U%2F2HY3fnaAuCJPJ8lOitGnwb7U%2BuIAj6BWlRbXRdFk2fp%2BtXGqio5NJPYA89QzWRn2QV6ayST1uxyarTuTA9wmbP%2BZzmz2L0ZlUTdVqJoBu4I%2BmmZ6gdzW8niBnfh1C6%2BMW8VzgAuFJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-ray
7424f7100c61b722-AMS
simple-line-icons.css
siakapkeli.my/wp-content/plugins/meks-flexible-shortcodes/css/simple-line/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-content/plugins/meks-flexible-shortcodes/css/simple-line/simple-line-icons.css?ver=1.3.1
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddb5f37e49e5bb129115dc56bf737c89b3a27770107d3c24abe60b2cec84460e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132
cf-polished
origSize=11557
cf-ray
7424f7100c62b722-AMS
x-cache
HIT
last-modified
Fri, 17 Jul 2020 12:10:03 GMT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GFEQ7KONtrgeICxHzwltSWlxYMnk%2FPo84t%2BH5GCsPf9qQDmiDBxwujywBn7%2FXTAQ7IXvYjMt7QownGWPYQgvPrt%2FLRiMKLbcuqU2eAWYANhAZPNI1BVe%2B7tRRXZNeUueKk8IOPA%2Bm%2FyCfgk"}],"group":"cf-nel","max_age":604800}
x-varnish
120330436 120362139
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
content-type
text/css
x-cache-hits
1
style.css
siakapkeli.my/wp-content/plugins/meks-flexible-shortcodes/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-content/plugins/meks-flexible-shortcodes/css/style.css?ver=1.3.1
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ee6a829478761f158d239ceb4dd636ae4e703dc1970057c71628549d1de6d14

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132
cf-polished
origSize=15381
cf-ray
7424f7100c64b722-AMS
x-cache
HIT
last-modified
Fri, 17 Jul 2020 12:10:03 GMT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGdT21mfwL%2BM%2B9GcI%2BS8kbK0OXVX8OJlbxPoL6%2F01uxdGPzWEyy6zFOcqOVle5GcABnsuF96sNh7n56KnqADPUmCXuqXWDCUxF0xYnVT0%2B%2Bu0Cbqyi7kbJ47LNd7S%2BZBVaSdcM4dSQcGFXoC"}],"group":"cf-nel","max_age":604800}
x-varnish
128151915 139321891
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
content-type
text/css
x-cache-hits
1
style.css
siakapkeli.my/wp-content/plugins/search-filter/ 		411 B
559 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-content/plugins/search-filter/style.css?ver=1
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d261205cf1f286a5d6255461ac2332f0c24327323aa37cbabc04886411b2f9d2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
126
cf-polished
origSize=577
cf-ray
7424f7100c66b722-AMS
x-cache
HIT
last-modified
Thu, 10 Mar 2022 08:05:08 GMT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIjX%2FWw5KyRj17C%2F1p5HhNpfzjWXzEeSgZJbpegbI3pLTsNp5ReIMe1rk4H%2FlYClhrJ50SIbsZlgU5bEBjFkLKu9%2BHFPFHlvxBmWgJj8HBMsTb3e86ubWv2dFvO1sIvlrwRqK8y7vV0m6dfQ"}],"group":"cf-nel","max_age":604800}
x-varnish
76136480 90262564
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
content-type
text/css
x-cache-hits
1
widget-options.css
siakapkeli.my/wp-content/plugins/widget-options/assets/css/ 		1 KB
587 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-content/plugins/widget-options/assets/css/widget-options.css
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8704f607741a4e0a4d82cf024d026c9e7c1d65241250c2223f31dca29a07dc15

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
cf-polished
origSize=1046
cf-ray
7424f7100c68b722-AMS
x-cache
HIT
last-modified
Fri, 18 Feb 2022 06:03:15 GMT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uE3WvKUXXFB2WgfPUvHTWbCLg5f%2BT%2Bmg7lboGePPAt0xuc94KVGg73WLfYgCVopPR0kdj8avRm8CmkqJ4BTex1jaUMqjuwbElafbCx9Nj3wMcLR9QknOFcavjLOnLZ1WHVHp4e1SyMVqmsBU"}],"group":"cf-nel","max_age":604800}
x-varnish
114000330 113191892
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
content-type
text/css
x-cache-hits
1
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cabin%3A400%2C700%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=1.6
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b115cccf8f40a47e153fbd79f4cb18488f4cc952ccb40881f120e5f21dd39a63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 11:00:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 29 Aug 2022 11:32:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Aug 2022 11:32:16 GMT
min.css
siakapkeli.my/wp-content/themes/gridlove/assets/css/ 		172 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-content/themes/gridlove/assets/css/min.css?ver=1.6
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d02b2816156c0b65f812c399f986ff60c44d1de45efc634ed460e1cffb538315

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
cf-ray
7424f7100c6bb722-AMS
x-cache
HIT
last-modified
Fri, 17 Jul 2020 12:10:04 GMT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FY4VEUNRAeGQ1DGev4fuzew9xHBf159Bv1JMYLBVJhSFQ6Nt1FpZVHuqQ357ZmxMbgHWHu9%2BXH7AOYnotiZhxSS0OsQtIWyg0OG1u0tturTiKeS86knmX4QTyTbmTgua8j%2BVVJqmilNVsGz6"}],"group":"cf-nel","max_age":604800}
x-varnish
113939474 112079511
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
content-type
text/css
x-cache-hits
1
style.css
siakapkeli.my/wp-content/themes/gridlove-child/ 		0
526 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-content/themes/gridlove-child/style.css?ver=1.6
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44
cf-polished
origSize=227
cf-ray
7424f7100c6db722-AMS
x-cache
HIT
last-modified
Fri, 17 Jul 2020 12:10:04 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tYXeAqIrX3p2dzyrPSKWON%2Fn1frwP91Iq9L%2BoKlyg0H8JIhMIhuBUI%2BzNw%2FaYfquBns3UL8JJUnb7BO9AG4WjT8BIdkGcrfxH8R%2Fjo8C7%2Bs3mIs0jyhj8MPgyoMTOedBpHKWTrVqHG%2BlRgd"}],"group":"cf-nel","max_age":604800}
x-varnish
149488875 135239756
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
accept-ranges
bytes
content-type
text/css
x-cache-hits
1
default.min.css
siakapkeli.my/wp-content/plugins/tablepress/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-content/plugins/tablepress/css/default.min.css?ver=1.11
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
96
x-cache
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish
148266103 147014778
last-modified
Fri, 17 Jul 2020 12:10:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNvAQdEgj79vrmK1z0LiNBYP7tsDx9JTATCIsFCU9OO4wmQS9hS60noL0Nym6gsor8LTAuboIZ6y48%2F0c8kvaYAZHXyzciH7%2F8CsHu%2BI%2FGe5AT3F9zsL0n%2BffZdMu4w1iB34o1SbQ%2F4Qe1eB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-ray
7424f7100c6fb722-AMS
x-cache-hits
1
jquery.min.js
siakapkeli.my/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
UPDATING
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
187
x-cache
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish
147518464 147518407
last-modified
Fri, 18 Feb 2022 05:52:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8xffahwCp4LPjSG%2Fu3rLNBeKeLIOy%2F%2FtslqgKioNuoXoxsmAYkKir5PrMs2ssO2kHdLL%2FJVb%2BchUpReMIHu354XXb7QR%2BFpdJ2LzQyJUT0FIjLHbdCoIyPux75o%2FljuWlqov1JzvPoU53%2FG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-ray
7424f7100c71b722-AMS
x-cache-hits
1
jquery-migrate.min.js
siakapkeli.my/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
95
x-cache
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish
149488869 128490581
last-modified
Fri, 18 Feb 2022 05:52:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioPUto0Ky2lrYRMg8SLOPGhz4j8KHzffgoIdtda4NwoLrRxUso01n7ZEGPN0HxZe3WFcFkYZvqKIUyNRzYhl1vTkHTXBD5aZd7fjz08WB%2B1onlt9nJCT0pKoIZLSvr6sNKIFyTTyDsrLuFN1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-ray
7424f7100c72b722-AMS
x-cache-hits
1
main.js
siakapkeli.my/wp-content/plugins/meks-flexible-shortcodes/js/ 		2 KB
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-content/plugins/meks-flexible-shortcodes/js/main.js?ver=1.3.1
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aea339c0379bdf6d66bbcd1f7671373468be82cbae34169aaebda9503ae8ad0f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
cf-polished
origSize=3529
cf-ray
7424f7102c96b722-AMS
x-cache
HIT
last-modified
Fri, 17 Jul 2020 12:10:03 GMT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Sqv8bWjUsbo745aKATpzjrYF4gYbiJo7mB9xv3N2yfTvD%2F%2BdA8lAWX1dEPToVmYstvNv9cMHZgrfOQlJcbyLuXdNch8kbWLFEXJd17NeKse61G%2BiLeii5HlK3Susc0BTpHNNd3BbKRNvMpO"}],"group":"cf-nel","max_age":604800}
x-varnish
478716192 482222558
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
content-type
application/javascript
x-cache-hits
1
jquery.shave.min.js
cdnjs.cloudflare.com/ajax/libs/shave/2.5.2/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/shave/2.5.2/jquery.shave.min.js
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b96809c7445a71d16a77253355bf0849dd747766305640346feda972c466aa93
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
405061
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
615
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:14 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fce-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ik6NU3n%2BWsO0xJEUWhei5i4ja7ZFmiYrhjuizje0ppiySovf6%2BDi218zjrhbM%2BSb%2BDzSEVivrAQ8z6BxjAnqt5%2Fn2WWy%2BAf%2FYPB7fXvm4fh1La7nofU837LfZdTBsUDVQrvGVkOjPoE%2BHupudTzB1Q6c"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7424f7105b8ab7c7-AMS
expires
Sat, 19 Aug 2023 11:32:16 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-62716246-1
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e1517f6fa9990ebfbfb0adf264264c31f14f6cf44ad1dcfcfcfce805c42adbc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42046
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Aug 2022 11:32:16 GMT
js
www.googletagmanager.com/gtag/ 		202 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XYKC64V3NY
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
170b6d52592297bdada87342ee813aba025c271da5c10de96e0d37512f306370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73478
x-xss-protection
0
expires
Mon, 29 Aug 2022 11:32:16 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ac59cc65518803816232b13dec7a4b7ca3be9c37264b6f06f3d4af132dc4670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28542
x-xss-protection
0
server
sffe
etag
"1317 / 873 of 1000 / last-modified: 1661771224"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 29 Aug 2022 11:32:16 GMT
Siakap_Keli_Logo_for_default_use-1.png
sk-bucket.sgp1.cdn.digitaloceanspaces.com/2018/04/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sk-bucket.sgp1.cdn.digitaloceanspaces.com/2018/04/Siakap_Keli_Logo_for_default_use-1.png
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d4b9284a97b56b07179f8876dcb58a12d6d381d67ec0c8eceb650af78d3328a1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
last-modified
Thu, 20 Sep 2018 16:53:58 GMT
age
96
etag
"5a3adb77fa3f5004f0d1214dd18753d5"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1661772736.dop018.am5.t,1661772736.cds247.am5.hn,1661772736.cds270.am5.pr
content-type
image/png
cache-control
max-age=60
x-rgw-object-type
Normal
content-length
18821
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
x-amz-request-id
tx000000000000003be1dd3-00630ca360-2a7c422b-sgp1a
x-amz-meta-mtime
1524643678.49038216
580b57fcd9996e24bc43c545.png
sk-bucket.sgp1.digitaloceanspaces.com/2021/08/03154506/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sk-bucket.sgp1.digitaloceanspaces.com/2021/08/03154506/580b57fcd9996e24bc43c545.png
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.144.208 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
sgp1.digitaloceanspaces.com
Software
/
Resource Hash
1c5508fec8820bbbe6cbcb8a88149a25ce5a80fbfaf362810b7850fa9c3cc3ad
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:31:50 GMT
last-modified
Tue, 03 Aug 2021 07:45:06 GMT
age
25
etag
"86e7bcc50d597bb4105d879626cc30ca"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/png
cache-control
max-age=31536000
x-rgw-object-type
Normal
content-length
7858
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
x-amz-request-id
tx000000000000003be4f4d-00630ca3a6-2a7c315a-sgp1a
expires
Wed, 03 Aug 2022 07:45:06 GMT
css2
fonts.googleapis.com/ 		2 KB
449 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Volkhov:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9cb18ea76b5dbd40e8824323035c63266c389b046c785dfc12451c1043699f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 11:32:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 29 Aug 2022 11:32:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Aug 2022 11:32:16 GMT
css2
fonts.googleapis.com/ 		16 KB
811 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,500;0,562;0,600;0,700;1,400;1,500;1,562;1,600;1,700&display=swap
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9d54849bd13f04e00c62235d9814a7cc4ba3fa644c1b1fc60af868a7f87c8dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 11:32:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 29 Aug 2022 11:32:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Aug 2022 11:32:16 GMT
tolak-sumbangan-jika-tahu-sumber-haram-zahid-hamidi-740x385.jpeg
sk-bucket.sgp1.cdn.digitaloceanspaces.com/2022/08/29185713/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sk-bucket.sgp1.cdn.digitaloceanspaces.com/2022/08/29185713/tolak-sumbangan-jika-tahu-sumber-haram-zahid-hamidi-740x385.jpeg
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f019c9125d6524165823a3f6e41921900a3fbb2d83789d661586f4e156b39a8e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
last-modified
Mon, 29 Aug 2022 10:57:16 GMT
x-amz-request-id
tx000000000000010a0ae77-00630ca18b-2a7a2727-sgp1a
etag
"ac1b95b2d42ef90f74cb3bd8da0bac82"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1661772736.dop018.am5.t,1661772736.cds247.am5.hn,1661772736.cds321.am5.c
content-type
image/jpeg
cache-control
max-age=31536000
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
content-length
33317
ats.js
anymind360.com/js/2939/ 		154 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/2939/ats.js
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4150b55cfb32c46c189135772c9ac2e76f120eb9346168c16e94a0ad165cda1d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
gzip
age
69157
x-guploader-uploadid
ADPycdvI0-EBqIZKZdgqEPQddq_zI50i179EYxzxpT1xma7Ok1P7Pbyujr6Hmv_ndwienOxazHFg031GWiiH-hGr56tMWw
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
strict-transport-security
max-age=300
content-length
34955
x-served-by
cache-tyo11967-TYO, cache-maa10225-MAA
access-control-allow-origin
*
expires
Sun, 28 Aug 2022 16:19:40 GMT
last-modified
Sun, 28 Aug 2022 16:19:40 GMT
server
UploadServer
x-timer
S1661772737.841438,VS0,VE1
etag
"e269f98d26ffe70eb0ee4c8dbd3b0629"
vary
Accept-Encoding
x-goog-hash
crc32c=6GKs5g==, md5=4mn5jSb/5w6w7kyNvTsGKQ==
x-goog-generation
1661703580116613
via
1.1 varnish, 1.1 varnish
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
34955
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-cache-hits
8, 1
top-10-tracker.min.js
siakapkeli.my/wp-content/plugins/top-10/includes/js/ 		286 B
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-content/plugins/top-10/includes/js/top-10-tracker.min.js?ver=1.0
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0a77e495359613dd0f75850a9b9a541f059b6f215c76acddb418bedb7a2cf6b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
135
x-cache
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish
86811092 113613800
last-modified
Fri, 18 Feb 2022 06:02:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGBEOC3AVOTNnBTTwjbyPDxlY9rFBvJPmn%2BF6C9IEmsbI1o6nf3IKxxNeShbTjeWr1NyEJCXtv0uZgd%2BuZwj6EHkWuLQIe3HXfujP3R7cUEmexiJ0J81jBZ2RymI%2Fdjo6SouKaRhlDPvxEPi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-ray
7424f710dfa8b92d-AMS
x-cache-hits
1
imagesloaded.min.js
siakapkeli.my/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
135
x-cache
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish
90639389 113613815
last-modified
Fri, 18 Feb 2022 05:52:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWHYXyXOV%2BNjo2TXTnFwgZkP5GpZRPQBWbHqMyksi2jfJgxjDDWTYGFceQTWGsiPe0Fo3%2BrNakqtC7%2BkTQxS6q9acqboYk4Z8LEihDqY8FyFuwD1N4vLWLjkYaa4wqOrSojs%2BiksyEE9XAtB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-ray
7424f710dfadb92d-AMS
x-cache-hits
1
masonry.min.js
siakapkeli.my/wp-includes/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
135
x-cache
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish
114526714 111454035
last-modified
Fri, 18 Feb 2022 05:52:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lp9do8%2FR0SJ4U9JxvbW5x%2Bm%2FhByC1RYA5mH64m8BiN7HkFEa1QXuXQT%2BA5SuIYGEJGroKD56V9g6EZYneu%2BXbTxvfFqRgtSxKPeU2%2Fip%2BrV2Y9FLafeKfg%2FA%2FUIGenKpi%2B8JLFvK7Peq11LN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-ray
7424f710dfb0b92d-AMS
x-cache-hits
1
jquery.masonry.min.js
siakapkeli.my/wp-includes/js/jquery/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28
x-cache
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish
111454104 114526591
last-modified
Fri, 17 Jul 2020 12:10:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDcJ8sM5%2Fwp1aNk355XlUcPnWc3gY%2FEzPKAoXmzorNSETaGZ2zxMx13VeoZW9wTKtIHH39NqVPid00VGhCp1FRkPIhGt4RBhaxGEKLtT4P%2FaPFysiRj%2BPROLGE2hGKrka0KiLdK3o8GqBfSP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-ray
7424f710dfb4b92d-AMS
x-cache-hits
1
min.js
siakapkeli.my/wp-content/themes/gridlove/assets/js/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-content/themes/gridlove/assets/js/min.js?ver=1.6
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa1a6d4bb65840edc7b4f73e3375396bcb77da51f4993295ae2000ddecfc60d4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
135
cf-polished
origSize=93544
cf-ray
7424f710dfb7b92d-AMS
x-cache
HIT
last-modified
Fri, 17 Jul 2020 12:10:04 GMT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maCjHog6Lw4SS9hxioz0svOvBF%2FDRZdxJfQw%2BFoAopUWGUbXeyT5ewQrbE%2BkEeS5CE9LmhO3Ufop97dP4ESIUJv9ubpZCcrsaKSmxGuU%2FZ53BaE5lZ8fVM%2BrF3ks6E9uPrU%2FohqKswqDyaZZ"}],"group":"cf-nel","max_age":604800}
x-varnish
99289230 112079496
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
content-type
application/javascript
x-cache-hits
1
auto.js
xhr.invl.co/magic/40814/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xhr.invl.co/magic/40814/auto.js
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.118.250 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-118-250.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e55617270594cd6380118c8c85d2bb4af1db5a7cbe998a7cb6bf9dd9059b9d05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
max-age=300, public
vary
Accept-Encoding
x-content-type-options
nosniff
wp-emoji-release.min.js
siakapkeli.my/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43
x-cache
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish
1476723
last-modified
Tue, 16 Aug 2022 01:50:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKjy%2FvtLTVZ1rKBSqiI3j%2F7XFEsRAs%2FpN4n6dAAHjCa8yaPzgTVeP3tFONTuMVGVjgh6kGv%2FWxq9pruqp2TF%2FDDEJ5hLO%2B%2B9WxfpWEkLTBqHUWz4C7BL6Yt86wSEH1%2Ba5PtACAfVo63j3uHb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-ray
7424f710dfbbb92d-AMS
u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v26/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin%3A400%2C700%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=1.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://siakapkeli.my
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 02:58:31 GMT
x-content-type-options
nosniff
age
203625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26100
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 18:41:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Aug 2023 02:58:31 GMT
fontawesome-webfont.woff2
siakapkeli.my/wp-content/themes/gridlove/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-content/themes/gridlove/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/wp-content/themes/gridlove/assets/css/min.css?ver=1.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://siakapkeli.my/wp-content/themes/gridlove/assets/css/min.css?ver=1.6
Origin
https://siakapkeli.my
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Fri, 17 Jul 2020 12:10:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7T9cW3zHVVPLV4wjQF%2BozfBCa4PtLw2jpnJn7pjQQfNfRmibZz0iA87UFKzHNjY%2FX%2FDmK%2BoFhq0UJAZhXqjjiWxDJRliXq0hw7XGn7IISdyA07IDU13NRn7V5xgRmSlfelvhUDsrVwC31LI"}],"group":"cf-nel","max_age":604800}
x-varnish
89189038 107187068
cache-control
public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
accept-ranges
bytes
cf-ray
7424f710dfc1b92d-AMS
x-cache-hits
1
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin%3A400%2C700%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=1.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://siakapkeli.my
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 17:07:14 GMT
x-content-type-options
nosniff
age
498302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Aug 2023 17:07:14 GMT
post.php
www.facebook.com/plugins/ Frame E76B 		73 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1b104d385dba883c61ff7c11eca00ac154430c42f2d62c98de1567b57d2d98e6
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 29 Aug 2022 11:32:16 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
IvlxzKZzSppb06uy6YvnacjTndpbmt3erQCOcV6QNYDI8XgBoYlv7YbAxov2Jz+je3OZQYc45bH5mUbZ3r+niA==
x-fb-rlafr
0
x-xss-protection
0
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin%3A400%2C700%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=1.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://siakapkeli.my
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 17:07:14 GMT
x-content-type-options
nosniff
age
498302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Aug 2023 17:07:14 GMT
6100bc32a9a555bf28e5886a0c28175f
secure.gravatar.com/avatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/6100bc32a9a555bf28e5886a0c28175f?s=24&d=mm&r=g
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6f2a35e0b9b2bb26f81bb61b409639bf7ec48ffa4e203f015a820157fb25b318

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc
HIT ams 3
date
Mon, 29 Aug 2022 11:32:16 GMT
last-modified
Thu, 18 Feb 2021 18:45:18 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="6100bc32a9a555bf28e5886a0c28175f.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/6100bc32a9a555bf28e5886a0c28175f?s=24&d=mm&r=g>; rel="canonical"
content-length
1541
expires
Mon, 29 Aug 2022 11:37:16 GMT
6100bc32a9a555bf28e5886a0c28175f
secure.gravatar.com/avatar/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/6100bc32a9a555bf28e5886a0c28175f?s=100&d=mm&r=g
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f0dfa59d2d5b22de466062abeb088f91bd19db3d070ccf8d7549da7e05749e78

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc
HIT ams 3
date
Mon, 29 Aug 2022 11:32:16 GMT
last-modified
Thu, 18 Feb 2021 18:45:18 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="6100bc32a9a555bf28e5886a0c28175f.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/6100bc32a9a555bf28e5886a0c28175f?s=100&d=mm&r=g>; rel="canonical"
content-length
21108
expires
Mon, 29 Aug 2022 11:37:16 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62716246-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1579
date
Mon, 29 Aug 2022 11:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 29 Aug 2022 13:05:57 GMT
js
www.googletagmanager.com/gtag/ 		202 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XYKC64V3NY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62716246-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8141aa0e1fd2ea4751b1a809f41c2f544b37bcbbe156643aa031fbb76779e1a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73440
x-xss-protection
0
expires
Mon, 29 Aug 2022 11:32:16 GMT
pubads_impl_2022082401.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d4d082fd9cda40cc1f1079818a807a09a53ba012be168ece1995121d7a62892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 09:53:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5909
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132170
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 08:40:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 29 Aug 2023 09:53:47 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		239 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=siakapkeli.my
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e03307e9c4699e6b0c40dea04b81b2fba77aa78eed2b33d314adfebd0c65ddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
expires
Mon, 29 Aug 2022 11:32:16 GMT
collect
region1.google-analytics.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XYKC64V3NY&gtm=2oe8o0&_p=752422900&cid=612483709.1661772736&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661772736&sct=1&seg=0&dl=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&dt=Saya%20Tolak%20Sumbangan%20Jika%20Tahu%20Sumbernya%20Daripada%20Aktiviti%20Haram%20-%20Ahmad%20Zahid&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XYKC64V3NY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=752422900&t=pageview&_s=1&dl=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&ul=en-us&de=UTF-8&dt=Saya%20Tolak%20Sumbangan%20Jika%20Tahu%20Sumbernya%20Daripada%20Aktiviti%20Haram%20-%20Ahmad%20Zahid&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1590891333&gjid=2085705956&cid=612483709.1661772736&tid=UA-62716246-1&_gid=1581468169.1661772736&_r=1&gtm=2ou8o0&z=1978072400
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.nl/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=siakapkeli.my
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=siakapkeli.my
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=184221023648186&correlator=2703358926159831&eid=31068457%2C31069154%2C31069190&output=ldjh&gdfp_req=1&vrg=2022082401&ptt=17&impl=fif&iu_parts=21622890900%3A55909533%2CMY_siakapkeli.my_mb_all_interstitial2_&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=2168921348&sfv=1-0-38&ists=1&fas=8&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1661772736514&lmt=1661772736&dlt=1661772735981&idt=506&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=612483709.1661772736&ga_sid=1661772737&ga_hid=752422900&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c086afdc97ea39653c629050f03b1d3c9fe6713ed42e0cea3b91e8a0a73c736
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
720
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DB81 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 29 Aug 2022 11:32:16 GMT
expires
Tue, 29 Aug 2023 11:32:16 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022082401.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022082401.js?cb=31069154
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
624026baa34887bce2caf6feb629fb5472a4ccdab7fe3e6d9bda4fcaf5a47a22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 11:14:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433050
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13584
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 08:40:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 24 Aug 2023 11:14:46 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-62716246-1&cid=612483709.1661772736&jid=1590891333&gjid=2085705956&_gid=1581468169.1661772736&_u=YADAAUAAAAAAAC~&z=1025187903
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 29 Aug 2022 11:32:16 GMT
content-type
text/plain
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
PU4XElb3dEc.css
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/ Frame E76B 		1 KB
742 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/PU4XElb3dEc.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b45b9497d3293b6ba6b18bdb7222f1981cb5b75fe75a09adc80154f03218440b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4OeDKMfTlSe1DSO+l+whzQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
265
x-fb-rlafr
0
x-fb-debug
esXjeywpWbadvm8mr1xk6qb6trqgzhfICcLxfCxRn3M85gmZGiGPCptLapSm+8QH+YTHKQpSmAC3fJR8SraSmA==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 16 Aug 2023 23:53:28 GMT
FZvi4_0o0uO.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame E76B 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/FZvi4_0o0uO.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
899e3013266131f77f2ae98f1ee2caa78eeffd29d29d7d9466d29109b6007ff1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pe1N5f8lvLMAGpj2ROIzCQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4759
x-fb-rlafr
0
x-fb-debug
vD9qrTIHrT9N88ahE1p/zZBHW544lGA0KDA57Ghem+c313i3Mun1xLTRco7shiwoPpOngrs0zAPvcOhIdakFtg==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1661702184652
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 28 Aug 2023 15:56:24 GMT
sKP2DIMbfWZ.css
static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/ Frame E76B 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/sKP2DIMbfWZ.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a2ce3e0151c7d493420f17d3c06fd94839d414d655838e34c605ff993c4d3cfd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
tPL6RA25qn3cXIlkN2oWkA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5056
x-fb-rlafr
0
x-fb-debug
rT4Qn1RTpJ9BOi5hMIZJahygA6EWAvnYESdjo2DwMlwEEsb9mlVVZl4R86p5A10Q5HMOFBL6GXIwSXWV7m5vkA==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1661702140499
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 28 Aug 2023 15:55:40 GMT
5d4eZbVHxAY.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame E76B 		2 KB
1020 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/5d4eZbVHxAY.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qp62alFG777So/ro/wbkaA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
829
x-fb-rlafr
0
x-fb-debug
kpWko0YZCtHE/uUp8vCZjgI5jB1j9jh4tZXMmo85fm37NzGoR74C3ziCIzK8VF8PPpxo9EhW1w4wbSVrC3fRNA==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 16 Aug 2023 21:59:12 GMT
truncated
/ Frame E76B 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
cR2vth5Ltnv.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame E76B 		321 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/cR2vth5Ltnv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a05bd5b7e6899c60dc8439d383c40d3676cee3182a64719396fddafb5a22cb5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
zw5dzttgXekpJZazVhsQBg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88510
x-fb-rlafr
0
x-fb-debug
lX7xuQpGMSlqve7lbZ5FIQ8YsVPciZE4hkzOdwgHEtBd9JXlrhXu4QepF8IpeE2o36Xy+qSqjKIaIwLdrpYBCQ==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1661560972654
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 27 Aug 2023 00:42:52 GMT
mXu1RunczE9.js
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ Frame E76B 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/mXu1RunczE9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fe4ab65ab82cc6ddedba1303167ee5ff1907b453b65efe73c4bd55e8ea896aea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
YFnykI/HivNtifNyMREW7w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
12179
x-fb-rlafr
0
x-fb-debug
/7dmTK/rXryuulkp1j4v2soHWmohDAnkEwq08HkUQEI1CIjwwd5tjRJWVBlB2r5GMKqmi1fbUE47QjZK5Qet6A==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 16 Aug 2023 03:12:15 GMT
GG1Y0sYc7My.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame E76B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FvCDsjtWXbnS8g0a11kzwQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1657
x-fb-rlafr
0
x-fb-debug
CxBNl6nQQyRLHrR+Uf4rlIR17XISItPHQExZBe+NV15qS/caEIQQc66QB8w+aquO6WSzUDau0ROOL/s4/2Q+vw==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 16 Aug 2023 07:02:45 GMT
Q803oB3qh7E.js
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ Frame E76B 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/Q803oB3qh7E.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
202fd856715c95ea9c24a50ea4596400d512462a291d097ccb9655b4c7e51097
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
UUepECbrCkEUEhitYuLnKg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5331
x-fb-rlafr
0
x-fb-debug
R0biXbdpFUSjtLmDXFL7IxloOv++h5mNwPnBPon5kNiktneaeBd9G1niVkJ0IxeYmzy39lXhEw80OzzjZVlTow==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1661289245382
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 23 Aug 2023 21:14:05 GMT
aNjKFj6YixL.js
static.xx.fbcdn.net/rsrc.php/v3ioBv4/yp/l/nl_NL/ Frame E76B 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ioBv4/yp/l/nl_NL/aNjKFj6YixL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a8bbb47122a9c68f5b98358df4fb5523544174184af43b057c688ceedf16d38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Ua8oP83CJxJmsjf9cnFksg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
8362
x-fb-rlafr
0
x-fb-debug
IO1+LHi3wPKtzW9OK5xQY2LzfjWj0LisWkng06QtRIf6hCOyXsG/hZydIzOSFfZYgfv/AqlQD3ezVs3GrQHwDw==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1661289584614
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 23 Aug 2023 21:19:44 GMT
ifJqquhieUG.js
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame E76B 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ifJqquhieUG.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
85d00a0674f1d793ab72cffa9f5cd6563037f1ce8c9034a6893d11f98b34e329
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
7RCV/D2aTIriTbh0upg7mw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
9049
x-fb-rlafr
0
x-fb-debug
OS8uK7u7w/wffHrug8dv+yD8vRKEXG7HjwyWTP0BQ3N38+QH9fF+CckgHVylDY671O31KNJsSkMIk0i3+4rSDQ==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 19 Aug 2023 18:19:38 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame E76B 		588 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dvWT6EJnf3PNCgYjKHSyww==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
338
x-fb-rlafr
0
x-fb-debug
FT029xzThmLD5qbRsMCn/2Jl0aEApuxH4gXcWgxS5/+EA2tw0BP5thw+a7s+LnKRmk0fSaGMeZne8joPkevWgw==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 16 Aug 2023 23:49:21 GMT
HTPCWBdXyzD.js
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame E76B 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/HTPCWBdXyzD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9188cd7d4776caa997d40ef5a74abf4908e84d55de744605a3b57e248b3d0117
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
sROikPL8JRhmbC/1+yrH7w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
15826
x-fb-rlafr
0
x-fb-debug
MhE8ZDcc0Ht/LiQ+37nodz8F1gC1Aird1UdAeWSZ6aU01aCR49BzVGAvptYlVtderW2GC4zYiiZoIdQRym+FEA==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 16 Aug 2023 05:54:45 GMT
goajNvdCFcB.js
static.xx.fbcdn.net/rsrc.php/v3iOXY4/yz/l/nl_NL/ Frame E76B 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iOXY4/yz/l/nl_NL/goajNvdCFcB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
db5c23bd3cbf5abddb3b4252e3777d9d38eb7cbcef8749da98e0a0a9040120d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
vNlMns2oUNUBFQwnh5RSIA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7930
x-fb-rlafr
0
x-fb-debug
6q7BmCM/8gPmk7vOfi1NMuCJU8vCMnJVyp6nlRz8lqDDxkiB+l6BAy1rYEl/yKCXcB8PWl1DBRIUTDLXzL7riQ==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1661292115270
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 23 Aug 2023 22:01:55 GMT
vHZyEidsmJa.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame E76B 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/vHZyEidsmJa.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c272c6ddd4f70ef6328798da8aaf081a33636682bf89e555bbbd9251e15ddbd4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
paQVkNpN+s8BoMhEWrfosQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5394
x-fb-rlafr
0
x-fb-debug
017zfxQgZSfCVLTPR3Zuuh16tJyZl8Go3B2zPsTEqz1KhmRpzQ07K1t7U8T3/iUe1uzthNCo6hrkQn+NOgQwKw==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1660693836187
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 16 Aug 2023 23:50:36 GMT
oRoYJ5VcosS.js
static.xx.fbcdn.net/rsrc.php/v3i2tE4/yV/l/nl_NL/ Frame E76B 		83 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i2tE4/yV/l/nl_NL/oRoYJ5VcosS.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bdce95953cb206deb3f32cbf2ef8148488d546fc0d17546d765b1ca70ec6e444
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4CGS8SqC/Swg30Fh1R9ncA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
23346
x-fb-rlafr
0
x-fb-debug
QMZ8OLfDu6NK3xj86LmlBeM/P+W4nXdtvul1DJbZ7pl1NjdNZTfSayUoYQYOy7yTuqbIWcpULWOZ2xYut34mSg==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1661469205188
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 25 Aug 2023 23:13:25 GMT
N_MW1kRCyhn.js
static.xx.fbcdn.net/rsrc.php/v3/yR/r/ Frame E76B 		63 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yR/r/N_MW1kRCyhn.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2c78ca1838bdf90ab875f3e92e545069a827fd41f2301e00b570d033f86b1ced
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5COVGhBzwdDYTXoC80J88A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
16587
x-fb-rlafr
0
x-fb-debug
tvRFnKBcHVmPqKDhX+A/CVJgJVALiIiA5sTVLUluqel9ltK3P3ioS87VKefwNaLjChhF2bGWKKTvsPCay9inpg==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 17 Aug 2023 19:18:05 GMT
J5ccfZ0xB_G.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame E76B 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/J5ccfZ0xB_G.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fd064d34f0dcc0443cc49b5f5ce493154c57a3b3b402935bbbe2d75c9599d7d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
k/ZKmOw7RvmEqGASg3CT2w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5749
x-fb-rlafr
0
x-fb-debug
qIwOypy8ZX0BtuAkIFLInDbVT484Y+OvS0KRQ0fS/TBLGL6R8mJtrMKA8ml6+b2rEc8xxG41e4tOHTz266ybBQ==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1661702178390
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 28 Aug 2023 15:56:18 GMT
fv01GgFyHvv.js
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ Frame E76B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/fv01GgFyHvv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f976f171923cc1ae4aad0617193dfca0addd7f4211cee228a0fe2738c120e097
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kOCQv5lL0QyFww6qJAJxfw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1208
x-fb-rlafr
0
x-fb-debug
mbCznC6MRB+XnY/QXzJKFbTW8qKObFzpflHwdL5Q55bCk8Hlq/o8fKCtoy5zkSuqmOd3viodSNxPXpd3028OgQ==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 16 Aug 2023 01:02:44 GMT
udGrGZmnkeP.js
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame E76B 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/udGrGZmnkeP.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
72c0a71edbb9542e13bd1b95045d742d7acee3ce8f78aa51399f61cee7e492fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9/1BV1sP73df0/E1dlv9rg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7224
x-fb-rlafr
0
x-fb-debug
yvrSnT9ITtL0gkVNGi1Q1iqeS1hYndgfeAltpJZpecotRD98DkIKc+qlTvaY6RCe6Z3RC2nB67jF9VPxV9ah3A==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 16 Aug 2023 05:58:20 GMT
11540882_130971333900678_9187159850448648958_n.jpg
scontent-ams2-1.xx.fbcdn.net/v/t1.18169-1/ Frame E76B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams2-1.xx.fbcdn.net/v/t1.18169-1/11540882_130971333900678_9187159850448648958_n.jpg?stp=c0.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=U5Wd7gmC0uQAX-KkIBq&_nc_ht=scontent-ams2-1.xx&edm=AN6CN6oEAAAA&oh=00_AT9QI3SWag4mAB-ZjBfEDsLAY08Qqg2X-ZHjiWbl9WX5uA&oe=6331C334
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
67f773b8165c40ef5268fc3fb8dafcde7d476050dab58d46e288da44c917a69c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-haystack-needlechecksum
1335067522
date
Mon, 29 Aug 2022 11:32:17 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
x-content-cdn-origin-ts
1661285851852
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3335254544
cache-control
max-age=1209600, no-transform
last-modified
Mon, 22 Jun 2015 10:33:30 GMT
cross-origin-resource-policy
cross-origin
x-needle-checksum
1541096985
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
2066
T1oMBrgJQCd.png
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame E76B 		522 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/T1oMBrgJQCd.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
87790b81d9cc99d100bc5996e0f70701a922877b1f7f9afc3146d4b17522b510
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:17 GMT
x-content-type-options
nosniff
content-md5
tPtWff3w3zWgl/bp7P79NA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
522
x-fb-rlafr
0
x-fb-debug
TQhLVZ+tnaLf7wpOQKHzoVNfnqx24U8LQ0wrcjj88xGb1RUQHaexGVH2dMK/cEvimXg9YqtHeLsqPG6OgvBwuA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 16 Aug 2023 05:41:01 GMT
300010389_2183800085284449_7106875098571700525_n.jpg
scontent-ams2-1.xx.fbcdn.net/v/t39.30808-6/ Frame E76B 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams2-1.xx.fbcdn.net/v/t39.30808-6/300010389_2183800085284449_7106875098571700525_n.jpg?stp=dst-jpg_p235x350&_nc_cat=1&ccb=1-7&_nc_sid=8024bb&_nc_ohc=NCVo4gQoBr8AX9PrIUO&_nc_ht=scontent-ams2-1.xx&edm=AN6CN6oEAAAA&oh=00_AT90el4gIEa2lCsoBZpJ_f2uADzgnFeF88B2ItjreM3ESg&oe=6310B42E
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
145a4e4c52c420d17fbe52a2bb7112e297a92b36129c27e75817343dea28fd22

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-haystack-needlechecksum
2977338691
date
Mon, 29 Aug 2022 11:32:17 GMT
content-digest
adler32=3442669234
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
35524
x-fb-trip-id
1679558926
last-modified
Wed, 24 Aug 2022 10:28:07 GMT
cache-control
max-age=1209600, no-transform
x-content-cdn-origin-ts
1661342493679
content-type
image/jpeg
access-control-allow-origin
*
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
x-needle-checksum
53991193
accept-ranges
bytes
timing-allow-origin
*
301172914_2183800331951091_1200291723504172444_n.jpg
scontent-ams2-1.xx.fbcdn.net/v/t39.30808-6/ Frame E76B 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams2-1.xx.fbcdn.net/v/t39.30808-6/301172914_2183800331951091_1200291723504172444_n.jpg?stp=dst-jpg_p235x165&_nc_cat=1&ccb=1-7&_nc_sid=8024bb&_nc_ohc=zNaHpzFs7UsAX8-6dqc&_nc_ht=scontent-ams2-1.xx&edm=AN6CN6oEAAAA&oh=00_AT_DMfLrxE9rMSQkal84fpOZIDsAKOG5-LCzD6CO_E_HWg&oe=6311A826
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f6e4532edf56676eef680bc8e099667bbb926c4bfca1a57e8318b8f83fc58837

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-haystack-needlechecksum
3810368548
date
Mon, 29 Aug 2022 11:32:17 GMT
content-digest
adler32=1346520020
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
12604
x-fb-trip-id
1679558926
last-modified
Wed, 24 Aug 2022 10:28:40 GMT
cache-control
max-age=1209600, no-transform
x-content-cdn-origin-ts
1661342493652
content-type
image/jpeg
access-control-allow-origin
*
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
x-needle-checksum
3612751678
accept-ranges
bytes
timing-allow-origin
*
301252149_2183800785284379_2627750533656889204_n.jpg
scontent-ams2-1.xx.fbcdn.net/v/t39.30808-6/ Frame E76B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams2-1.xx.fbcdn.net/v/t39.30808-6/301252149_2183800785284379_2627750533656889204_n.jpg?stp=dst-jpg_p235x165&_nc_cat=1&ccb=1-7&_nc_sid=8024bb&_nc_ohc=5pgI2A4gZXEAX8Me6m6&_nc_ht=scontent-ams2-1.xx&edm=AN6CN6oEAAAA&oh=00_AT_GBrNFuaU1RBYP9vCL38zgXjbYaAnWtJj_vgm59E2a-Q&oe=6311BE11
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b4600adad31dc74c34a23d15f3deb3e35a40e0588e354289c01b4429865e222d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-haystack-needlechecksum
3541726491
date
Mon, 29 Aug 2022 11:32:17 GMT
content-digest
adler32=316842482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
11846
x-fb-trip-id
1679558926
last-modified
Wed, 24 Aug 2022 10:29:31 GMT
cache-control
max-age=1209600, no-transform
x-content-cdn-origin-ts
1661342493658
content-type
image/jpeg
access-control-allow-origin
*
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
x-needle-checksum
1183798673
accept-ranges
bytes
timing-allow-origin
*
300472906_2183800575284400_6125203833553886544_n.jpg
scontent-ams2-1.xx.fbcdn.net/v/t39.30808-6/ Frame E76B 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams2-1.xx.fbcdn.net/v/t39.30808-6/300472906_2183800575284400_6125203833553886544_n.jpg?stp=dst-jpg_p235x165&_nc_cat=1&ccb=1-7&_nc_sid=8024bb&_nc_ohc=cnFQ885XNLcAX8r-uy8&_nc_ht=scontent-ams2-1.xx&edm=AN6CN6oEAAAA&oh=00_AT9up_AkZN9hKsHkps84JcoDYwctMe3UxhWHseGNI1mXLw&oe=63128E81
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e4d15ff27116f81096ffb8c4d0ee96805cf9fad3c4837847ea7f64ad96dad610

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-haystack-needlechecksum
1504465350
date
Mon, 29 Aug 2022 11:32:17 GMT
content-digest
adler32=4022390276
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
13403
x-fb-trip-id
1679558926
last-modified
Wed, 24 Aug 2022 10:29:07 GMT
cache-control
max-age=1209600, no-transform
x-content-cdn-origin-ts
1661336948759
content-type
image/jpeg
access-control-allow-origin
*
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
x-needle-checksum
3462159287
accept-ranges
bytes
timing-allow-origin
*
L0hsXTmQDMQ.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame E76B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/L0hsXTmQDMQ.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/PU4XElb3dEc.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/PU4XElb3dEc.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:17 GMT
x-content-type-options
nosniff
content-md5
CTfFh11siKPUBP61de0FYg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
2023
x-fb-rlafr
0
x-fb-debug
HHh7Fvkmbc6sZRNvdzZqv9K8kmwlNaoZTTYeft7KrEyKHDF3Goy4zULr+91iqZW1YXtljNT1Ji5duTWoFnfX9w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 16 Aug 2023 06:12:08 GMT
9dn8UIjMf-X.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame E76B 		153 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/9dn8UIjMf-X.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/cR2vth5Ltnv.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
81683dd6e9edf61c6606f28fb7b7261b7b88ea30e286d0a132f63c5ff42a2678
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
iKIO3ujsN50udmYyvgqEUA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
46006
x-fb-rlafr
0
x-fb-debug
4ECxloO8B+QP+OiR8D/AlyCKCAUhljrdD0bDBOmZet4VsyE8EVtTL53W3koiIycVeaOoZUZEasdPexoU2NUdXQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-content-cdn-origin-ts
1661491686336
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 26 Aug 2023 05:28:06 GMT
MDNj1eUK5bV.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame E76B 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/MDNj1eUK5bV.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/cR2vth5Ltnv.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
de196fa938446c7486bcecc14b72919df6f78871a4af22c4f168a2785a0139ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
+krRjR/Db6iONoDCDh0aYQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
10426
x-fb-rlafr
0
x-fb-debug
FdHt1n2yg0SJtpZgPYuO0AqojHK8THP7RJ9++I6a67GFbMqNktlMxuzmQC7TdSxTLnJysni1BCgpP15t7InF+Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Wed, 16 Aug 2023 23:57:33 GMT
1487645_6012475414660_1439393861_n.png
scontent.xx.fbcdn.net/hads-ak-prn2/ Frame E76B 		79 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:17 GMT
x-fb-trip-id
720026100
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/png
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
79
expires
Mon, 29 Aug 2022 11:32:17 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158497/5998/ 		245 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/158497/5998/pwt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/ats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-184-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
815564293529e8a1273e2d86754ea536392b6bfa1e9d98dadd708d3268e30c21

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:17 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 07:28:04 GMT
server
Apache
etag
"17a1e90-3d366-5d092665b0914"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=157147
accept-ranges
bytes
content-type
text/javascript
content-length
77259
expires
Wed, 31 Aug 2022 07:11:24 GMT
smart.js
ced.sascdn.com/tag/2060/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/2060/smart.js
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
36d774c1165ee2038184e44bb698ade39c2341b3ee13045e3fd3de74251ab274

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 11:32:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
32425
Expires
Mon, 29 Aug 2022 11:47:17 GMT
ptag.js
cdn.adbro.me/
Redirect Chain
  • https://tag.adbro.me/tags/ptag.js
  • https://cdn.adbro.me/ptag.js
106 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adbro.me/ptag.js
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Server
2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
91c90926e067942ddf4c93eac3e959a3c49eabf7e59be9ff1e33f645e8b496b7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:17 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2927
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jun 2022 14:06:04 GMT
server
cloudflare
etag
W/"06e3734f88ad81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-polished
origSize=137667
cf-ray
7424f7182e215c9e-FRA
cf-bgj
minify

Redirect headers

date
Mon, 29 Aug 2022 11:32:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://cdn.adbro.me/ptag.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7424f717ddb65c9e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
n9c241vr.js
tag.adbro.me/configs/ 		1 KB
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/configs/n9c241vr.js
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
693942041877e7d0f600685b0b637fc744e8198bd33082d40b476637865fa216

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Aug 2022 11:32:17 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2366
cf-polished
origSize=1441
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Wed, 27 Jul 2022 13:49:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
d53d49b9-c01e-0057-07c3-b1d71b000000
cache-control
max-age=7200
x-ms-version
2009-09-19
cf-ray
7424f717ddb95c9e-FRA
cf-bgj
minify
visits
xhr.invl.co/ 		43 B
899 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xhr.invl.co/visits?aff_id=40814&referrer=&href=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.118.250 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-118-250.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:17 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, private
x-content-type-options
nosniff
x-xss-protection
1; mode=block
invisible.js
siakapkeli.my/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 2456 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661760000
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81ebc5583a657ee756977210741840b379049078684628025c6f98a677076fca

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:17 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfU23uwesznBeYZEVPIUtUoLV2XAybaY5ShIg1fUYqcZZ6yK146zYSwT1xwTZVBoj9MOqwNguf5YVZlxTNugw1DJcf1NISxaPcR4FpFfQbR5MzOiyPads8ptdk%2F%2Bm%2FcsSdlSdof1ZyK6rS9w"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7424f7176aa1b92d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		273 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
admin-ajax.php
siakapkeli.my/wp-admin/ 		1 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-admin/admin-ajax.php
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 29 Aug 2022 11:32:17 GMT
via
1.1 varnish (Varnish/5.2)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
x-cache
MISS
content-type
text/html; charset=UTF-8
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
x-robots-tag
noindex
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FuBlaM3QKMHCOtUaaLqiyDdWXWEuD7RfQTFLk0BOKOQE65woKxBUx%2BruUT%2B2%2FW%2F2Df8M1E2VMmRFEeAK7ho2dkZsyzj0Kra4ISoj86%2B0lwYV%2Bzv%2F7C%2BeUMz71hfnGnu7vm%2BtZJ5k0Igpeis"}],"group":"cf-nel","max_age":604800}
x-varnish
21711379
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7424f7176aaab92d-AMS
expires
Wed, 11 Jan 1984 05:00:00 GMT
pica.js
siakapkeli.my/cdn-cgi/challenge-platform/h/b/scripts/ Frame 2456 		19 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27b69cbd90055b356bd4c1c4432339df600f81af082c649f37eac83629b82141

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:17 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h19ZK7ATUDrIHe5z%2FF0jdfM6PVhzVIM24hWYYGLmbKTKlA0LxEzbWjxLmg90oiNLkPE0%2BwIQQvbSew6655%2B6MnTA1T%2Bh0lmxe26YN8HyuPOZF%2BLMry7ZdjEyNqqp%2Fden%2BAG1hZ6bI4bR2l5e"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7424f717ab10b92d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ac
adnetwork.adasiaholdings.com/ 		22 B
331 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adnetwork.adasiaholdings.com/ac?nwid=2060&siteid=328584&pgid=1362790&fmtid=44269&async=1&visit=m&tmstp=4261840936&tag=sas_44269&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/2060/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.48 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e44c51c44d98e56e70bfdd2a2a9fe73171015812ac7cdb4ce599b66f92b8fde1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:18 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
ac
adnetwork.adasiaholdings.com/ 		22 B
326 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adnetwork.adasiaholdings.com/ac?nwid=2060&siteid=328584&pgid=1415197&fmtid=65749&async=1&visit=s&tmstp=4261840936&tag=sas_65749&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/2060/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.48 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
6cd169caaa5e5045647328ebe3c847acd6f40e0927c58a6a15c8baca72b4f8aa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:18 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
7424f70e3937b722
siakapkeli.my/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 2456 		2 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/cdn-cgi/challenge-platform/h/b/cv/result/7424f70e3937b722
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661760000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Aug 2022 11:32:17 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W25EB5fJ%2F%2FUMguhLGH0HmkTNnSCL%2BhWwFBLVnXauoTVWwuY26BUomCm6fAppGXLMGHbiqXAN5eFuClsmBfEvwU7OOEKzdhFkzGyAHEiODPlsgSGSmKelg%2FipZxWrxsbUfXfGmjsrcqUeYd%2B4"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7424f719deabb92d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
prebid_2022_8_28_16_19_22.js
anymind360.com/js/2939/ 		406 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/ats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
77f198dd7335ff424de288c16a68b57a0bb8061a93566b8359597bacd692b9f9
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:17 GMT
content-encoding
gzip
age
69155
x-guploader-uploadid
ADPycdtCcBxHCtV3GTJ7ol_ddMW6OSV2YG_pdf55heinz4DP5C9yGRUDch10Q_nPHr9sEeiTwjCQ0m3Cjze_M4bTx82E
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
strict-transport-security
max-age=300
content-length
126440
x-served-by
cache-tyo11930-TYO, cache-maa10225-MAA
access-control-allow-origin
*
expires
Sun, 28 Aug 2022 16:19:42 GMT
last-modified
Sun, 28 Aug 2022 16:19:40 GMT
server
UploadServer
x-timer
S1661772738.723576,VS0,VE1
etag
"30148cf8de0ab63d61594bf209268704"
vary
Accept-Encoding
x-goog-hash
crc32c=g3kr/w==, md5=MBSM+N4Ktj1hWUvyCSaHBA==
x-goog-generation
1661703580269715
via
1.1 varnish, 1.1 varnish
access-control-expose-headers
Content-Type
cache-control
max-age=31536000, public
x-goog-stored-content-length
126440
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-cache-hits
30, 1
bz
www.facebook.com/ajax/ Frame E76B 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=0&__dyn=7wKK1ixy1ryUbFp61GwQwAxu13w8CewSwMwfG1-wd-4o3Bw5VCwSxu0OE2WxO0FE2aw7BKdwnU1hotw78wdK0D83mwaS0zE1bE1AE17U2ZwrU2pw&__hs=19233.BP%3Aplugin_default_pkg.2.0.0.0.0&__hsi=7137259556260228722&__req=1&__rev=1006107865&__s=%3A%3A0qtnyo&__sp=1&__user=0&dpr=1&jazoest=21995&lsd=kaG0xRPmYBudtfmXMt2vM8
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/HTPCWBdXyzD.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryKfBeotMKxMupjUGX

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
access-control-allow-methods
OPTIONS
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
KjuOfWg8U1oKTN8/HQIYnIHn5ATfO0g22+kOlG7VAJMhWYpjLIk5MeN2kO5Zpk0uDfgGg82F0gxkBl4WxAvtiA==
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 29 Aug 2022 11:32:18 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=1
access-control-expose-headers
X-FB-Debug, X-Loader-Length
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
420aa7c1d96c4bec5287b97f5de519aed454b232b4fa2253cdab4eb5d081dc27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
30677
x-jsd-version
1.0.1446
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
925
etag
W/"665-3usGrpCWLpQRkfFNGUltCtZyNm8"
x-served-by
cache-fra19161-FRA, cache-maa10242-MAA
x-jsd-version-type
version
date
Mon, 29 Aug 2022 11:32:18 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=18385&adtype=banner&auc=ats-insert_ads-2&w=336&h=280&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.101%20Safari%2F537.36&l=en&dt=1&pid=62196&requestId=2ab6c35a41c6c4&schain=%5Bobject%20Object%5D&bidfloor=0&d=siakapkeli.my&sp=https%253A%252F%252Fsiakapkeli.my%252F2022%252F08%252F29%252Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%252F&usp=&coppa=false&videoContext=
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.39.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-39-162.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://siakapkeli.my
date
Mon, 29 Aug 2022 11:32:18 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=18391&adtype=banner&auc=ats-insert_ads-4&w=336&h=280&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.101%20Safari%2F537.36&l=en&dt=1&pid=62196&requestId=3f2004ae713de8&schain=%5Bobject%20Object%5D&bidfloor=0&d=siakapkeli.my&sp=https%253A%252F%252Fsiakapkeli.my%252F2022%252F08%252F29%252Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%252F&usp=&coppa=false&videoContext=
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.39.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-39-162.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://siakapkeli.my
date
Mon, 29 Aug 2022 11:32:18 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=18389&adtype=banner&auc=ats-insert_ads-5&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.101%20Safari%2F537.36&l=en&dt=1&pid=62196&requestId=495baf199ad44a&schain=%5Bobject%20Object%5D&bidfloor=0&d=siakapkeli.my&sp=https%253A%252F%252Fsiakapkeli.my%252F2022%252F08%252F29%252Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%252F&usp=&coppa=false&videoContext=
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.39.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-39-162.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://siakapkeli.my
date
Mon, 29 Aug 2022 11:32:18 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=18387&adtype=banner&auc=ats-insert_ads-6&w=336&h=280&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.101%20Safari%2F537.36&l=en&dt=1&pid=62196&requestId=564b8ba060465&schain=%5Bobject%20Object%5D&bidfloor=0&d=siakapkeli.my&sp=https%253A%252F%252Fsiakapkeli.my%252F2022%252F08%252F29%252Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%252F&usp=&coppa=false&videoContext=
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.39.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-39-162.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://siakapkeli.my
date
Mon, 29 Aug 2022 11:32:18 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=18386&adtype=banner&auc=ats-overlay_bottom-10&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.101%20Safari%2F537.36&l=en&dt=1&pid=62196&requestId=649313570660ce&schain=%5Bobject%20Object%5D&bidfloor=0&d=siakapkeli.my&sp=https%253A%252F%252Fsiakapkeli.my%252F2022%252F08%252F29%252Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%252F&usp=&coppa=false&videoContext=
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.39.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-39-162.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://siakapkeli.my
date
Mon, 29 Aug 2022 11:32:18 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
auction
tlx.3lift.com/header/ 		19 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.2&referrer=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&tmax=2000
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.55.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-55-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:18 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data
content-type
application/json; charset=utf-8
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
prg-apac.smartadserver.com/prebid/ 		171 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:17 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg-apac.smartadserver.com/prebid/ 		171 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:17 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg-apac.smartadserver.com/prebid/ 		171 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:17 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg-apac.smartadserver.com/prebid/ 		171 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:18 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg-apac.smartadserver.com/prebid/ 		171 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:17 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg-apac.smartadserver.com/prebid/ 		171 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:17 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg-apac.smartadserver.com/prebid/ 		171 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:18 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
/
hb.emxdgt.com/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=2000&ts=1661772738082&src=pbjs
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.113.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-113-209.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://siakapkeli.my
date
Mon, 29 Aug 2022 11:32:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
prebid
prebid.media.net/rtb/ 		32 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU3VM41V
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:18 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		53 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 29 Aug 2022 11:32:18 GMT
X-Proxy-Origin
31.204.150.147; 31.204.150.147; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
dce56d9f-5fc9-457d-9d7f-e3a05fe77d09
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://siakapkeli.my
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.ad.smaato.net/oapi/ 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.72.151.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-151-170.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Aug 2022 11:32:18 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin
https://siakapkeli.my
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
32d8ccc8-746f-cbe2-7252-eb7f576192f9
prebid
prebid.ad.smaato.net/oapi/ 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.72.151.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-151-170.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Aug 2022 11:32:18 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin
https://siakapkeli.my
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
9d53c8fe-30af-1f51-27dd-45546e96c3c1
prebid
prebid.ad.smaato.net/oapi/ 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.72.151.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-151-170.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Aug 2022 11:32:18 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin
https://siakapkeli.my
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
cb23b363-8582-434a-672b-4fca456c671d
prebid
prebid.ad.smaato.net/oapi/ 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.72.151.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-151-170.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Aug 2022 11:32:18 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin
https://siakapkeli.my
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
a8e3a201-fb89-3567-81da-4a61887157a4
prebid
prebid.ad.smaato.net/oapi/ 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.72.151.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-151-170.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Aug 2022 11:32:18 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin
https://siakapkeli.my
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
39a78ff1-b5ff-c42e-003f-db5acd0cc9bf
arj
adasia-d.openx.net/w/1.0/ 		73 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adasia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=42756d7a-d37f-4a57-98bf-67e8036f7884%2C94884738-b82c-4e2a-a388-8d1c186390ee%2Cb4155763-d5d9-4f2c-9cfd-dbb7e5814846%2Cb3d372fe-55fa-4340-af09-af92b882a09a%2Cdeb44847-e966-4753-97cb-54ba8aa43e54&nocache=1661772738089&schain=1.0%2C1!anymanager.io%2C2939%2C1%2C%2C%2C&aus=336x280%2C300x250%2C640x360%7C336x280%2C300x250%2C640x360%7C728x90%7C336x280%2C300x250%2C640x360%7C728x90%2C970x90&divids=ats-insert_ads-2%2Cats-insert_ads-4%2Cats-insert_ads-5%2Cats-insert_ads-6%2Cats-overlay_bottom-10&aucs=%252F21622890900%252C55909533%252FMY_siakapkeli.my_mb_article_mid2long_300x350%252F%252F336x280%2C%252F21622890900%252C55909533%252FMY_siakapkeli.my_res_article_mid2_300x350%252F%252F336x280%2C%252F21622890900%252C55909533%252FMY_siakapkeli.my_res_article_below_title_728x90%252F%252F320x50%2C%252F21622890900%252C55909533%252FMY_siakapkeli.my_pc_article_below_300x250%252F%252F336x280%2C%252F21622890900%252C55909533%252FMY_siakapkeli.my_pc_all_bottom_sticky_728x90&auid=543856578%2C543856582%2C543856583%2C543856584%2C545617869
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9041d8c49a0ec40b63b1607094ac92c06187e3391959074af149ea5c5f209ee0

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:18 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://siakapkeli.my
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://siakapkeli.my
date
Mon, 29 Aug 2022 11:32:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		814 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=302704&zone_id=1941024%3B1941026%3B1941036%3B1941038%3B2114244&size_id=15%3B15%3B2%3B15%3B2&alt_size_ids=10%2C16%3B16%3B43%3B16%3B55&rp_schain=1.0,1!anymanager.io,2939,1,,,&rf=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&tg_i.pbadslot=%2F21622890900%2C55909533%2FMY_siakapkeli.my_mb_article_mid2long_300x350%2F%2F336x280%3B%2F21622890900%2C55909533%2FMY_siakapkeli.my_res_article_mid2_300x350%2F%2F336x280%3B%2F21622890900%2C55909533%2FMY_siakapkeli.my_res_article_below_title_728x90%2F%2F320x50%3B%2F21622890900%2C55909533%2FMY_siakapkeli.my_pc_article_below_300x250%2F%2F336x280%3B%2F21622890900%2C55909533%2FMY_siakapkeli.my_pc_all_bottom_sticky_728x90&tk_flint=pbjs_lite_v6.29.2&x_source.tid=42756d7a-d37f-4a57-98bf-67e8036f7884%3B94884738-b82c-4e2a-a388-8d1c186390ee%3Bb4155763-d5d9-4f2c-9cfd-dbb7e5814846%3Bb3d372fe-55fa-4340-af09-af92b882a09a%3Bdeb44847-e966-4753-97cb-54ba8aa43e54&l_pb_bid_id=58aaa60e33689d6%3B5940e8abc7d19da%3B60798875278d4bc%3B611f00b44cc0ec%3B62dbd1fd7ab21ea&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21622890900%2C55909533%2FMY_siakapkeli.my_mb_article_mid2long_300x350%2F%2F336x280%3B%2F21622890900%2C55909533%2FMY_siakapkeli.my_res_article_mid2_300x350%2F%2F336x280%3B%2F21622890900%2C55909533%2FMY_siakapkeli.my_res_article_below_title_728x90%2F%2F320x50%3B%2F21622890900%2C55909533%2FMY_siakapkeli.my_pc_article_below_300x250%2F%2F336x280%3B%2F21622890900%2C55909533%2FMY_siakapkeli.my_pc_all_bottom_sticky_728x90&slots=5&rand=0.3106185466060729
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c7fa0824f1610582bda428574e4e78c9d295db61644a4e80ce5eaa414566036f

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 29 Aug 2022 11:32:18 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://siakapkeli.my
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
814
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.2&cb=31160422127
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Aug 2022 11:32:18 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://siakapkeli.my
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=485904&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%226509a48ed25034d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.2%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2266c984755ba835a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2221956443220%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2221956443220%22%7D%7D%2C%7B%22w%22%3A640%2C%22h%22%3A360%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%22640x360%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C55909533%2FMY_siakapkeli.my_mb_article_mid2long_300x350%2F%2F336x280%22%2C%22gpid%22%3A%22%2F21622890900%2C55909533%2FMY_siakapkeli.my_mb_article_mid2long_300x350%2F%2F336x280%22%7D%7D%2C%7B%22id%22%3A%22683efa2b24bdeef%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2221883677016%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2221883677016%22%7D%7D%2C%7B%22w%22%3A640%2C%22h%22%3A360%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%22640x360%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C55909533%2FMY_siakapkeli.my_res_article_mid2_300x350%2F%2F336x280%22%2C%22gpid%22%3A%22%2F21622890900%2C55909533%2FMY_siakapkeli.my_res_article_mid2_300x350%2F%2F336x280%22%7D%7D%2C%7B%22id%22%3A%227077b7f84dfb6f7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2222060108620%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C55909533%2FMY_siakapkeli.my_res_article_below_title_728x90%2F%2F320x50%22%2C%22gpid%22%3A%22%2F21622890900%2C55909533%2FMY_siakapkeli.my_res_article_below_title_728x90%2F%2F320x50%22%7D%7D%2C%7B%22id%22%3A%2271cf520baeab672%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2221969928430%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2221969928430%22%7D%7D%2C%7B%22w%22%3A640%2C%22h%22%3A360%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2221969928430%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C55909533%2FMY_siakapkeli.my_pc_article_below_300x250%2F%2F336x280%22%2C%22gpid%22%3A%22%2F21622890900%2C55909533%2FMY_siakapkeli.my_pc_article_below_300x250%2F%2F336x280%22%7D%7D%2C%7B%22id%22%3A%2274df86605174979%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2222375583265%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2222375583265%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C55909533%2FMY_siakapkeli.my_pc_all_bottom_sticky_728x90%22%2C%22gpid%22%3A%22%2F21622890900%2C55909533%2FMY_siakapkeli.my_pc_all_bottom_sticky_728x90%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22anymanager.io%22%2C%22sid%22%3A%222939%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e816e393281d62da2dabe5afa2a1fa84b9305a037904f04546b3d00e17f8ab9

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Aug 2022 11:32:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwwhGJVvZShU%2BSqSWglUyca2Ugs%2BZ5FqkTa5jZ%2Fqu70dMA2ymX0FiVZRC8Ih3wdW4aJ6PetupA5dkK9BqjrgUT8a8dxcZPVYOrQiczk7moUpRWm9Kl%2FvWS2xI96psCs8FUfTqBDQ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7424f71daf4eb770-AMS
expires
0
integrator.js
adservice.google.nl/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=siakapkeli.my
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Aug 2022 11:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=siakapkeli.my
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Aug 2022 11:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		309 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=184221023648186&correlator=3674222015766998&eid=31068457%2C31069154%2C31069190&output=ldjh&gdfp_req=1&vrg=2022082401&ptt=17&impl=fif&iu_parts=55909533%2CSIAKAPKELI_UNIT_STO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=2013099300&sfv=1-0-38&ists=1&fsapi=false&eri=1&cust_params=url%3D%252F2022%252F08%252F29%252Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%252F%26ref%3Dnull&sc=1&cookie=ID%3D32b76a1cd0524d07%3AT%3D1661772736%3AS%3DALNI_MYNVZiUJgtmfuadSgxAkZs0vJdviQ&abxe=1&dt=1661772739217&lmt=1661772739&dlt=1661772735981&idt=506&adxs=0&adys=3264&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=612483709.1661772736&ga_sid=1661772737&ga_hid=752422900&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40db0eac9f4b63e38ed3224be256d302bc29476505422ba19a5920df374305a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		867 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=184221023648186&correlator=3674222015766998&eid=31068457%2C31069154%2C31069190&output=ldjh&gdfp_req=1&vrg=2022082401&ptt=17&impl=fif&iu_parts=21622890900%3A55909533%2CMY_siakapkeli.my_pc_all_bottom_sticky_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=3&adks=2623811611&sfv=1-0-38&fsapi=false&eri=1&cust_params=url%3D%252F2022%252F08%252F29%252Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%252F%26ref%3Dnull&sc=1&cookie=ID%3D32b76a1cd0524d07%3AT%3D1661772736%3AS%3DALNI_MYNVZiUJgtmfuadSgxAkZs0vJdviQ&abxe=1&dt=1661772739222&lmt=1661772739&dlt=1661772735981&idt=506&adxs=0&adys=4&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&frm=20&vis=1&psz=1600x1&msz=728x0&fws=128&ohw=0&psts=AEC3cPIpQ0QADmvnN6ddhofFYpaZoDDgBgb9Y39NmyWf_lG_&ga_vid=612483709.1661772736&ga_sid=1661772737&ga_hid=752422900&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0dc0da1d79307dbaaa34e234f044e906e49cb4b3ccad5bc04afdc3cc8e81383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
386
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=184221023648186&correlator=3674222015766998&eid=31068457%2C31069154%2C31069190&output=ldjh&gdfp_req=1&vrg=2022082401&ptt=17&impl=fif&iu_parts=21622890900%3A55909533%2CMY_siakapkeli.my_res_allsite_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&adks=1271496268&sfv=1-0-38&fsapi=false&eri=1&cust_params=url%3D%252F2022%252F08%252F29%252Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%252F%26ref%3Dnull&sc=1&cookie=ID%3D32b76a1cd0524d07%3AT%3D1661772736%3AS%3DALNI_MYNVZiUJgtmfuadSgxAkZs0vJdviQ&abxe=1&dt=1661772739226&lmt=1661772739&dlt=1661772735981&idt=506&adxs=1600&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=640&ohw=0&psts=AEC3cPIpQ0QADmvnN6ddhofFYpaZoDDgBgb9Y39NmyWf_lG_&ga_vid=612483709.1661772736&ga_sid=1661772737&ga_hid=752422900&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0e50a930ba26959f6ea1a150132131255d537214eb745a0f7d47abab3297537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9592
x-xss-protection
0
google-lineitem-id
5839630797
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138384468288
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=184221023648186&correlator=3674222015766998&eid=31068457%2C31069154%2C31069190&output=ldjh&gdfp_req=1&vrg=2022082401&ptt=17&impl=fif&iu_parts=21622890900%3A55909533%2CMY_siakapkeli.my_pc_article_right_sticky_300x250%2C336x280%2C120x600%2C160x600%2C300x600&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4%2F%2F5&prev_iu_szs=300x250%7C336x280%7C300x600%7C160x600%7C120x600&ifi=5&adks=3069031006&sfv=1-0-38&fsapi=false&eri=1&cust_params=url%3D%252F2022%252F08%252F29%252Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%252F%26ref%3Dnull&sc=1&cookie=ID%3D32b76a1cd0524d07%3AT%3D1661772736%3AS%3DALNI_MYNVZiUJgtmfuadSgxAkZs0vJdviQ&abxe=1&dt=1661772739230&lmt=1661772739&dlt=1661772735981&idt=506&adxs=1035&adys=588&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=128&ohw=0&psts=AEC3cPIpQ0QADmvnN6ddhofFYpaZoDDgBgb9Y39NmyWf_lG_&ga_vid=612483709.1661772736&ga_sid=1661772737&ga_hid=752422900&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd83261bfe235268f3a2ba07af32fbc3128697ba75174d68c97d029204cbd912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9560
x-xss-protection
0
google-lineitem-id
5396780781
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138314615704
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=184221023648186&correlator=3674222015766998&eid=31068457%2C31069154%2C31069190&output=ldjh&gdfp_req=1&vrg=2022082401&ptt=17&impl=fif&iu_parts=21622890900%3A55909533%2CMY_siakapkeli.my_pc_article_below_300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280%7C640x360&ifi=6&adks=4202729990&sfv=1-0-38&fsapi=false&eri=1&cust_params=url%3D%252F2022%252F08%252F29%252Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%252F%26ref%3Dnull&sc=1&cookie=ID%3D32b76a1cd0524d07%3AT%3D1661772736%3AS%3DALNI_MYNVZiUJgtmfuadSgxAkZs0vJdviQ&abxe=1&dt=1661772739235&lmt=1661772739&dlt=1661772735981&idt=506&adxs=325&adys=2808&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&frm=20&vis=1&psz=620x0&msz=300x0&fws=128&ohw=0&psts=AEC3cPIpQ0QADmvnN6ddhofFYpaZoDDgBgb9Y39NmyWf_lG_&ga_vid=612483709.1661772736&ga_sid=1661772737&ga_hid=752422900&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1a54f94514b436a4d9e913a18e241a46e58301a496ea8496fe91b1e20c84e6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
213202
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13938
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
327881
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		878 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=184221023648186&correlator=3674222015766998&eid=31068457%2C31069154%2C31069190&output=ldjh&gdfp_req=1&vrg=2022082401&ptt=17&impl=fif&iu_parts=21622890900%3A55909533%2CMY_siakapkeli.my_res_article_below_title_728x90%2C320x50&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=728x90&ifi=7&adks=3781176306&sfv=1-0-38&fsapi=false&eri=1&cust_params=url%3D%252F2022%252F08%252F29%252Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%252F%26ref%3Dnull&sc=1&cookie=ID%3D32b76a1cd0524d07%3AT%3D1661772736%3AS%3DALNI_MYNVZiUJgtmfuadSgxAkZs0vJdviQ&abxe=1&dt=1661772739242&lmt=1661772739&dlt=1661772735981&idt=506&adxs=265&adys=646&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&frm=20&vis=1&psz=740x0&msz=728x0&fws=128&ohw=0&psts=AEC3cPIpQ0QADmvnN6ddhofFYpaZoDDgBgb9Y39NmyWf_lG_&ga_vid=612483709.1661772736&ga_sid=1661772737&ga_hid=752422900&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ad0e4800287d61b6757e2e5f1929d3c2ea6900cd6b119a91db82a040b0020d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
392
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=184221023648186&correlator=3674222015766998&eid=31068457%2C31069154%2C31069190&output=ldjh&gdfp_req=1&vrg=2022082401&ptt=17&impl=fif&iu_parts=21622890900%3A55909533%2CMY_siakapkeli.my_res_article_mid2_300x350%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280%7C640x360&ifi=8&adks=3876007418&sfv=1-0-38&fsapi=false&eri=1&cust_params=url%3D%252F2022%252F08%252F29%252Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%252F%26ref%3Dnull&sc=1&cookie=ID%3D32b76a1cd0524d07%3AT%3D1661772736%3AS%3DALNI_MYNVZiUJgtmfuadSgxAkZs0vJdviQ&abxe=1&dt=1661772739247&lmt=1661772739&dlt=1661772735981&idt=506&adxs=325&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&frm=20&vis=1&psz=620x0&msz=300x0&fws=128&ohw=0&psts=AEC3cPIpQ0QADmvnN6ddhofFYpaZoDDgBgb9Y39NmyWf_lG_&ga_vid=612483709.1661772736&ga_sid=1661772737&ga_hid=752422900&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c75ffba8a58ef25be5cf6f7e1e6ac9bb55db8f058b93526203b9d97fd445f591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
213202
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14063
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
327881
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		877 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=184221023648186&correlator=3674222015766998&eid=31068457%2C31069154%2C31069190&output=ldjh&gdfp_req=1&vrg=2022082401&ptt=17&impl=fif&iu_parts=21622890900%3A55909533%2CMY_siakapkeli.my_mb_article_mid2long_300x350%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280%7C640x360&ifi=9&adks=3439552650&sfv=1-0-38&fsapi=false&eri=1&cust_params=url%3D%252F2022%252F08%252F29%252Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%252F%26ref%3Dnull&sc=1&cookie=ID%3D32b76a1cd0524d07%3AT%3D1661772736%3AS%3DALNI_MYNVZiUJgtmfuadSgxAkZs0vJdviQ&abxe=1&dt=1661772739252&lmt=1661772739&dlt=1661772735981&idt=506&adxs=325&adys=1592&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&frm=20&vis=1&psz=620x0&msz=300x0&fws=128&ohw=0&psts=AEC3cPIpQ0QADmvnN6ddhofFYpaZoDDgBgb9Y39NmyWf_lG_&ga_vid=612483709.1661772736&ga_sid=1661772737&ga_hid=752422900&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
156a976781b5a5ed81641824f0b66adde9275436ac1872c5233f57c43e3c4612
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
394
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbaa4a1ab66e5872add9c74745b043698d73ad92f01ea04abf1734e4bd611d53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Aug 2022 11:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11205
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 29 Aug 2022 11:32:19 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 04:49:01 GMT
content-encoding
gzip
age
1838598
x-guploader-uploadid
ADPycdtWkiBCXz6L6zzIDfoCDdNPoaYz0BeCPnn3mEspucQtbCparX2D-u6-c8GutLCrj7np1zeNAuYgwkuHdqY8lpmvMg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation
1622140251693895
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 08 Aug 2023 04:49:01 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b47eb2c147c468eb6aa9c3ba546db61b822d6d7be251f41e06aefc0d3c828163
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:19 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 00:22:09 GMT
server
nginx
etag
W/"63041db1-9dbd"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 30 Aug 2022 11:32:19 GMT
pubcid.min.js
id.sharedid.org/lib/ 		732 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.200.17.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-17-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:19 GMT
cache-control
public, max-age=86400
last-modified
Mon, 29 Aug 2022 10:40:13 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
esp.js
cdn.id5-sync.com/api/1.0/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8cd6a935771c335b708ce50bb07ff972f1e8d65185231435365bb0a66062411
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:19 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
2323
x-amz-server-side-encryption
AES256
x-amz-request-id
QX28ZKTZ3A3Y33N3
x-amz-id-2
VgDcQPu9X8x35n41zeRyHmtSidoBs+YvWXZldy93ZFrnNj1INOoNvUPRr/F2V+Q6SS/Jcmpu85s=
last-modified
Tue, 23 Aug 2022 08:57:12 GMT
server
cloudflare
etag
W/"c812189e503819b30a1ac4c9187a58eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7424f7264d12bb32-FRA
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 03:08:31 GMT
content-encoding
gzip
etag
W/"2fa1275c04d6208db458c1ec8559f92d"
last-modified
Tue, 19 Jul 2022 18:12:40 GMT
server
AmazonS3
age
30282
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
rOXKngFPKv8JeoAvIqSnNyXX4qSMvbXyTKinQZP2D5M_AjwJFjzxng==
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.169.211 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-169-211.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:19 GMT
cache-control
public, max-age=86400
last-modified
Tue, 17 May 2022 17:30:07 GMT
accept-ranges
bytes
content-length
4559
vary
accept-encoding
content-type
application/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame AB23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssej5AxYZ4jDCmMSv82pkysmxCCyC6PbznRvlUp36gZ-5rkKh6S4Y22FtW4dh8LI_S39zBVsJG9yn795bCSrnm0u0DPF18sLI_J2a82MWIFJlEMC0udleu7TiPCS_c8TFI8FYPjOftpz5a5yQrdoaZkbzc_AGNgKocITVFG1j8bsqIwMReDp4tyhIulWeDdldFvgwsDB4CmOC-jy1hPCyTghGe5-QUeKW1pbkFi3LOiqHDCqowNgx7wfZ6mVmhQTQEyjEkKi7mCaurLZBeDbJ92ebS4NkdH8g5G-LDSGJqCHaTpcRJ36ZzDx9xDvNjwTeKOVpL1c0WS6Uq_YEpMmt97scmWygcstPM&sai=AMfl-YQ1psjoJrJZnxEYThqPO15RXub7UUuuhWgGnLR-Js7IV7M8zdeC3wokWao-cHnyPvdGXky0tiVfq660nWt0WbKgNcBGAZr2DmChTdM3FXOOI3NS4iQc5U940PzLnA&sig=Cg0ArKJSzOo8TmLmqTHGEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Aug 2022 11:32:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
6032.js
cnt.trvdp.com/js/1273/ Frame AB23 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.trvdp.com/js/1273/6032.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
483a4fdfc56fb9d51ab02fe709b7a4d353005f0662f6833785e1539cf39fee34

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 05:27:11 GMT
content-encoding
br
last-modified
Tue, 15 Mar 2022 08:01:17 GMT
server
AmazonS3
age
14277909
etag
W/"69202691d58122284939cb42ef8286bd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
ElogmC2Yu2qIjQIt8TPlc8YwoRDQ2HwXuQXKjubPemRD_Q7JxBaD1g==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AB23 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 29 Aug 2022 11:32:19 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&rid=esp&cc=1
85 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&rid=esp&cc=1
Protocol
H3
Server
34.120.107.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
23f62d25e778f1cf1220aad8dd2a9155d195e9eeab8d706e3b8dd69533c3b13a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:19 GMT
via
1.1 google
etag
W/"55-ZVU+KgPRkXgILvEf9FonTmBEegw"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://siakapkeli.my
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Mon, 29 Aug 2022 11:32:19 GMT
via
1.1 google
access-control-allow-origin
https://siakapkeli.my
x-powered-by
Express
vary
Origin
location
/esp?url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
syncframe
gum.criteo.com/ Frame CA4E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=siakapkeli.my
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 29 Aug 2022 11:32:19 GMT
server-processing-duration-in-ticks
2298
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A004 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1664
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 29 Aug 2022 11:04:35 GMT
expires
Tue, 29 Aug 2023 11:04:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 921E 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
63d24113f70ea575118a3a4c2ade73b15cc78dfd333d0de0671b1348f807d177
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tiEryZ-YeBKxi4bIa9hFKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-tiEryZ-YeBKxi4bIa9hFKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 29 Aug 2022 11:32:19 GMT
expires
Mon, 29 Aug 2022 11:32:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
map
bcp.crwdcntrl.net/6/ 		20 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.46.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-46-176.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:19 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://siakapkeli.my
expires
0
cache-control
no-cache
x-server
10.45.5.33
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
increment
id5-sync.com/api/esp/ 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://siakapkeli.my
date
Mon, 29 Aug 2022 11:32:19 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security
max-age=63072000; includeSubDomains; preload
truncated
/ Frame AB23 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e97961c8293adfe343529b77e0a25a3035a6c009bc134f5532b473f3180709af

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame AB23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseAl-isdFLKIq5PeyFFC113HKMbF77-DEyNbpmdOb-VYQHhHEj8B6mCqdo8cc4kZIV62QRFMYBcf8KAn3jVcr4G-Jdk4kaL926mY9du95H0TqmGwa4Zv-4k9UkCAWwNi--GGDSEtuoaOOO8kbLHIiiPrmrEGUYV8L1YcLr2LNuZyJRg1Ikgkwy5lQfI-I3Bukxyg_Jk086bTw3f_UTRqjdDP_gc0phz_AB2bWsg-XHb_gf8Eq7RloUiar3FdFBNiI8BJg1Seb8d7eD7NRcliuvBt5FZsd69gXpPw9FkmLUKm7dpWbabJkg0xjJFBHDNnKS7fNMWBUwFV7xyE_Zc8KVJBsSAyRtPp1epA&sai=AMfl-YSB6odFLhveOEmChPkPk6M4chesoUxoJXc_VRXbq7AfLlq2ZrcggBjFYrG0MMpbT_uyhLiqeD3WAhGbwxURHWxM2H_K2a_OPJPs9yiGC8E1nI1AW2R93G27eE8org&sig=Cg0ArKJSzFkhRRrGnn_aEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Aug 2022 11:32:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 29 Aug 2022 11:32:19 GMT
sid
mug.criteo.com/ Frame CA4E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=siakapkeli.my&sn=ChromeSyncframe&so=0&topUrl=siakapkeli.my&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=j_PXBHxsMHdCazI1OWZWVGhJUEV0aW1vUGtTRlBibVJnS3BGL0cydjFNemxEcllvTUo4NnFIQWpma0V0ZitKUDVUa3RZWmZqVXg0cHp5QXBYNWtIS25SNDZaWmY4czZLTXczclEzeTJPQU9PZU5iQS94b0Q2SWN0b20wVT...
425 B
623 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=j_PXBHxsMHdCazI1OWZWVGhJUEV0aW1vUGtTRlBibVJnS3BGL0cydjFNemxEcllvTUo4NnFIQWpma0V0ZitKUDVUa3RZWmZqVXg0cHp5QXBYNWtIS25SNDZaWmY4czZLTXczclEzeTJPQU9PZU5iQS94b0Q2SWN0b20wVTBkNlpOZlZUZm4vRFd1aURkWC9lRWRzTTJZam1vV3Z3VmxaSlpQZnVONXllcXNhYjdRUjhRcndvNHRPbTEzOURnMVNkbFhCd0t4bWZvSi9kN21HUk9sWENNUVdwKzZGUWp0SXpXYmRpdHVqSDBPa20vUnJKYnlHNVF0dlZITDJIclA4cjJQb1ZZY3JzSSttM0t6TVpWQlhUNWZsOGpqZz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
8b9b11a7948d2d5dfedcb0f622b68945cedf9c74611237886ca5a3692b4688d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:19 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4582
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:19 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=j_PXBHxsMHdCazI1OWZWVGhJUEV0aW1vUGtTRlBibVJnS3BGL0cydjFNemxEcllvTUo4NnFIQWpma0V0ZitKUDVUa3RZWmZqVXg0cHp5QXBYNWtIS25SNDZaWmY4czZLTXczclEzeTJPQU9PZU5iQS94b0Q2SWN0b20wVTBkNlpOZlZUZm4vRFd1aURkWC9lRWRzTTJZam1vV3Z3VmxaSlpQZnVONXllcXNhYjdRUjhRcndvNHRPbTEzOURnMVNkbFhCd0t4bWZvSi9kN21HUk9sWENNUVdwKzZGUWp0SXpXYmRpdHVqSDBPa20vUnJKYnlHNVF0dlZITDJIclA4cjJQb1ZZY3JzSSttM0t6TVpWQlhUNWZsOGpqZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1603
content-length
541
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9BF7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5FR-sj8BkyobeTi4uS7jaR7STwL6EYnUX5Vysmu7XY4XNLhm1zQQrbGX2MSRsnz12tlxS6EnI9a5i0UNPj42ldCo1hr9bzqy7SrQSOiZVCvvQ7r6cc7eh6ZYsVaBIbaYbOpzj0g5zV_aa9P1Jjpd_WlMxnUd0k7_bPBrf2rIJkFjEo18XWHspnnJzeExw5VakdJD2Cm5NBpHWDHA7FO_9wyTEfsh4ed-uMudjoWjOmjQh1prqw2QczEjtCB5NKPMDv_SqcX8i6LhxouP3qa7zb8OvSnEHnaJC4e7nOR3S9bcmQoYRDdzB2tQOXuvc7BJ1O4GCfncByWMsdhceI6iIMVbEFLs6C-EJl4La6MdyGwQnJDP7IQx23lV-kZwXyB-gzhSKsWgDRvGXJgAgndQ2pzaYKucDeQ-M&sai=AMfl-YRZpO0w-Kn3y7sE7sDUrmTT4xRZdQ5PVg-gJG8-x-Bu5XC5fFpC5OmkXg6aJVfm6RaCNMlKRSEXDsNs-q6gMdYpCb8ya8AdDl8bjyHCgo6URTC1Lq7pj8kDo4qlKA&sig=Cg0ArKJSzIcWSabg5ki1EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Aug 2022 11:32:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9BF7 		166 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
728f187d0488bda43367a6bee1f3ce789173952ce5d6d0ac663f612189dec182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57581
x-xss-protection
0
server
cafe
etag
1683566300471708137
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 11:32:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9BF7 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 29 Aug 2022 11:32:19 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 921E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082401&jk=184221023648186&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
rid
match.adsrvr.org/track/ 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158497/5998/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8e5bf6072983b026d124a67a0e769c5c3eb591f53a4fc0f97dd2d1bb722649db

Request headers

Referer
https://siakapkeli.my/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Aug 2022 11:32:19 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://siakapkeli.my
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 28 Sep 2022 11:32:19 GMT
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame A004 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 20:25:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
227184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Aug 2023 20:25:55 GMT
truncated
/ Frame 9BF7 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79e87ff58df786f598669762a3135ffe896fbbf19e15e8a0efaebf59aeb30fe7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame A004 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XKeUwg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 2587 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 29 Aug 2022 11:32:19 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/ Frame 9BF7 		343 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6998313219273257&plah=siakapkeli.my&bust=31069108
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c748d1a4678726f8a025454dfded8489d97e9a5269eb10123d1f5b8ab6890e4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123236
x-xss-protection
0
server
cafe
etag
9585807047937876956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 11:32:19 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/ Frame 9BC8 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
5841
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Aug 2022 09:54:59 GMT
etag
8616628553774171045
expires
Mon, 12 Sep 2022 09:54:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0C96 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 29 Aug 2022 11:32:20 GMT
expires
Tue, 29 Aug 2023 11:32:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 30 Aug 2022 11:32:20 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0C96 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CPX7Yw6MMY9zDKO-TjuwPtvG3mAKeoaGuXKH56P6fA8CNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxoAGnypCnA8gBCeACAKgDAaoE5wJP0CH9WpxcE3ewDhDWYGuxZyQMQIIXO3NazZ4Zp3_ITCXYt49JdtgPnDRmWCrB3Xwzft2Y4uhZTCp-a8vydq8ZkNk17eHbry3wPlX8hbu6clQGJSiAlX9ByhdWq1NdMpWFe450TrPQ5WDAVQ5GPplIdU3rOsLYHSYga6cWgSB8vtPubKIVpHo5lCzlwfpU0JtJid1-kJVbQRTantLRwbG2ij2-xVp9grNDwqtBQrdtEs7GFkxI9XuZjPOQ3eEdgwNJ9-k5vr-dUHGGJqY-eT-uwnDa-lMxLyZDreOkV2QdwlkTSYLO8-E3-K-lDl_SoomYm9RV7CXsndSYDjNLIt_Kt8Gk7Irfnt-Nw8nAHsH3SqugMt6GGBsJB2BOp2PTCcAtDZ3Z8CF8-swi6J8tKK54lzUYPrA2L72luwjxLcBwFLrMrvD8Nmbnln_XCsWlZ0yz0NJEYTfu3SNQ_GoJJ6UnrqbPBAru7OAEAYAG3-_98rXGxvkToAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzg3Mjc0ODY0MjE3MDI3MYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MDU4MjkxODU0NDQzODgxGLbXaQ&sigh=floebQxX8ZY&uach_m=[UACH]&cid=CAQSOwCsnQUxsvTP_LkS33XUIJ3BBcHzhwHZm8tGjyoFIYMSPTaDv_-2N786JTFay7W2dLx-Xgj8FKia97bmGAE
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
adfetch
googleads.g.doubleclick.net/pagead/ Frame 3B4C 		123 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MKoDHwCV7WoAMhm0AAIctAA61OYARls0AbFrNAGodTQBm3g0ATl6NAH0ejQBEHs0Aa97NAG8ezQB7Hs0AU58NAGBfDQBgnw0AbB8NAGxfDQB2Hw0AQB9NAEWfTQBGH00AR99NAE4fTQBRH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAY4T2gGvHVwCWB5cAtseXAKy94gCJfuIAnhAqgInQqoCKEKqAg9WqgJchqoC2Y6qAoCbqgKBm6oCgpuqAqKoqgK4sKoC7cCqAqbaqgJV3qoCR-CqAqDlqgIP8aoCBfSqAov0qgKX9KoC9PWqAmL4qgJ8-aoCJvuqAkH7qgIm_6oCPv-qAucBqwKoAqsC9gWrAmsGqwJ-BqsCxAmrAosMqwI8DasChxGrAkYTqwJpE6sC2xarAoUXqwKnF6sCAxmrAmYaqwJ8GqsCgRqrAmIcqwL2HKsClh2rAl0eqwKgHqsCAh-rAsIgqwLHIKsCZiGrAhMiqwIKI6sCDCOrAqwjqwIvJKsCoSSrAoUlqwL-JasCByirAjYoqwJgKKsCcSirAvEoqwL3KasCcCqrAiLtBQPWJhAD9XQkBOyzxQUjrfsSPbX7EnDM-xKv7_sSsfr7Egj9-xJTAPwS5wD8EmYB_BLuAfwS9AH8EmQC_BKZouoUnMscGEBAoxj4VmsaKyL6Qg&awbid_c=AKAmf-D_cLxnNUlNkLQ04SYjZ8uSCGWy9n11e3J2Whyka8VmP7GrakNwQMDeXBQotY8_pXwODzVv3PPENyVVcMG8Tc3S8MNaas0D_XywurqG--yhTQKspSVM8g7dcCGe9OseFsH62Z8rVF5mNs4bjiSrj0QFGbpbFJ7ZzQ-Gi5iaa9F8PuUrpxY&awbid_d=AKAmf-Arejj154C_CxvAVvh51UfYThNuQ7s930AWF_zHjJViRSRXgJ_ylxtQVBENabbkbfxiMKPNv-u4xpoZmnPiNTivOkjb6Ddvd-p0tgWhLZOCzraSSVnFXFGD-TC1EkNzmJkOT6HJ6u4JSy2wqz8TXlCTPa5Npw0DIDT9zN6e-ACVghgLSQQ0skDZsp-WzAqsp_uZwFyZ1EnaBOPJwvkJp4jjeoejIKQn2JPld1N5G9nOnZDq1W0IHoaB6b66rJXLgyJYT7fShAUQszZXVc0nn6xl5BeY7RRUShtjxcSFfD5Iqb6Ex4xEdbUJnAfji6XBp9wWXWOwpETbGH6noUDAp7FN4XLGfHrDk31xWpUvc8c8mpiLlK5j9mhC_gz04v1eXC17JOjm-vizt-N-6Nxks5tNQ6ygeEUj60-h7WL89GiX5LbaTFZUE7NGLuepLJtY2efnD8IDtzoei9QRJ0vNNBmQOYx9rDG9fK6qnlfFb5KRz6afFizBkdwjF0sxjRcNEtqbszQL75wH6vrkJ5bf4GwJ0CGdmtcFyZVIHlDRFTl2DYCPp-35TPkp8KPBw3HeCQEKR3pHVoYZdwUq42WT3yRawXYHU4QiAq3Iqmy3SYHMGxzFx4qiyclbW4nx25nzw1be21Q2lJnKi79T7po36OJc-SzVuX5X1CdPadvN7ow2JjBgJnEu_PATauGHEWl9HAffifwto-AQGIRdyQO_1omObI-dHRNjwv_4XgRJTaNVT8aqL-NnZv5dn7QKLRJL0EG9jg_3yQSUeJeQj3JO_7Xn0BhtkMDG4K9zCFGXf1F8PCkTAp8&cid=CAASBORo9jg&exk=180336296&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjwwAAAACgcZLUuDjYcStin0VT4i1AqQeA8g
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5769109d19889439c30927860fa1ea6aa23b9a2b443bf69dcadb816743a38ce
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKHggu_56_kCFUFo4AodY9gBdA&gqi=xKMMY8SwDKPd7_UPxbOR8Aw&layout=/sadbundle/%24csp%253Der3%24/17621850321678087786/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
43908
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKHggu_56_kCFUFo4AodY9gBdA&gqi=xKMMY8SwDKPd7_UPxbOR8Aw&layout=/sadbundle/%24csp%253Der3%24/17621850321678087786/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Aug 2022 11:32:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame 0C96 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13385bc296bb2dc9cac61d19963d6868de43445187fdb91b6980e892773a1c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3151
x-xss-protection
0
server
cafe
etag
3095951791532391640
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 12:30:23 GMT
v1
a300.casalemedia.com/impression/ Frame 0C96 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a300.casalemedia.com/impression/v1?bidID=230dff5b-61b4-415b-9a2d-93a1d8bd51eb&traceID=cc6a7gqhvr9d38dti8pg&dspID=85&userID=&cmpro=0&deviceType=2&expiryTime=1661773339&ap=YwyjwwAKIdwHg4nvAA34ttBgkdFmf4_6BrJdNw&siteID=341462&creativeID=880b50&pubID=189149&format=banner&channel=site
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.36.212 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Aug 2022 11:32:20 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C96 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-CXnLJX8JrS_GzOUuLYIb7Q74B4AWj9fVcDECNxu0t7wX8K0P8hf3PyB7I48a-3cTCr0xcXjgMSoE8roOmsBThhijnrZg&pr=13:YwyjwwAAAAAu-PlZ41ezKTZ8uEr2lMQGQaNTVg
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 0C96 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
875
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 11:17:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 0C96 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:16:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
971
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 11:16:09 GMT
l
www.google.com/ads/measurement/ Frame 0C96 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQNHM8zdeWrXdtpe4_zSnKDTGeEqbB0-AGHDSC8jEsMkiSMtpHbiJkROZKU8wdCIUW-uiBcz6JHJnswKtYbDy_V2zM-QA
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0C96 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 09:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353603
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 25 Aug 2023 09:18:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0C96 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 29 Aug 2022 11:32:20 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 9BF7 		217 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=siakapkeli.my&callback=_gfp_s_&client=ca-pub-6998313219273257&cookie=ID%3D32b76a1cd0524d07%3AT%3D1661772736%3AS%3DALNI_MYNVZiUJgtmfuadSgxAkZs0vJdviQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6998313219273257&plah=siakapkeli.my&bust=31069108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9523c49b34773652c08493672083c5cc9ddc995b9b73a468d22a54a1efdbddc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
integrator.js
adservice.google.nl/adsid/ Frame 9BF7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=siakapkeli.my
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6998313219273257&plah=siakapkeli.my&bust=31069108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Aug 2022 11:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9BF7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=siakapkeli.my
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6998313219273257&plah=siakapkeli.my&bust=31069108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Aug 2022 11:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3577 		436 B
231 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6998313219273257&output=html&h=200&slotname=8351444450&adk=3785225855&adf=3173046725&pi=t.ma~as.8351444450&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661772739952&bpp=4&bdt=264&idt=237&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&cookie=ID%3D32b76a1cd0524d07%3AT%3D1661772736%3AS%3DALNI_MYNVZiUJgtmfuadSgxAkZs0vJdviQ&correlator=7390313933281&frm=23&ife=4&pv=2&ga_vid=612483709.1661772736&ga_sid=1661772740&ga_hid=1425923184&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=606&biw=1600&bih=1200&isw=300&ish=250&ifk=3063820861&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44768832%2C31069108%2C31060049%2C31068919&oid=2&pvsid=1679003771417929&tmod=1408806778&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.knbiga7xtipi&fsb=1&dtd=251
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6998313219273257&plah=siakapkeli.my&bust=31069108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c717b7d2f4dd07636fa38bf546ea63905199004a8bc89e53ca27cf0f3a19cba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
211
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Aug 2022 11:32:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
usermatch
r.casalemedia.com/ Frame A201
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
  • https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98fe30f382b2b529d1d163539c5a866718b38ddd778b704c8c4e84eeed9da15c

Request headers

Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7424f72c0a37426c-AMS
content-encoding
br
content-type
text/html
date
Mon, 29 Aug 2022 11:32:20 GMT
dropped-udsids
241|39|230|45|11|73|123|152
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Si%2Bigytl3iVc81%2B%2Fq7%2BGuU1rY5PKwTV784xiztbBg%2BxeRk58QIz2pXjM%2BdYgjzmeqcZJWiNQCwD7CWLCv%2FxfI5Wui54tPxzXYZaKC%2FYq19C1%2FFmyHlY2qeC80MW96d%2BYwve"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7424f72afe8db8f7-AMS
content-type
text/html; charset=iso-8859-1
date
Mon, 29 Aug 2022 11:32:20 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5ZJP5UDjekqQmNPczyXoSRRdMIW7EYFpZNJbBr1Bm7BPvThF5Bra02ABZ16wRNsLOL8tEPZZSClG%2Fre8zJizhiiC57KQjyfdTK96CkPcw8ogYQM70thf1MkBsGiFZUy6V2NxC4ytppEGw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AA98 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
75616
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 14:32:04 GMT
etag
48472445140208031
expires
Mon, 29 Aug 2022 14:32:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0C96 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fde7329b15a4d1abee58ed40faf598a3469f02bb17d6889a235657ae84befa2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame AA98
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEKrUO-xSjE3u0lepWd9AWKU&google_cver=1&google_push=AehlK4C2iKvvjmlsW7ABYD6caZDGXEIJ7mN76Lm1R_ncCEatGTWQ4VGHrSSqORrPQygzYR5Zld6g2jhJ5Fh6ENLkYIql-xTJ55Mr
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=90062ED350C34CFABC78B9CE39542BB5&google_push=AehlK4C2iKvvjmlsW7ABYD6caZDGXEIJ7mN76Lm1R_ncCEatGTWQ4VGHrSSqORrPQygzYR5Zld6g2jhJ5Fh6ENL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=90062ED350C34CFABC78B9CE39542BB5&google_push=AehlK4C2iKvvjmlsW7ABYD6caZDGXEIJ7mN76Lm1R_ncCEatGTWQ4VGHrSSqORrPQygzYR5Zld6g2jhJ5Fh6ENLkYIql-xTJ55Mr
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 29 Aug 2022 11:32:20 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=90062ED350C34CFABC78B9CE39542BB5&google_push=AehlK4C2iKvvjmlsW7ABYD6caZDGXEIJ7mN76Lm1R_ncCEatGTWQ4VGHrSSqORrPQygzYR5Zld6g2jhJ5Fh6ENLkYIql-xTJ55Mr
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 28 Aug 2022 11:32:20 GMT
pixel
cm.g.doubleclick.net/ Frame AA98
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEK9MiziXfjMgYmPFuR12NT4&google_cver=1&google_push=AehlK4BceGVCO-SfvscZDA2CtoTa1zPgTFCVg51lMjF5yubsUW92bVnNGO9Ik3K4oWKx6uUB75Cde5l-YDK0AN...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzNzI1OTU3MTY5NDUzMjc1Ng%3D%3D&google_push=AehlK4BceGVCO-SfvscZDA2CtoTa1zPgTFCVg51lMjF5yubsUW92bVnNGO9Ik3K4oWKx6uUB75Cde5l-YDK0ANcUu6...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzNzI1OTU3MTY5NDUzMjc1Ng%3D%3D&google_push=AehlK4BceGVCO-SfvscZDA2CtoTa1zPgTFCVg51lMjF5yubsUW92bVnNGO9Ik3K4oWKx6uUB75Cde5l-YDK0ANcUu66Mw2Cspg8
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzNzI1OTU3MTY5NDUzMjc1Ng%3D%3D&google_push=AehlK4BceGVCO-SfvscZDA2CtoTa1zPgTFCVg51lMjF5yubsUW92bVnNGO9Ik3K4oWKx6uUB75Cde5l-YDK0ANcUu66Mw2Cspg8
Date
Mon, 29 Aug 2022 11:32:20 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame AA98
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKdAS4kiFDZMqmaBr_XRXZ4&google_cver=1&google_push=AehlK4CvB3_cuq4odr2L5NxcUBEUfMYZrxyuVusaLQFcJWrHhGD7GWiSIHd5oDRmQg4IafRE5AKSjjj1...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKdAS4kiFDZMqmaBr_XRXZ4&google_cver=1&google_push=AehlK4CvB3_cuq4odr2L5NxcUBEUfMYZrxyuVusaLQFcJWrHhGD7GWiSIHd5oDRmQg4IafRE5AK...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQyMTQ5MzU1OTMzNzIzNTE0NQ&google_push=AehlK4CvB3_cuq4odr2L5NxcUBEUfMYZrxyuVusaLQFcJWrHhGD7GWiSIHd5oDRmQg4IafRE5AKSjj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQyMTQ5MzU1OTMzNzIzNTE0NQ&google_push=AehlK4CvB3_cuq4odr2L5NxcUBEUfMYZrxyuVusaLQFcJWrHhGD7GWiSIHd5oDRmQg4IafRE5AKSjjj1S9BsIxXTHqc9m6jxTUw
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQyMTQ5MzU1OTMzNzIzNTE0NQ&google_push=AehlK4CvB3_cuq4odr2L5NxcUBEUfMYZrxyuVusaLQFcJWrHhGD7GWiSIHd5oDRmQg4IafRE5AKSjjj1S9BsIxXTHqc9m6jxTUw
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame AA98
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBWGEFj873hnsDoiQYzJcHc&google_cver=1&google_push=AehlK4BfQo75VQ37h0smNeDhF39V4ZiUV9nVS2IOFxoUYV3TlDFnyG7Zc3ZmLPTEBernDOAMSOw8TfVhhmuy...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4BfQo75VQ37h0smNeDhF39V4ZiUV9nVS2IOFxoUYV3TlDFnyG7Zc3ZmLPTEBernDOAMSOw8TfVhhmuywzxiUutjkcTdGBU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4BfQo75VQ37h0smNeDhF39V4ZiUV9nVS2IOFxoUYV3TlDFnyG7Zc3ZmLPTEBernDOAMSOw8TfVhhmuywzxiUutjkcTdGBU
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4BfQo75VQ37h0smNeDhF39V4ZiUV9nVS2IOFxoUYV3TlDFnyG7Zc3ZmLPTEBernDOAMSOw8TfVhhmuywzxiUutjkcTdGBU
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame AA98
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4BdsTV5TQR2gsHJnV85xoS0v-ZuFPx9wGkg0qwVgv-X-cFvmlrF-at9dMwAu2aYzMSVlbUX9t4NUsZeI9wmQMZyOPEuRFo&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-0a0fb0d3-b846-4f35-bc07-8edc7578332e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4BdsTV5TQR2gsHJnV85x...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BdsTV5TQR2gsHJnV85xoS0v-ZuFPx9wGkg0qwVgv-X-cFvmlrF-at9dMwAu2aYzMSVlbUX9t4NUsZeI9wmQMZyOPEuRFo&google_hm=AwoPsNO4Rk81vAeO3HV4My4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BdsTV5TQR2gsHJnV85xoS0v-ZuFPx9wGkg0qwVgv-X-cFvmlrF-at9dMwAu2aYzMSVlbUX9t4NUsZeI9wmQMZyOPEuRFo&google_hm=AwoPsNO4Rk81vAeO3HV4My4
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BdsTV5TQR2gsHJnV85xoS0v-ZuFPx9wGkg0qwVgv-X-cFvmlrF-at9dMwAu2aYzMSVlbUX9t4NUsZeI9wmQMZyOPEuRFo&google_hm=AwoPsNO4Rk81vAeO3HV4My4
date
Mon, 29 Aug 2022 11:32:20 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX0a0fb0d3b8464f35bc078edc7578332e003
content-type
text/html
/
onetag-sys.com/match/ Frame AA98
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBWGEFj873hnsDoiQYzJcHc&google_cver=1&google_push=AehlK4DRtllJyGfx6nSuCgrUJtRKY-9mjy2cIgwT7roUVL0lBlB7igwfT2Ad1sxqZ9_ZGaIVn85KCKqHB6-...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DRtllJyGfx6nSuCgrUJtRKY-9mjy2cIgwT7roUVL0lBlB7igwfT2Ad1sxqZ9_ZGaIVn85KCKqHB6-a3xrFU74JjmClOMkO_A
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame AA98 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECXjWp7cChpQidEdcmdwILw&google_cver=1&google_push=AehlK4CistGDKNd0kxLkLDEWxkiymmAveLbZtI80m0SS2jRVA2_9RRmmOgWuIFP9llTE9I14GpzfZ7OGXT6oRVHn1x1VeCDPGRX_
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.72 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 29 Aug 2022 11:32:20 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame AA98 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13If7sO9rEkcVaDOCSGhpBPF-NKPWABft7DDzuI6YvKU63LqfAzGkf4-hYVz7AJuG2rKb2F0iBg
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/ Frame 9D86 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MKoDHwCV7WoAMhm0AAIctAA61OYARls0AbFrNAGodTQBm3g0ATl6NAH0ejQBEHs0Aa97NAG8ezQB7Hs0AU58NAGBfDQBgnw0AbB8NAGxfDQB2Hw0AQB9NAEWfTQBGH00AR99NAE4fTQBRH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAY4T2gGvHVwCWB5cAtseXAKy94gCJfuIAnhAqgInQqoCKEKqAg9WqgJchqoC2Y6qAoCbqgKBm6oCgpuqAqKoqgK4sKoC7cCqAqbaqgJV3qoCR-CqAqDlqgIP8aoCBfSqAov0qgKX9KoC9PWqAmL4qgJ8-aoCJvuqAkH7qgIm_6oCPv-qAucBqwKoAqsC9gWrAmsGqwJ-BqsCxAmrAosMqwI8DasChxGrAkYTqwJpE6sC2xarAoUXqwKnF6sCAxmrAmYaqwJ8GqsCgRqrAmIcqwL2HKsClh2rAl0eqwKgHqsCAh-rAsIgqwLHIKsCZiGrAhMiqwIKI6sCDCOrAqwjqwIvJKsCoSSrAoUlqwL-JasCByirAjYoqwJgKKsCcSirAvEoqwL3KasCcCqrAiLtBQPWJhAD9XQkBOyzxQUjrfsSPbX7EnDM-xKv7_sSsfr7Egj9-xJTAPwS5wD8EmYB_BLuAfwS9AH8EmQC_BKZouoUnMscGEBAoxj4VmsaKyL6Qg&awbid_c=AKAmf-D_cLxnNUlNkLQ04SYjZ8uSCGWy9n11e3J2Whyka8VmP7GrakNwQMDeXBQotY8_pXwODzVv3PPENyVVcMG8Tc3S8MNaas0D_XywurqG--yhTQKspSVM8g7dcCGe9OseFsH62Z8rVF5mNs4bjiSrj0QFGbpbFJ7ZzQ-Gi5iaa9F8PuUrpxY&awbid_d=AKAmf-Arejj154C_CxvAVvh51UfYThNuQ7s930AWF_zHjJViRSRXgJ_ylxtQVBENabbkbfxiMKPNv-u4xpoZmnPiNTivOkjb6Ddvd-p0tgWhLZOCzraSSVnFXFGD-TC1EkNzmJkOT6HJ6u4JSy2wqz8TXlCTPa5Npw0DIDT9zN6e-ACVghgLSQQ0skDZsp-WzAqsp_uZwFyZ1EnaBOPJwvkJp4jjeoejIKQn2JPld1N5G9nOnZDq1W0IHoaB6b66rJXLgyJYT7fShAUQszZXVc0nn6xl5BeY7RRUShtjxcSFfD5Iqb6Ex4xEdbUJnAfji6XBp9wWXWOwpETbGH6noUDAp7FN4XLGfHrDk31xWpUvc8c8mpiLlK5j9mhC_gz04v1eXC17JOjm-vizt-N-6Nxks5tNQ6ygeEUj60-h7WL89GiX5LbaTFZUE7NGLuepLJtY2efnD8IDtzoei9QRJ0vNNBmQOYx9rDG9fK6qnlfFb5KRz6afFizBkdwjF0sxjRcNEtqbszQL75wH6vrkJ5bf4GwJ0CGdmtcFyZVIHlDRFTl2DYCPp-35TPkp8KPBw3HeCQEKR3pHVoYZdwUq42WT3yRawXYHU4QiAq3Iqmy3SYHMGxzFx4qiyclbW4nx25nzw1be21Q2lJnKi79T7po36OJc-SzVuX5X1CdPadvN7ow2JjBgJnEu_PATauGHEWl9HAffifwto-AQGIRdyQO_1omObI-dHRNjwv_4XgRJTaNVT8aqL-NnZv5dn7QKLRJL0EG9jg_3yQSUeJeQj3JO_7Xn0BhtkMDG4K9zCFGXf1F8PCkTAp8&cid=CAASBORo9jg&exk=180336296&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjwwAAAACgcZLUuDjYcStin0VT4i1AqQeA8g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12920bb26cb0b7714c05bd4996b30d5991d5878e4daa8718a278ba37e3a0cc7c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
136474
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3957
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 21:37:46 GMT
expires
Sun, 27 Aug 2023 21:37:46 GMT
last-modified
Fri, 29 Jul 2022 11:24:08 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 3B4C 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CYk13w6MMY4qAMMXc7gPotZrIDdvFx_1rzN_-24cQg7f0_QgQASC35YQhYJGEoIWMGKABq9rYuwLIAQmpAlSpVcL8t7A-qAMByANIqgS6Ak_QQWYUtAByxX9hOQJ8Vsx6qpAjNCjmTZKk0Q49Zz7cWCEGmjyH6pRmIlrjgQNkaoYwT2B3rYhrafOmE952tdHmpLxrHcH7UViDy7H2AkABDnqRzs95of7VmfIFtBmvhaoYYuwJYFDzf61rnNMjGDQBcMV6GFMFRcOBb4F0fp8Jjt3JVQkLrw0TDzOaR34E8hxOQHqCSAwOdUbJfjz3aKXx8HhWJWeayWaROryuuUtm_Za1WhcuRh3a6gPmq-ewK8diimac9zICDMosabvR6_0ovZ4M4bCe_P3kw4jfWhAd2qzloe8KujeyIVPV8PYkNWtfS7xBJIHA-EFuHJlODysDQ_FEmH60yj5Cadj84Ke75CFbw1eYcERjDDOzYFoHyY3vDDQhBEOgWAFRw1NJTHoKY4SGmPmfw_hLwATI3pisiwSSBQQIBBgBkgUECAUYBKAGLoAHvaWnxAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHANIIEQiA4YAQEAEYADICqgI6AoBA8ggNYmlkZGVyLTM0MTQ2MoAKBMgLAdgTDdAVAYAXAbIXCAoGCAASABgA&sigh=lFhuCGaV-GM&uach_m=[UACH]&pr=13:YwyjwwAAAACgcZLUuDjYcStin0VT4i1AqQeA8g&template_id=419&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MKoDHwCV7WoAMhm0AAIctAA61OYARls0AbFrNAGodTQBm3g0ATl6NAH0ejQBEHs0Aa97NAG8ezQB7Hs0AU58NAGBfDQBgnw0AbB8NAGxfDQB2Hw0AQB9NAEWfTQBGH00AR99NAE4fTQBRH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAY4T2gGvHVwCWB5cAtseXAKy94gCJfuIAnhAqgInQqoCKEKqAg9WqgJchqoC2Y6qAoCbqgKBm6oCgpuqAqKoqgK4sKoC7cCqAqbaqgJV3qoCR-CqAqDlqgIP8aoCBfSqAov0qgKX9KoC9PWqAmL4qgJ8-aoCJvuqAkH7qgIm_6oCPv-qAucBqwKoAqsC9gWrAmsGqwJ-BqsCxAmrAosMqwI8DasChxGrAkYTqwJpE6sC2xarAoUXqwKnF6sCAxmrAmYaqwJ8GqsCgRqrAmIcqwL2HKsClh2rAl0eqwKgHqsCAh-rAsIgqwLHIKsCZiGrAhMiqwIKI6sCDCOrAqwjqwIvJKsCoSSrAoUlqwL-JasCByirAjYoqwJgKKsCcSirAvEoqwL3KasCcCqrAiLtBQPWJhAD9XQkBOyzxQUjrfsSPbX7EnDM-xKv7_sSsfr7Egj9-xJTAPwS5wD8EmYB_BLuAfwS9AH8EmQC_BKZouoUnMscGEBAoxj4VmsaKyL6Qg&awbid_c=AKAmf-D_cLxnNUlNkLQ04SYjZ8uSCGWy9n11e3J2Whyka8VmP7GrakNwQMDeXBQotY8_pXwODzVv3PPENyVVcMG8Tc3S8MNaas0D_XywurqG--yhTQKspSVM8g7dcCGe9OseFsH62Z8rVF5mNs4bjiSrj0QFGbpbFJ7ZzQ-Gi5iaa9F8PuUrpxY&awbid_d=AKAmf-Arejj154C_CxvAVvh51UfYThNuQ7s930AWF_zHjJViRSRXgJ_ylxtQVBENabbkbfxiMKPNv-u4xpoZmnPiNTivOkjb6Ddvd-p0tgWhLZOCzraSSVnFXFGD-TC1EkNzmJkOT6HJ6u4JSy2wqz8TXlCTPa5Npw0DIDT9zN6e-ACVghgLSQQ0skDZsp-WzAqsp_uZwFyZ1EnaBOPJwvkJp4jjeoejIKQn2JPld1N5G9nOnZDq1W0IHoaB6b66rJXLgyJYT7fShAUQszZXVc0nn6xl5BeY7RRUShtjxcSFfD5Iqb6Ex4xEdbUJnAfji6XBp9wWXWOwpETbGH6noUDAp7FN4XLGfHrDk31xWpUvc8c8mpiLlK5j9mhC_gz04v1eXC17JOjm-vizt-N-6Nxks5tNQ6ygeEUj60-h7WL89GiX5LbaTFZUE7NGLuepLJtY2efnD8IDtzoei9QRJ0vNNBmQOYx9rDG9fK6qnlfFb5KRz6afFizBkdwjF0sxjRcNEtqbszQL75wH6vrkJ5bf4GwJ0CGdmtcFyZVIHlDRFTl2DYCPp-35TPkp8KPBw3HeCQEKR3pHVoYZdwUq42WT3yRawXYHU4QiAq3Iqmy3SYHMGxzFx4qiyclbW4nx25nzw1be21Q2lJnKi79T7po36OJc-SzVuX5X1CdPadvN7ow2JjBgJnEu_PATauGHEWl9HAffifwto-AQGIRdyQO_1omObI-dHRNjwv_4XgRJTaNVT8aqL-NnZv5dn7QKLRJL0EG9jg_3yQSUeJeQj3JO_7Xn0BhtkMDG4K9zCFGXf1F8PCkTAp8&cid=CAASBORo9jg&exk=180336296&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjwwAAAACgcZLUuDjYcStin0VT4i1AqQeA8g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MKoDHwCV7WoAMhm0AAIctAA61OYARls0AbFrNAGodTQBm3g0ATl6NAH0ejQBEHs0Aa97NAG8ezQB7Hs0AU58NAGBfDQBgnw0AbB8NAGxfDQB2Hw0AQB9NAEWfTQBGH00AR99NAE4fTQBRH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAY4T2gGvHVwCWB5cAtseXAKy94gCJfuIAnhAqgInQqoCKEKqAg9WqgJchqoC2Y6qAoCbqgKBm6oCgpuqAqKoqgK4sKoC7cCqAqbaqgJV3qoCR-CqAqDlqgIP8aoCBfSqAov0qgKX9KoC9PWqAmL4qgJ8-aoCJvuqAkH7qgIm_6oCPv-qAucBqwKoAqsC9gWrAmsGqwJ-BqsCxAmrAosMqwI8DasChxGrAkYTqwJpE6sC2xarAoUXqwKnF6sCAxmrAmYaqwJ8GqsCgRqrAmIcqwL2HKsClh2rAl0eqwKgHqsCAh-rAsIgqwLHIKsCZiGrAhMiqwIKI6sCDCOrAqwjqwIvJKsCoSSrAoUlqwL-JasCByirAjYoqwJgKKsCcSirAvEoqwL3KasCcCqrAiLtBQPWJhAD9XQkBOyzxQUjrfsSPbX7EnDM-xKv7_sSsfr7Egj9-xJTAPwS5wD8EmYB_BLuAfwS9AH8EmQC_BKZouoUnMscGEBAoxj4VmsaKyL6Qg&awbid_c=AKAmf-D_cLxnNUlNkLQ04SYjZ8uSCGWy9n11e3J2Whyka8VmP7GrakNwQMDeXBQotY8_pXwODzVv3PPENyVVcMG8Tc3S8MNaas0D_XywurqG--yhTQKspSVM8g7dcCGe9OseFsH62Z8rVF5mNs4bjiSrj0QFGbpbFJ7ZzQ-Gi5iaa9F8PuUrpxY&awbid_d=AKAmf-Arejj154C_CxvAVvh51UfYThNuQ7s930AWF_zHjJViRSRXgJ_ylxtQVBENabbkbfxiMKPNv-u4xpoZmnPiNTivOkjb6Ddvd-p0tgWhLZOCzraSSVnFXFGD-TC1EkNzmJkOT6HJ6u4JSy2wqz8TXlCTPa5Npw0DIDT9zN6e-ACVghgLSQQ0skDZsp-WzAqsp_uZwFyZ1EnaBOPJwvkJp4jjeoejIKQn2JPld1N5G9nOnZDq1W0IHoaB6b66rJXLgyJYT7fShAUQszZXVc0nn6xl5BeY7RRUShtjxcSFfD5Iqb6Ex4xEdbUJnAfji6XBp9wWXWOwpETbGH6noUDAp7FN4XLGfHrDk31xWpUvc8c8mpiLlK5j9mhC_gz04v1eXC17JOjm-vizt-N-6Nxks5tNQ6ygeEUj60-h7WL89GiX5LbaTFZUE7NGLuepLJtY2efnD8IDtzoei9QRJ0vNNBmQOYx9rDG9fK6qnlfFb5KRz6afFizBkdwjF0sxjRcNEtqbszQL75wH6vrkJ5bf4GwJ0CGdmtcFyZVIHlDRFTl2DYCPp-35TPkp8KPBw3HeCQEKR3pHVoYZdwUq42WT3yRawXYHU4QiAq3Iqmy3SYHMGxzFx4qiyclbW4nx25nzw1be21Q2lJnKi79T7po36OJc-SzVuX5X1CdPadvN7ow2JjBgJnEu_PATauGHEWl9HAffifwto-AQGIRdyQO_1omObI-dHRNjwv_4XgRJTaNVT8aqL-NnZv5dn7QKLRJL0EG9jg_3yQSUeJeQj3JO_7Xn0BhtkMDG4K9zCFGXf1F8PCkTAp8&cid=CAASBORo9jg&exk=180336296&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjwwAAAACgcZLUuDjYcStin0VT4i1AqQeA8g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 29 Aug 2022 11:32:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 3B4C 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MKoDHwCV7WoAMhm0AAIctAA61OYARls0AbFrNAGodTQBm3g0ATl6NAH0ejQBEHs0Aa97NAG8ezQB7Hs0AU58NAGBfDQBgnw0AbB8NAGxfDQB2Hw0AQB9NAEWfTQBGH00AR99NAE4fTQBRH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAY4T2gGvHVwCWB5cAtseXAKy94gCJfuIAnhAqgInQqoCKEKqAg9WqgJchqoC2Y6qAoCbqgKBm6oCgpuqAqKoqgK4sKoC7cCqAqbaqgJV3qoCR-CqAqDlqgIP8aoCBfSqAov0qgKX9KoC9PWqAmL4qgJ8-aoCJvuqAkH7qgIm_6oCPv-qAucBqwKoAqsC9gWrAmsGqwJ-BqsCxAmrAosMqwI8DasChxGrAkYTqwJpE6sC2xarAoUXqwKnF6sCAxmrAmYaqwJ8GqsCgRqrAmIcqwL2HKsClh2rAl0eqwKgHqsCAh-rAsIgqwLHIKsCZiGrAhMiqwIKI6sCDCOrAqwjqwIvJKsCoSSrAoUlqwL-JasCByirAjYoqwJgKKsCcSirAvEoqwL3KasCcCqrAiLtBQPWJhAD9XQkBOyzxQUjrfsSPbX7EnDM-xKv7_sSsfr7Egj9-xJTAPwS5wD8EmYB_BLuAfwS9AH8EmQC_BKZouoUnMscGEBAoxj4VmsaKyL6Qg&awbid_c=AKAmf-D_cLxnNUlNkLQ04SYjZ8uSCGWy9n11e3J2Whyka8VmP7GrakNwQMDeXBQotY8_pXwODzVv3PPENyVVcMG8Tc3S8MNaas0D_XywurqG--yhTQKspSVM8g7dcCGe9OseFsH62Z8rVF5mNs4bjiSrj0QFGbpbFJ7ZzQ-Gi5iaa9F8PuUrpxY&awbid_d=AKAmf-Arejj154C_CxvAVvh51UfYThNuQ7s930AWF_zHjJViRSRXgJ_ylxtQVBENabbkbfxiMKPNv-u4xpoZmnPiNTivOkjb6Ddvd-p0tgWhLZOCzraSSVnFXFGD-TC1EkNzmJkOT6HJ6u4JSy2wqz8TXlCTPa5Npw0DIDT9zN6e-ACVghgLSQQ0skDZsp-WzAqsp_uZwFyZ1EnaBOPJwvkJp4jjeoejIKQn2JPld1N5G9nOnZDq1W0IHoaB6b66rJXLgyJYT7fShAUQszZXVc0nn6xl5BeY7RRUShtjxcSFfD5Iqb6Ex4xEdbUJnAfji6XBp9wWXWOwpETbGH6noUDAp7FN4XLGfHrDk31xWpUvc8c8mpiLlK5j9mhC_gz04v1eXC17JOjm-vizt-N-6Nxks5tNQ6ygeEUj60-h7WL89GiX5LbaTFZUE7NGLuepLJtY2efnD8IDtzoei9QRJ0vNNBmQOYx9rDG9fK6qnlfFb5KRz6afFizBkdwjF0sxjRcNEtqbszQL75wH6vrkJ5bf4GwJ0CGdmtcFyZVIHlDRFTl2DYCPp-35TPkp8KPBw3HeCQEKR3pHVoYZdwUq42WT3yRawXYHU4QiAq3Iqmy3SYHMGxzFx4qiyclbW4nx25nzw1be21Q2lJnKi79T7po36OJc-SzVuX5X1CdPadvN7ow2JjBgJnEu_PATauGHEWl9HAffifwto-AQGIRdyQO_1omObI-dHRNjwv_4XgRJTaNVT8aqL-NnZv5dn7QKLRJL0EG9jg_3yQSUeJeQj3JO_7Xn0BhtkMDG4K9zCFGXf1F8PCkTAp8&cid=CAASBORo9jg&exk=180336296&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjwwAAAACgcZLUuDjYcStin0VT4i1AqQeA8g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:13:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 11:13:47 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 9D86 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 13:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 29 Aug 2022 13:42:57 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9D86 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 05:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22991
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 30 Aug 2022 05:09:09 GMT
c4a44e818f05de04acb36686c132ba43.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/ Frame 9D86 		91 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/c4a44e818f05de04acb36686c132ba43.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92ac78bb63f8fe3d36033c918b8a027e1bb3f2a285739a6c8b4b2c363179a8a9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
136473
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26161
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 11:24:08 GMT
server
sffe
date
Sat, 27 Aug 2022 21:37:47 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 27 Aug 2023 21:37:47 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9BF7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWXVGbMmc_O3y8_XX1j2DcXoTAtrLLRcGfThb9HhahCkZMLjCKI_paUQv0pioxx0yOxD22eYh69dcoRTTk1dy9R1Bbr84xKOwqIGTra7P6BEzteEFcPdYO9Lob_MLtSGs5I8nMyOLS_pFSP7NZRZMgWDT5FS_Q1IV2UMASxo0-TfzEJYOAG5Awx7ddhXvV-tpGx5xDfM2OJDHROvnj18Z626imTNE4DLPVyv5sVWkEzKnVF1dlad_L5Nl-aR8iPdPszGIBFgHbEB3-7MQs9fdMFr6x_jHSaLu3fDZmcHs9b2qXhJLGQzw-NtLn3rxQX96e97jmN3egyW6xaD9dlXCwegEDz_lC2YZ4afJJo0wOeGu4_wmpomuK-p-SxXJHUtuBhW-0eyIapwUgvPZ2W8cvrHE_xy4tUCvQ0R0&sai=AMfl-YRxMCjQic99GwaMismJ1TK2hfQFxSspTimKAZZyaOSqg5t_NcGmfCfRz79F1xP9MYhMJOy1oANT8vZBzauNqHt57q19OdCRlbVhkyJbrfiyhr7uiZL3T7piZ9g1DA&sig=Cg0ArKJSzOz-d6-Wyi9AEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Aug 2022 11:32:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 29 Aug 2022 11:32:20 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9BF7 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6998313219273257&plah=siakapkeli.my&bust=31069108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ae51db89330e3d61d87364e57c605b15f457b5e7a13888ca8309f5cf0052d4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Aug 2022 11:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11039
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame A190 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MKoDHwCV7WoAMhm0AAIctAA61OYARls0AbFrNAGodTQBm3g0ATl6NAH0ejQBEHs0Aa97NAG8ezQB7Hs0AU58NAGBfDQBgnw0AbB8NAGxfDQB2Hw0AQB9NAEWfTQBGH00AR99NAE4fTQBRH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAY4T2gGvHVwCWB5cAtseXAKy94gCJfuIAnhAqgInQqoCKEKqAg9WqgJchqoC2Y6qAoCbqgKBm6oCgpuqAqKoqgK4sKoC7cCqAqbaqgJV3qoCR-CqAqDlqgIP8aoCBfSqAov0qgKX9KoC9PWqAmL4qgJ8-aoCJvuqAkH7qgIm_6oCPv-qAucBqwKoAqsC9gWrAmsGqwJ-BqsCxAmrAosMqwI8DasChxGrAkYTqwJpE6sC2xarAoUXqwKnF6sCAxmrAmYaqwJ8GqsCgRqrAmIcqwL2HKsClh2rAl0eqwKgHqsCAh-rAsIgqwLHIKsCZiGrAhMiqwIKI6sCDCOrAqwjqwIvJKsCoSSrAoUlqwL-JasCByirAjYoqwJgKKsCcSirAvEoqwL3KasCcCqrAiLtBQPWJhAD9XQkBOyzxQUjrfsSPbX7EnDM-xKv7_sSsfr7Egj9-xJTAPwS5wD8EmYB_BLuAfwS9AH8EmQC_BKZouoUnMscGEBAoxj4VmsaKyL6Qg&awbid_c=AKAmf-D_cLxnNUlNkLQ04SYjZ8uSCGWy9n11e3J2Whyka8VmP7GrakNwQMDeXBQotY8_pXwODzVv3PPENyVVcMG8Tc3S8MNaas0D_XywurqG--yhTQKspSVM8g7dcCGe9OseFsH62Z8rVF5mNs4bjiSrj0QFGbpbFJ7ZzQ-Gi5iaa9F8PuUrpxY&awbid_d=AKAmf-Arejj154C_CxvAVvh51UfYThNuQ7s930AWF_zHjJViRSRXgJ_ylxtQVBENabbkbfxiMKPNv-u4xpoZmnPiNTivOkjb6Ddvd-p0tgWhLZOCzraSSVnFXFGD-TC1EkNzmJkOT6HJ6u4JSy2wqz8TXlCTPa5Npw0DIDT9zN6e-ACVghgLSQQ0skDZsp-WzAqsp_uZwFyZ1EnaBOPJwvkJp4jjeoejIKQn2JPld1N5G9nOnZDq1W0IHoaB6b66rJXLgyJYT7fShAUQszZXVc0nn6xl5BeY7RRUShtjxcSFfD5Iqb6Ex4xEdbUJnAfji6XBp9wWXWOwpETbGH6noUDAp7FN4XLGfHrDk31xWpUvc8c8mpiLlK5j9mhC_gz04v1eXC17JOjm-vizt-N-6Nxks5tNQ6ygeEUj60-h7WL89GiX5LbaTFZUE7NGLuepLJtY2efnD8IDtzoei9QRJ0vNNBmQOYx9rDG9fK6qnlfFb5KRz6afFizBkdwjF0sxjRcNEtqbszQL75wH6vrkJ5bf4GwJ0CGdmtcFyZVIHlDRFTl2DYCPp-35TPkp8KPBw3HeCQEKR3pHVoYZdwUq42WT3yRawXYHU4QiAq3Iqmy3SYHMGxzFx4qiyclbW4nx25nzw1be21Q2lJnKi79T7po36OJc-SzVuX5X1CdPadvN7ow2JjBgJnEu_PATauGHEWl9HAffifwto-AQGIRdyQO_1omObI-dHRNjwv_4XgRJTaNVT8aqL-NnZv5dn7QKLRJL0EG9jg_3yQSUeJeQj3JO_7Xn0BhtkMDG4K9zCFGXf1F8PCkTAp8&cid=CAASBORo9jg&exk=180336296&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjwwAAAACgcZLUuDjYcStin0VT4i1AqQeA8g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MKoDHwCV7WoAMhm0AAIctAA61OYARls0AbFrNAGodTQBm3g0ATl6NAH0ejQBEHs0Aa97NAG8ezQB7Hs0AU58NAGBfDQBgnw0AbB8NAGxfDQB2Hw0AQB9NAEWfTQBGH00AR99NAE4fTQBRH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAY4T2gGvHVwCWB5cAtseXAKy94gCJfuIAnhAqgInQqoCKEKqAg9WqgJchqoC2Y6qAoCbqgKBm6oCgpuqAqKoqgK4sKoC7cCqAqbaqgJV3qoCR-CqAqDlqgIP8aoCBfSqAov0qgKX9KoC9PWqAmL4qgJ8-aoCJvuqAkH7qgIm_6oCPv-qAucBqwKoAqsC9gWrAmsGqwJ-BqsCxAmrAosMqwI8DasChxGrAkYTqwJpE6sC2xarAoUXqwKnF6sCAxmrAmYaqwJ8GqsCgRqrAmIcqwL2HKsClh2rAl0eqwKgHqsCAh-rAsIgqwLHIKsCZiGrAhMiqwIKI6sCDCOrAqwjqwIvJKsCoSSrAoUlqwL-JasCByirAjYoqwJgKKsCcSirAvEoqwL3KasCcCqrAiLtBQPWJhAD9XQkBOyzxQUjrfsSPbX7EnDM-xKv7_sSsfr7Egj9-xJTAPwS5wD8EmYB_BLuAfwS9AH8EmQC_BKZouoUnMscGEBAoxj4VmsaKyL6Qg&awbid_c=AKAmf-D_cLxnNUlNkLQ04SYjZ8uSCGWy9n11e3J2Whyka8VmP7GrakNwQMDeXBQotY8_pXwODzVv3PPENyVVcMG8Tc3S8MNaas0D_XywurqG--yhTQKspSVM8g7dcCGe9OseFsH62Z8rVF5mNs4bjiSrj0QFGbpbFJ7ZzQ-Gi5iaa9F8PuUrpxY&awbid_d=AKAmf-Arejj154C_CxvAVvh51UfYThNuQ7s930AWF_zHjJViRSRXgJ_ylxtQVBENabbkbfxiMKPNv-u4xpoZmnPiNTivOkjb6Ddvd-p0tgWhLZOCzraSSVnFXFGD-TC1EkNzmJkOT6HJ6u4JSy2wqz8TXlCTPa5Npw0DIDT9zN6e-ACVghgLSQQ0skDZsp-WzAqsp_uZwFyZ1EnaBOPJwvkJp4jjeoejIKQn2JPld1N5G9nOnZDq1W0IHoaB6b66rJXLgyJYT7fShAUQszZXVc0nn6xl5BeY7RRUShtjxcSFfD5Iqb6Ex4xEdbUJnAfji6XBp9wWXWOwpETbGH6noUDAp7FN4XLGfHrDk31xWpUvc8c8mpiLlK5j9mhC_gz04v1eXC17JOjm-vizt-N-6Nxks5tNQ6ygeEUj60-h7WL89GiX5LbaTFZUE7NGLuepLJtY2efnD8IDtzoei9QRJ0vNNBmQOYx9rDG9fK6qnlfFb5KRz6afFizBkdwjF0sxjRcNEtqbszQL75wH6vrkJ5bf4GwJ0CGdmtcFyZVIHlDRFTl2DYCPp-35TPkp8KPBw3HeCQEKR3pHVoYZdwUq42WT3yRawXYHU4QiAq3Iqmy3SYHMGxzFx4qiyclbW4nx25nzw1be21Q2lJnKi79T7po36OJc-SzVuX5X1CdPadvN7ow2JjBgJnEu_PATauGHEWl9HAffifwto-AQGIRdyQO_1omObI-dHRNjwv_4XgRJTaNVT8aqL-NnZv5dn7QKLRJL0EG9jg_3yQSUeJeQj3JO_7Xn0BhtkMDG4K9zCFGXf1F8PCkTAp8&cid=CAASBORo9jg&exk=180336296&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjwwAAAACgcZLUuDjYcStin0VT4i1AqQeA8g
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
3181
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 29 Aug 2022 10:39:19 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 3B4C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MKoDHwCV7WoAMhm0AAIctAA61OYARls0AbFrNAGodTQBm3g0ATl6NAH0ejQBEHs0Aa97NAG8ezQB7Hs0AU58NAGBfDQBgnw0AbB8NAGxfDQB2Hw0AQB9NAEWfTQBGH00AR99NAE4fTQBRH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAY4T2gGvHVwCWB5cAtseXAKy94gCJfuIAnhAqgInQqoCKEKqAg9WqgJchqoC2Y6qAoCbqgKBm6oCgpuqAqKoqgK4sKoC7cCqAqbaqgJV3qoCR-CqAqDlqgIP8aoCBfSqAov0qgKX9KoC9PWqAmL4qgJ8-aoCJvuqAkH7qgIm_6oCPv-qAucBqwKoAqsC9gWrAmsGqwJ-BqsCxAmrAosMqwI8DasChxGrAkYTqwJpE6sC2xarAoUXqwKnF6sCAxmrAmYaqwJ8GqsCgRqrAmIcqwL2HKsClh2rAl0eqwKgHqsCAh-rAsIgqwLHIKsCZiGrAhMiqwIKI6sCDCOrAqwjqwIvJKsCoSSrAoUlqwL-JasCByirAjYoqwJgKKsCcSirAvEoqwL3KasCcCqrAiLtBQPWJhAD9XQkBOyzxQUjrfsSPbX7EnDM-xKv7_sSsfr7Egj9-xJTAPwS5wD8EmYB_BLuAfwS9AH8EmQC_BKZouoUnMscGEBAoxj4VmsaKyL6Qg&awbid_c=AKAmf-D_cLxnNUlNkLQ04SYjZ8uSCGWy9n11e3J2Whyka8VmP7GrakNwQMDeXBQotY8_pXwODzVv3PPENyVVcMG8Tc3S8MNaas0D_XywurqG--yhTQKspSVM8g7dcCGe9OseFsH62Z8rVF5mNs4bjiSrj0QFGbpbFJ7ZzQ-Gi5iaa9F8PuUrpxY&awbid_d=AKAmf-Arejj154C_CxvAVvh51UfYThNuQ7s930AWF_zHjJViRSRXgJ_ylxtQVBENabbkbfxiMKPNv-u4xpoZmnPiNTivOkjb6Ddvd-p0tgWhLZOCzraSSVnFXFGD-TC1EkNzmJkOT6HJ6u4JSy2wqz8TXlCTPa5Npw0DIDT9zN6e-ACVghgLSQQ0skDZsp-WzAqsp_uZwFyZ1EnaBOPJwvkJp4jjeoejIKQn2JPld1N5G9nOnZDq1W0IHoaB6b66rJXLgyJYT7fShAUQszZXVc0nn6xl5BeY7RRUShtjxcSFfD5Iqb6Ex4xEdbUJnAfji6XBp9wWXWOwpETbGH6noUDAp7FN4XLGfHrDk31xWpUvc8c8mpiLlK5j9mhC_gz04v1eXC17JOjm-vizt-N-6Nxks5tNQ6ygeEUj60-h7WL89GiX5LbaTFZUE7NGLuepLJtY2efnD8IDtzoei9QRJ0vNNBmQOYx9rDG9fK6qnlfFb5KRz6afFizBkdwjF0sxjRcNEtqbszQL75wH6vrkJ5bf4GwJ0CGdmtcFyZVIHlDRFTl2DYCPp-35TPkp8KPBw3HeCQEKR3pHVoYZdwUq42WT3yRawXYHU4QiAq3Iqmy3SYHMGxzFx4qiyclbW4nx25nzw1be21Q2lJnKi79T7po36OJc-SzVuX5X1CdPadvN7ow2JjBgJnEu_PATauGHEWl9HAffifwto-AQGIRdyQO_1omObI-dHRNjwv_4XgRJTaNVT8aqL-NnZv5dn7QKLRJL0EG9jg_3yQSUeJeQj3JO_7Xn0BhtkMDG4K9zCFGXf1F8PCkTAp8&cid=CAASBORo9jg&exk=180336296&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjwwAAAACgcZLUuDjYcStin0VT4i1AqQeA8g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:24:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
500
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1431
x-xss-protection
0
server
cafe
etag
17826921741551292351
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 11:24:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3B4C 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MKoDHwCV7WoAMhm0AAIctAA61OYARls0AbFrNAGodTQBm3g0ATl6NAH0ejQBEHs0Aa97NAG8ezQB7Hs0AU58NAGBfDQBgnw0AbB8NAGxfDQB2Hw0AQB9NAEWfTQBGH00AR99NAE4fTQBRH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAY4T2gGvHVwCWB5cAtseXAKy94gCJfuIAnhAqgInQqoCKEKqAg9WqgJchqoC2Y6qAoCbqgKBm6oCgpuqAqKoqgK4sKoC7cCqAqbaqgJV3qoCR-CqAqDlqgIP8aoCBfSqAov0qgKX9KoC9PWqAmL4qgJ8-aoCJvuqAkH7qgIm_6oCPv-qAucBqwKoAqsC9gWrAmsGqwJ-BqsCxAmrAosMqwI8DasChxGrAkYTqwJpE6sC2xarAoUXqwKnF6sCAxmrAmYaqwJ8GqsCgRqrAmIcqwL2HKsClh2rAl0eqwKgHqsCAh-rAsIgqwLHIKsCZiGrAhMiqwIKI6sCDCOrAqwjqwIvJKsCoSSrAoUlqwL-JasCByirAjYoqwJgKKsCcSirAvEoqwL3KasCcCqrAiLtBQPWJhAD9XQkBOyzxQUjrfsSPbX7EnDM-xKv7_sSsfr7Egj9-xJTAPwS5wD8EmYB_BLuAfwS9AH8EmQC_BKZouoUnMscGEBAoxj4VmsaKyL6Qg&awbid_c=AKAmf-D_cLxnNUlNkLQ04SYjZ8uSCGWy9n11e3J2Whyka8VmP7GrakNwQMDeXBQotY8_pXwODzVv3PPENyVVcMG8Tc3S8MNaas0D_XywurqG--yhTQKspSVM8g7dcCGe9OseFsH62Z8rVF5mNs4bjiSrj0QFGbpbFJ7ZzQ-Gi5iaa9F8PuUrpxY&awbid_d=AKAmf-Arejj154C_CxvAVvh51UfYThNuQ7s930AWF_zHjJViRSRXgJ_ylxtQVBENabbkbfxiMKPNv-u4xpoZmnPiNTivOkjb6Ddvd-p0tgWhLZOCzraSSVnFXFGD-TC1EkNzmJkOT6HJ6u4JSy2wqz8TXlCTPa5Npw0DIDT9zN6e-ACVghgLSQQ0skDZsp-WzAqsp_uZwFyZ1EnaBOPJwvkJp4jjeoejIKQn2JPld1N5G9nOnZDq1W0IHoaB6b66rJXLgyJYT7fShAUQszZXVc0nn6xl5BeY7RRUShtjxcSFfD5Iqb6Ex4xEdbUJnAfji6XBp9wWXWOwpETbGH6noUDAp7FN4XLGfHrDk31xWpUvc8c8mpiLlK5j9mhC_gz04v1eXC17JOjm-vizt-N-6Nxks5tNQ6ygeEUj60-h7WL89GiX5LbaTFZUE7NGLuepLJtY2efnD8IDtzoei9QRJ0vNNBmQOYx9rDG9fK6qnlfFb5KRz6afFizBkdwjF0sxjRcNEtqbszQL75wH6vrkJ5bf4GwJ0CGdmtcFyZVIHlDRFTl2DYCPp-35TPkp8KPBw3HeCQEKR3pHVoYZdwUq42WT3yRawXYHU4QiAq3Iqmy3SYHMGxzFx4qiyclbW4nx25nzw1be21Q2lJnKi79T7po36OJc-SzVuX5X1CdPadvN7ow2JjBgJnEu_PATauGHEWl9HAffifwto-AQGIRdyQO_1omObI-dHRNjwv_4XgRJTaNVT8aqL-NnZv5dn7QKLRJL0EG9jg_3yQSUeJeQj3JO_7Xn0BhtkMDG4K9zCFGXf1F8PCkTAp8&cid=CAASBORo9jg&exk=180336296&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjwwAAAACgcZLUuDjYcStin0VT4i1AqQeA8g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 29 Aug 2022 11:32:20 GMT
css
fonts.googleapis.com/ Frame 9D86 		2 KB
502 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/c4a44e818f05de04acb36686c132ba43.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
91292b9cdf7a8015c10adc80a9b225e6d4f4342d2c2dfc58c3fe3f73fa245328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 11:08:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 29 Aug 2022 11:32:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Aug 2022 11:32:20 GMT
7321b905f8aeae9f30dcb036328ac6bb.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/ Frame 9D86 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/7321b905f8aeae9f30dcb036328ac6bb.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e101dba70583875d7b02a9f69c5849db15d5fcbc609ad5a80b9835ee73a0d9c1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
136473
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2586
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 11:24:08 GMT
server
sffe
date
Sat, 27 Aug 2022 21:37:47 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 27 Aug 2023 21:37:47 GMT
7631be8b2082f94b8b62ea27e05d4ed9.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/ Frame 9D86 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/7631be8b2082f94b8b62ea27e05d4ed9.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b4f0cea19b48f7dcf4bb6b36d97969942927e2ca2f61958646e5e68585e930f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
136473
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3000
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 11:24:08 GMT
server
sffe
date
Sat, 27 Aug 2022 21:37:47 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 27 Aug 2023 21:37:47 GMT
06ce5424df3bd162cfdf32902459520c.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/ Frame 9D86 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/06ce5424df3bd162cfdf32902459520c.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf0fc0e495c936ef8854651382a5f9af6832bc3bc7814047226f34ba79489861
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
136473
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17406
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 11:24:08 GMT
server
sffe
date
Sat, 27 Aug 2022 21:37:47 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 27 Aug 2023 21:37:47 GMT
223a0dc9c87870bbc98979bb36f36662.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/ Frame 9D86 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/223a0dc9c87870bbc98979bb36f36662.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55f1e96c2c7fc4bd9d9c8cd43f656fb17132a03c1eaf0978c14146287e09671
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
136473
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1762
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 11:24:08 GMT
server
sffe
date
Sat, 27 Aug 2022 21:37:47 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 27 Aug 2023 21:37:47 GMT
54bf5fda2ea68596d316f92c0ab6681f.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/ Frame 9D86 		14 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/54bf5fda2ea68596d316f92c0ab6681f.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02279a092440015a227a4ff51563238b15bee4c9aea55fc03de78e288db886d6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
136473
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4480
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 11:24:08 GMT
server
sffe
date
Sat, 27 Aug 2022 21:37:47 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 27 Aug 2023 21:37:47 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A190
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MKoDHwCV7WoAMhm0AAIctAA61OYARls0AbFrNAGodTQBm3g0ATl6NAH0ejQBEHs0Aa97NAG8ezQB7Hs0AU58NAGBfDQBgnw0AbB8NAGxfDQB2Hw0AQB9NAEWfTQBGH00AR99NAE4fTQBRH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAY4T2gGvHVwCWB5cAtseXAKy94gCJfuIAnhAqgInQqoCKEKqAg9WqgJchqoC2Y6qAoCbqgKBm6oCgpuqAqKoqgK4sKoC7cCqAqbaqgJV3qoCR-CqAqDlqgIP8aoCBfSqAov0qgKX9KoC9PWqAmL4qgJ8-aoCJvuqAkH7qgIm_6oCPv-qAucBqwKoAqsC9gWrAmsGqwJ-BqsCxAmrAosMqwI8DasChxGrAkYTqwJpE6sC2xarAoUXqwKnF6sCAxmrAmYaqwJ8GqsCgRqrAmIcqwL2HKsClh2rAl0eqwKgHqsCAh-rAsIgqwLHIKsCZiGrAhMiqwIKI6sCDCOrAqwjqwIvJKsCoSSrAoUlqwL-JasCByirAjYoqwJgKKsCcSirAvEoqwL3KasCcCqrAiLtBQPWJhAD9XQkBOyzxQUjrfsSPbX7EnDM-xKv7_sSsfr7Egj9-xJTAPwS5wD8EmYB_BLuAfwS9AH8EmQC_BKZouoUnMscGEBAoxj4VmsaKyL6Qg&awbid_c=AKAmf-D_cLxnNUlNkLQ04SYjZ8uSCGWy9n11e3J2Whyka8VmP7GrakNwQMDeXBQotY8_pXwODzVv3PPENyVVcMG8Tc3S8MNaas0D_XywurqG--yhTQKspSVM8g7dcCGe9OseFsH62Z8rVF5mNs4bjiSrj0QFGbpbFJ7ZzQ-Gi5iaa9F8PuUrpxY&awbid_d=AKAmf-Arejj154C_CxvAVvh51UfYThNuQ7s930AWF_zHjJViRSRXgJ_ylxtQVBENabbkbfxiMKPNv-u4xpoZmnPiNTivOkjb6Ddvd-p0tgWhLZOCzraSSVnFXFGD-TC1EkNzmJkOT6HJ6u4JSy2wqz8TXlCTPa5Npw0DIDT9zN6e-ACVghgLSQQ0skDZsp-WzAqsp_uZwFyZ1EnaBOPJwvkJp4jjeoejIKQn2JPld1N5G9nOnZDq1W0IHoaB6b66rJXLgyJYT7fShAUQszZXVc0nn6xl5BeY7RRUShtjxcSFfD5Iqb6Ex4xEdbUJnAfji6XBp9wWXWOwpETbGH6noUDAp7FN4XLGfHrDk31xWpUvc8c8mpiLlK5j9mhC_gz04v1eXC17JOjm-vizt-N-6Nxks5tNQ6ygeEUj60-h7WL89GiX5LbaTFZUE7NGLuepLJtY2efnD8IDtzoei9QRJ0vNNBmQOYx9rDG9fK6qnlfFb5KRz6afFizBkdwjF0sxjRcNEtqbszQL75wH6vrkJ5bf4GwJ0CGdmtcFyZVIHlDRFTl2DYCPp-35TPkp8KPBw3HeCQEKR3pHVoYZdwUq42WT3yRawXYHU4QiAq3Iqmy3SYHMGxzFx4qiyclbW4nx25nzw1be21Q2lJnKi79T7po36OJc-SzVuX5X1CdPadvN7ow2JjBgJnEu_PATauGHEWl9HAffifwto-AQGIRdyQO_1omObI-dHRNjwv_4XgRJTaNVT8aqL-NnZv5dn7QKLRJL0EG9jg_3yQSUeJeQj3JO_7Xn0BhtkMDG4K9zCFGXf1F8PCkTAp8&cid=CAASBORo9jg&exk=180336296&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjwwAAAACgcZLUuDjYcStin0VT4i1AqQeA8g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Aug 2022 11:32:20 GMT
expires
Mon, 29 Aug 2022 11:32:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Aug 2022 11:32:20 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 3B4C 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MKoDHwCV7WoAMhm0AAIctAA61OYARls0AbFrNAGodTQBm3g0ATl6NAH0ejQBEHs0Aa97NAG8ezQB7Hs0AU58NAGBfDQBgnw0AbB8NAGxfDQB2Hw0AQB9NAEWfTQBGH00AR99NAE4fTQBRH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAY4T2gGvHVwCWB5cAtseXAKy94gCJfuIAnhAqgInQqoCKEKqAg9WqgJchqoC2Y6qAoCbqgKBm6oCgpuqAqKoqgK4sKoC7cCqAqbaqgJV3qoCR-CqAqDlqgIP8aoCBfSqAov0qgKX9KoC9PWqAmL4qgJ8-aoCJvuqAkH7qgIm_6oCPv-qAucBqwKoAqsC9gWrAmsGqwJ-BqsCxAmrAosMqwI8DasChxGrAkYTqwJpE6sC2xarAoUXqwKnF6sCAxmrAmYaqwJ8GqsCgRqrAmIcqwL2HKsClh2rAl0eqwKgHqsCAh-rAsIgqwLHIKsCZiGrAhMiqwIKI6sCDCOrAqwjqwIvJKsCoSSrAoUlqwL-JasCByirAjYoqwJgKKsCcSirAvEoqwL3KasCcCqrAiLtBQPWJhAD9XQkBOyzxQUjrfsSPbX7EnDM-xKv7_sSsfr7Egj9-xJTAPwS5wD8EmYB_BLuAfwS9AH8EmQC_BKZouoUnMscGEBAoxj4VmsaKyL6Qg&awbid_c=AKAmf-D_cLxnNUlNkLQ04SYjZ8uSCGWy9n11e3J2Whyka8VmP7GrakNwQMDeXBQotY8_pXwODzVv3PPENyVVcMG8Tc3S8MNaas0D_XywurqG--yhTQKspSVM8g7dcCGe9OseFsH62Z8rVF5mNs4bjiSrj0QFGbpbFJ7ZzQ-Gi5iaa9F8PuUrpxY&awbid_d=AKAmf-Arejj154C_CxvAVvh51UfYThNuQ7s930AWF_zHjJViRSRXgJ_ylxtQVBENabbkbfxiMKPNv-u4xpoZmnPiNTivOkjb6Ddvd-p0tgWhLZOCzraSSVnFXFGD-TC1EkNzmJkOT6HJ6u4JSy2wqz8TXlCTPa5Npw0DIDT9zN6e-ACVghgLSQQ0skDZsp-WzAqsp_uZwFyZ1EnaBOPJwvkJp4jjeoejIKQn2JPld1N5G9nOnZDq1W0IHoaB6b66rJXLgyJYT7fShAUQszZXVc0nn6xl5BeY7RRUShtjxcSFfD5Iqb6Ex4xEdbUJnAfji6XBp9wWXWOwpETbGH6noUDAp7FN4XLGfHrDk31xWpUvc8c8mpiLlK5j9mhC_gz04v1eXC17JOjm-vizt-N-6Nxks5tNQ6ygeEUj60-h7WL89GiX5LbaTFZUE7NGLuepLJtY2efnD8IDtzoei9QRJ0vNNBmQOYx9rDG9fK6qnlfFb5KRz6afFizBkdwjF0sxjRcNEtqbszQL75wH6vrkJ5bf4GwJ0CGdmtcFyZVIHlDRFTl2DYCPp-35TPkp8KPBw3HeCQEKR3pHVoYZdwUq42WT3yRawXYHU4QiAq3Iqmy3SYHMGxzFx4qiyclbW4nx25nzw1be21Q2lJnKi79T7po36OJc-SzVuX5X1CdPadvN7ow2JjBgJnEu_PATauGHEWl9HAffifwto-AQGIRdyQO_1omObI-dHRNjwv_4XgRJTaNVT8aqL-NnZv5dn7QKLRJL0EG9jg_3yQSUeJeQj3JO_7Xn0BhtkMDG4K9zCFGXf1F8PCkTAp8&cid=CAASBORo9jg&exk=180336296&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjwwAAAACgcZLUuDjYcStin0VT4i1AqQeA8g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f882756b47651b0f3e87b7031f4d98412c1f2b43fc6cfa900285b8d00a3d3c11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:23:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
538
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10270
x-xss-protection
0
server
cafe
etag
538911934249463863
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 11:23:22 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082401&jk=184221023648186&bg=!GRqlGl7NAAYUOm8VNDo7ACkAdvg8WrTyMvp7gdwFFpa1YWfiODxYL6wWh110qekp_IepKY6WdbfETAIAAAB0UgAAAAJoAQeZAvF7AXx6fq96LVUvQ7LYZBAl9fGpWY8HF7kCDdsirlIqAP9wZrmxJggqG9uzxA2tVFYdsApRIZsOxbYBXmtqjTGEmB9CH8kv7dgdUt0ANoGdC3OmSDtZHw14FCfRgHUtJnplmJM0uOD5SxaD3BHPSgzVlHDsqkgMG4qFLgkWj7-7w4po94NQMnvbQxihjyWsvh1eFmN6cdeRQFB8WkEOf9H8nRIYM7FV0_bDN00Fc8fJME2rpUOu6kc7Cl8KDDDbyu8ON9KRVzLVZYnwmq0DwCa_IMohMQ1eyJA3CvWZXBdlwSQ6BocKASazXWwA22xdCMdG7mA6lxIw4TRZBdSYkVIUP11iSoYuLVnPEvas1SHu-iV8zgCeRMDu8Be1CyJnxq3GRmYzQxW322MliFO8yn68_S3HcV9bwsnzg6_yGXhUfejfOV7bTvqg7jB1VCVCpNPOGURU0OaLf1o4gvgWjYEgv3Zqtd85WNuuWblOeN-LXILNFQyr0P7VQN3tGdtxNDnmmC20K1dkv2pmcU7EWdr9ZPJXrhdq1u13sRrlSvn8lEw0PLrJobcWoFwRqd3sHzxJvFnnzpj5FZagRs26XMMSo-EYRLirfEzsvDZ-HmE1U0vkoG_UL9_q0cVqMHpf3efRoznRb9edaoCrOjW5d7I1RPBbCQsy-vMzRYCQYpfwZIizW6dtwRh5Qhyb1tpk_RwBKhApBJJs2cmmHPEBm491oMOqbgXNzmG_BhFk53OuT4ms3vK9rBAc8BHtwaq3_904_atzZZiKJCGfNZ81WzB0JamPIIOnEsrqw5Ej2dRe_TMriX-9p9v_7pJo2o-IaHrXkRs0v7NaTpI_VBtJ-TAzM_KUZvMnSHBcvIuv4QYHeDj0iQQ6R_s5MSk2YefQS7WY6BwMhVnQQRdicX0C3AlWd9ivwbE63zZU4CdQS9P0yv3yQ7ApfaXr5vxGiVu31a7LOgEsrMCpD8PBpSqD_1vpBRCO3-daDPH99qfaaEiBaP0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0U1.woff2
fonts.gstatic.com/s/rubik/v21/ Frame 9D86 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v21/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0U1.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
449e0e19df5442ea97aab5b9a9dfb975ba6ab440f61b4643aed6dc6cba26cf9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 00:36:41 GMT
x-content-type-options
nosniff
age
557739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17288
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:20:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Aug 2023 00:36:41 GMT
container.html
051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AC93 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 29 Aug 2022 11:32:20 GMT
expires
Tue, 29 Aug 2023 11:32:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame 3B4C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSKJV66FdSos57h6g6OoaatgzT6bc2H2nOERjNEdG1X9-zYIw31TnNCSqaGKiH-GtIeB1NZHsFd2yRqXP2cw7PTXWWRug
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MKoDHwCV7WoAMhm0AAIctAA61OYARls0AbFrNAGodTQBm3g0ATl6NAH0ejQBEHs0Aa97NAG8ezQB7Hs0AU58NAGBfDQBgnw0AbB8NAGxfDQB2Hw0AQB9NAEWfTQBGH00AR99NAE4fTQBRH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAY4T2gGvHVwCWB5cAtseXAKy94gCJfuIAnhAqgInQqoCKEKqAg9WqgJchqoC2Y6qAoCbqgKBm6oCgpuqAqKoqgK4sKoC7cCqAqbaqgJV3qoCR-CqAqDlqgIP8aoCBfSqAov0qgKX9KoC9PWqAmL4qgJ8-aoCJvuqAkH7qgIm_6oCPv-qAucBqwKoAqsC9gWrAmsGqwJ-BqsCxAmrAosMqwI8DasChxGrAkYTqwJpE6sC2xarAoUXqwKnF6sCAxmrAmYaqwJ8GqsCgRqrAmIcqwL2HKsClh2rAl0eqwKgHqsCAh-rAsIgqwLHIKsCZiGrAhMiqwIKI6sCDCOrAqwjqwIvJKsCoSSrAoUlqwL-JasCByirAjYoqwJgKKsCcSirAvEoqwL3KasCcCqrAiLtBQPWJhAD9XQkBOyzxQUjrfsSPbX7EnDM-xKv7_sSsfr7Egj9-xJTAPwS5wD8EmYB_BLuAfwS9AH8EmQC_BKZouoUnMscGEBAoxj4VmsaKyL6Qg&awbid_c=AKAmf-D_cLxnNUlNkLQ04SYjZ8uSCGWy9n11e3J2Whyka8VmP7GrakNwQMDeXBQotY8_pXwODzVv3PPENyVVcMG8Tc3S8MNaas0D_XywurqG--yhTQKspSVM8g7dcCGe9OseFsH62Z8rVF5mNs4bjiSrj0QFGbpbFJ7ZzQ-Gi5iaa9F8PuUrpxY&awbid_d=AKAmf-Arejj154C_CxvAVvh51UfYThNuQ7s930AWF_zHjJViRSRXgJ_ylxtQVBENabbkbfxiMKPNv-u4xpoZmnPiNTivOkjb6Ddvd-p0tgWhLZOCzraSSVnFXFGD-TC1EkNzmJkOT6HJ6u4JSy2wqz8TXlCTPa5Npw0DIDT9zN6e-ACVghgLSQQ0skDZsp-WzAqsp_uZwFyZ1EnaBOPJwvkJp4jjeoejIKQn2JPld1N5G9nOnZDq1W0IHoaB6b66rJXLgyJYT7fShAUQszZXVc0nn6xl5BeY7RRUShtjxcSFfD5Iqb6Ex4xEdbUJnAfji6XBp9wWXWOwpETbGH6noUDAp7FN4XLGfHrDk31xWpUvc8c8mpiLlK5j9mhC_gz04v1eXC17JOjm-vizt-N-6Nxks5tNQ6ygeEUj60-h7WL89GiX5LbaTFZUE7NGLuepLJtY2efnD8IDtzoei9QRJ0vNNBmQOYx9rDG9fK6qnlfFb5KRz6afFizBkdwjF0sxjRcNEtqbszQL75wH6vrkJ5bf4GwJ0CGdmtcFyZVIHlDRFTl2DYCPp-35TPkp8KPBw3HeCQEKR3pHVoYZdwUq42WT3yRawXYHU4QiAq3Iqmy3SYHMGxzFx4qiyclbW4nx25nzw1be21Q2lJnKi79T7po36OJc-SzVuX5X1CdPadvN7ow2JjBgJnEu_PATauGHEWl9HAffifwto-AQGIRdyQO_1omObI-dHRNjwv_4XgRJTaNVT8aqL-NnZv5dn7QKLRJL0EG9jg_3yQSUeJeQj3JO_7Xn0BhtkMDG4K9zCFGXf1F8PCkTAp8&cid=CAASBORo9jg&exk=180336296&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjwwAAAACgcZLUuDjYcStin0VT4i1AqQeA8g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
truncated
/ Frame 3B4C 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d6876fcddefb0140cc1c86bb6f9d8b3f437b46090d4e0e7d103a3e8c93e20c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
admin-ajax.php
siakapkeli.my/wp-admin/ 		1 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siakapkeli.my/wp-admin/admin-ajax.php
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
via
1.1 varnish (Varnish/5.2)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
x-cache
MISS
content-type
text/html; charset=UTF-8
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
x-robots-tag
noindex
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2ZoahCkIYjF7WgzvK%2FSMR3XjfRTECg8gUWgZAVsOb8DmZcTolIXJhR2l2hmuPYI6yDfUXamznfDHlJ8InC2H2nGIKfmDswjBHZYgHnbra7E4Y%2FKWoFaOaYeV1wrUC%2B2mzkNPTYvXyv9%2BEDi"}],"group":"cf-nel","max_age":604800}
x-varnish
21735046
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7424f72c4de1b92d-AMS
expires
Wed, 11 Jan 1984 05:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9BF7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6998313219273257&plah=siakapkeli.my&bust=31069108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 29 Aug 2022 11:32:20 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame AC93 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CFIIbxKMMY_uGDeuTjuwP3YCcyAGeoaGuXKH56P6fA8CNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxoAGnypCnA8gBCeACAKgDAaoE5wJP0KcpJgPwN6v03grVIBtUTK-ddMVNKPzAN2Zlte70gxIoemzaX5wiasEndDQgPFl_ixoT-c6wIy-W_i_Ef6x6SvydPS3M0L1pJBGETQwnZM18ypfHu3ZV0AHnCFkJx9VQvCFRlxzToB9gWMk8cTAHoFn0o7ATqLFDW6xYw_VuN7pYFevHUHQXEBBfbVTTm8O2aZXmctePfgYs6ojv9h3wlXHz0Tx5IpiDh4raKscZaqv27kqCyq43Sjf_Oa1RwJMSx81j7NbCupETbeLOeX0iJ80zu1XlZ2frFvGSwXDqo0UtmsYyKKh7BJwKSVvoOLzrDRvkAUhJd7hjt4PR73ZHLme-I7PJLFo7DzlmRx-UXn2jb3ligGElTqMpnXbtEuKWKdm9qck6oHU-EYpGFUZsN4E3Y0YqmNKrhnWzk6IArKS-pW44BK3N8PUes_NLlKFNg4GQYtXlyq3wMY1Dj3DTSivyIhCA7uAEAYAG3-_98rXGxvkToAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzg3Mjc0ODY0MjE3MDI3MYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MDU4MjkxODU0NDQzODgxGLbXaQ&sigh=WTgQ_b0iVDs&uach_m=[UACH]&cid=CAQSOwCsnQUxy8rJawphXdoTs-MOnYAyZqPc3wqnbUuHJybCbzA5vEHMOCstkeVISp2-7LhFA3bUqDpVcS7SGAE
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
adfetch
googleads.g.doubleclick.net/pagead/ Frame E26B 		123 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MDasFQCqAx8Amha0APpYNAFGWzQB4mA0Aad1NAGbeDQBOXo0AWp6NAH0ejQBvHs0Aex7NAFOfDQBgXw0AYJ8NAGwfDQBsXw0Adh8NAEAfTQBFn00ARh9NAEffTQBOH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAXUQ2gH8ENoBjhPaAekdXAJYHlwC0B5cAtseXAJI-4gCafuIAidCqgIoQqoCfWKqAhRxqgLPeqoCXIaqAoCbqgKBm6oCgpuqAqKoqgLHtaoClriqAu7AqgIswaoCnceqAkjMqgJw0qoCVd6qAqDlqgJ08qoCl_SqAvT1qgJZ-KoCB_uqAib7qgJC-6oC9wCrAqsFqwL2BasCJAarArIHqwJIDKsCuwyrAjkRqwJmEqsCuBOrAmgWqwIDGasCcxmrAqwZqwJjHKsCuRyrAlIeqwJZHqsCXB6rAoIeqwKgHqsCRiCrAsIgqwI5IasCZiGrAokhqwKiIasCNSSrAn0kqwKeJKsCciWrAkwnqwKbJ6sCDiirAnEoqwL-KKsCFCmrAhYpqwJpKasCsimrAsApqwLvKasCDyqrAlQqqwJ_KqsC3CqrAhQrqwLmK6sC47PFBew2oAytzmUOzKE1EdCT-xJZtfsSU8r7EmL--xKY__sSVAD8EucA_BJPAfwSZAH8ErgB_BI2AvwSTwL8Eulb0BNbn-oU-FZrGjxJ-kLotb1p&awbid_c=AKAmf-DYWHl7rwcBuRynaovdR2x2Y2Uxqhubr9aGkOxbHzqAV2Ytv_TigiEdxz1GmQtlPA5LsCjJJqiQ44-0OVUvx_ddGw2DyuKA51TpEnrdUe331R2gX3xOWRfhr7AyckNxuNm5GexfWQ_j5ufzoq2P5iwuIZjzTgZvOeJaNbjceEQ3Mot-1IA&awbid_d=AKAmf-BvRxeq7TlEn65kDDtvsLj4AtqnDiso1TGIkgbxONyc8IJgnIXT62mh8JMNnNy_JKYO9j0w1oNcAKe4IDydjPp8yyczpKrXDNMBDEg2Sd2w0fXfpuNGJLDKdDGj6MG35LbGZJ6HY4luSxgDWO8GbIruoIyMchAw-53XycvuC3rdB_AWQcZu6eD_ow0gC3WAxVevbAwgNw7pZEkUYvMJZ7bQTTRZ9gevOfVrejZXzXBlq2c1-4qcObbJ3d7wmGHADye0chdKVdy9e8ZOp-phh7W3D8RdcGsGv6WTCGu73Q49t3OrDaBHWpvLI3Szb1QHvCnkorKl4WMlKz30uGvlEgOEV3BCywpo4-GyPn4VgQauJn5E_i44KPXERfOq-fCvv2dcQGzMnACToxEvqpmagPVQWK4hKDPt2Z6Iszp1n1xezcyOiCYWmXt7t_UCHyxdR7kpk4ec_ybrUZ0t8dQu0zd3Rbyny-umJr0qBPZEgPBo2E5JH1FkRagFkFrClJ6_8rT45ZSmgljixvEFS5YUgo9VZlltoYecNq-1hdm5ygh4-HFM00lygyTSVcTTAujYmTrVqmKq22x_WiNBJFWdqJOmZS3u2KXxi6Up6ysg1bnamI_Z5UQN0b6ho88cK7HNtQshU8zKi204t6NpnekDDqIh2toatlfOPzaPKvoyteUXuu6Nq-3zgsLWL0nJKjmQxljLfBtEEb3KtW8NzOrJVkw3RHgk09c357OFH5SxKeDqJeJjzSEqZcO5Ao9YkGi_1l76lo2TscWFHM6CZwy1W2TWOkkhnboUPVfOcVXubuBhtdIN4Rk&cid=CAASBORoMiU&exk=1682835312&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjxAAAAACZShAfdwF8at4OqgwpuoLz5iiNnw
Requested by
Host: siakapkeli.my
URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5bb7848d31f0adbf0b556fdea153b4e118eb60c3a768896c9dbd7518bef1b3b8
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLu2me_56_kCFa8e0wody5wO6Q&gqi=xKMMY9DpIu6S7_UPm9Kt4Aw&layout=/sadbundle/%24csp%253Der3%24/17621850321678087786/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
43837
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLu2me_56_kCFa8e0wody5wO6Q&gqi=xKMMY9DpIu6S7_UPm9Kt4Aw&layout=/sadbundle/%24csp%253Der3%24/17621850321678087786/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Aug 2022 11:32:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame AC93 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13385bc296bb2dc9cac61d19963d6868de43445187fdb91b6980e892773a1c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3151
x-xss-protection
0
server
cafe
etag
3095951791532391640
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 12:30:23 GMT
v1
a2171.casalemedia.com/impression/ Frame AC93 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a2171.casalemedia.com/impression/v1?bidID=9d9365a2-4386-460a-a702-f93e7317bf5b&traceID=cc6a7h3ffn4pv4oh70rg&dspID=85&userID=&cmpro=0&deviceType=2&expiryTime=1661773340&ap=YwyjxAADQ3sHg4nrAAcAXUTLADUips6pZfiPIw&siteID=341462&creativeID=880b50&pubID=189149&format=banner&channel=site
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.60.202 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Aug 2022 11:32:20 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame AC93 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-BIYvvSSWF1DvctZ7Imr2enrCA0vfSi90Xtl3QeuDxTAtctVG8EQf2q-6OU6Y8us3t6WtSCk_0gWXwCY5CFtdg5tu88Uw&pr=13:YwyjxAAAAABiq5K-8to1RvzcVOuktm_L5PmTwg
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame AC93 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
875
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 11:17:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AC93 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 29 Aug 2022 11:32:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame AC93 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:16:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
971
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 11:16:09 GMT
l
www.google.com/ads/measurement/ Frame AC93 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7n8XpqfDN_AZOC0NNxFlsnD5mfvy3P4otGcS9TvTRB29wgjd4OrvjLOqSknxYX-KFXJ0htCl7vpW4CdNpEVdmeuYXbw
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame AC93 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 09:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353603
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 25 Aug 2023 09:18:57 GMT
dcm
s.amazon-adsystem.com/ Frame A201
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwyjxHvekt9-CuDihv_SaAAABKAAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwyjxHvekt9-CuDihv_SaAAABKAAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwyjxHvekt9-CuDihv_SaAAABKAAAAAB&dcc=t
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Aug 2022 11:32:21 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6JSVE1MCT1W5YPTTGDNV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 29 Aug 2022 11:32:20 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NY4EGRVQY2W0MWQR64DD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwyjxHvekt9-CuDihv_SaAAABKAAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A201 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A201 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwyjxHvekt9-CuDihv_SaAAABKAAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A201
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YwyjxHvekt9.CuDihv-SaAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEK44Re4aZB3e-AWdxQqJrsc&google_cver=1&gdpr=1&google_hm=2
43 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEK44Re4aZB3e-AWdxQqJrsc&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7424f72e3abc0b53-AMS
pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fx24bp6EpTRjhtzCfz3uhCh6B2ez82vrrWXpkkFwlGMQJ7NWZ4ZGk8Wno1izczNAnIUAVj42rZbpELL9x2abLyWYjwIzuWPlAxR7FLiYCWdEo3Ul61jRwxYM4F6MT2Wf8lUKF1ryL%2FhSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEK44Re4aZB3e-AWdxQqJrsc&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A201
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=59ab621e-4d93-4fec-94b6-ecdb6acf403c
43 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=59ab621e-4d93-4fec-94b6-ecdb6acf403c
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7424f72e0a9c0b53-AMS
pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKJnAXAw2ypwCBrGEoxAvnRQGTTPF9BQgGyKgyp41ShvYUo353EyilcjWAOdT5w5HyxL8izPGnguBQwKBZ97pBGJpamYa2hSaQWadBOY9XrUCGgqlrhCVoveIZcXDvaIXO9yJsv4pzBN%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=59ab621e-4d93-4fec-94b6-ecdb6acf403c
date
Mon, 29 Aug 2022 11:32:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
YwyjxHvekt9-CuDihv_SaAAABKAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A201 		43 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YwyjxHvekt9-CuDihv_SaAAABKAAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:ebd:fba0:5325:a4e6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
rum
dsum-sec.casalemedia.com/ Frame A201
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Jeuf3sguSql9mVOrMc7Dqx_MlpM
43 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Jeuf3sguSql9mVOrMc7Dqx_MlpM
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7424f72f6be80b53-AMS
pragma
no-cache
date
Mon, 29 Aug 2022 11:32:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FuuhNNFN4l%2Fo%2FfaAjyIHoGfQPDiE%2FpoxI2oLizsVd5BEMuwycSJ%2Bmhc%2BvPSMHdoyZzGtUEO48zF7g%2Bs%2B3UACWjjPPjWrkrqRrIfJsqSSQaWkKLxLWwAC5riyRszZZLEHT2zHs7jMA6E8yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Jeuf3sguSql9mVOrMc7Dqx_MlpM
Date
Mon, 29 Aug 2022 11:32:20 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame A201
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d09230dc-6937-41ca-babf-0f0d6bba4b91
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d09230dc-6937-41ca-babf-0f0d6bba4b91
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7424f72f6bde0b53-AMS
pragma
no-cache
date
Mon, 29 Aug 2022 11:32:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpRr%2B1xocB0NMgPgmxus0eQVgA33MgPR%2BK8ZMndMhqNTddBgP3QaWeQEQ7i%2BtqSIAI7tuzRsctoWWqaVXoCMpS4o62dMFFtCTJyxsVzFL%2FA4FnODiVPec2bqPR2loUJCSukVvtXzD2cmwA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 29 Aug 2022 11:32:20 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d09230dc-6937-41ca-babf-0f0d6bba4b91
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame A201 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YwyjxHvekt9-CuDihv_SaAAABKAAAAAB?gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.209.6 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Unused62
8096267
Date
Mon, 29 Aug 2022 11:32:20 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=638
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Aug 2022 11:42:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5949 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1665
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 29 Aug 2022 11:04:35 GMT
expires
Tue, 29 Aug 2023 11:04:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4F2F 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e1c132d90c6034289b0e2d3178e190ad5832dbf6f2bcb9f895345d80c3172a63
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fT-ieAq_yrrfSyEire4FIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-fT-ieAq_yrrfSyEire4FIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 29 Aug 2022 11:32:20 GMT
expires
Mon, 29 Aug 2022 11:32:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usermatch
ssum-sec.casalemedia.com/ Frame 8D55 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4586a8ff3624c10184b9bf2455417972690998d7cec5667a33c0e599814aa37

Request headers

Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7424f72d0ed1d0d1-AMS
content-encoding
br
content-type
text/html
date
Mon, 29 Aug 2022 11:32:20 GMT
dropped-udsids
46|88|206|3|4|176|57|90
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhvyC2dtikIi6sChqnRcrt%2B%2F%2FEpi%2FizgeKhTomD2VB0sGcHd7z0heHwtveOVzX%2FnreUIVkI%2BkpTKQ9Fb17xPB%2ByJXWPetltRRAWLUJHhJFHHxHVHV%2BKWeUc1I%2Bb2Wg%2FZ5q134aqcbrYTUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 28FC 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
75616
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 14:32:04 GMT
etag
48472445140208031
expires
Mon, 29 Aug 2022 14:32:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame 9D86 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 20:25:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
227185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Aug 2023 20:25:55 GMT
6032.js
go.trvdp.com/init/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/6032.js
Requested by
Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1273/6032.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cce90e944e79ff8a47eb85a04ab7d402cc873622cf6bf8cb1d2262a11cabf96

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 26 May 2022 16:08:53 GMT
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
last-modified
Sun, 01 May 2022 12:06:01 GMT
server
AmazonS3
age
8191408
etag
"677f8a9e006845cd7da362db1cbd05ee"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
5845
x-amz-cf-id
cNBiqH7qcxjtdxQDeZgSbqrgdySdt1vihrhz4zVVnPX98hPj6KJAzQ==
truncated
/ Frame AC93 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80242ea050d1312e71e369791b2d23e5e1dbcdef20ea43d22fce11053141b7ef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 28FC 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESELUAtS3M4GDARdGu4li-U4Y&google_cver=1&google_push=AehlK4BVkL_jSqzeSeFHb1X79MexyYveexZD20oHAAkfhwQ8yX5HHhFQUwNY0qA3km3DxiSGuKA7rVI5TysZTqVQMnJqxzci2zk
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 28FC 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOTpP8t3CdE0XcVhzNNjwIQ&google_cver=1&google_push=AehlK4Ddm9ndr6NNeabpvD7bCS65GQT1-YFmGYadzuEVxf6913H2-Mn1OAKzRWj407lGfH2Unynzl4Nj2pjeLRUS0HBkUFVNFLk
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 28FC
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEOIUSaVxCeZWcMWmK5eFdlY&google_cver=1&google_push=AehlK4A29P_qmVmJk3PY1Q68myGkAxcSxbgP70rivDnGI5-wa15fBmaQkDlNYfDWz0-gYJDdVIO...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEOIUSaVxCeZWcMWmK5eFdlY&google_cver=1&google_push=AehlK4A29P_qmVmJk3PY1Q68myGkAxcSxbgP70rivDnGI5-wa15fBmaQkDlNYfDWz0-gYJDdVIO...
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=kQOP05nBTBmO0Pfh5l-tQQ&gdpr=1&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=kQOP05nBTBmO0Pfh5l-tQQ&gdpr=1&gdpr_consent=
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=kQOP05nBTBmO0Pfh5l-tQQ&gdpr=1&gdpr_consent=
pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
pixel
cm.g.doubleclick.net/ Frame 28FC
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBTYtfGuLkxh7__hRjNNzWM&google_cver=1&google_push=AehlK4DruCeXi2C8ShUKVNIxXu1Ud3pN2X-53b-ckBr33sKAaPhCQKY-GE47-tlj8gmELtJZp8QJyVL3m78K3i7f...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oltKKsigTEyWip36jnzJgQ2&google_push=AehlK4DruCeXi2C8ShUKVNIxXu1Ud3pN2X-53b-ckBr33sKAaPhCQKY-GE47-tlj8gmELtJZp8QJyVL3m78K3i7fCbctFmfDeUI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oltKKsigTEyWip36jnzJgQ2&google_push=AehlK4DruCeXi2C8ShUKVNIxXu1Ud3pN2X-53b-ckBr33sKAaPhCQKY-GE47-tlj8gmELtJZp8QJyVL3m78K3i7fCbctFmfDeUI
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 29 Aug 2022 11:32:20 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oltKKsigTEyWip36jnzJgQ2&google_push=AehlK4DruCeXi2C8ShUKVNIxXu1Ud3pN2X-53b-ckBr33sKAaPhCQKY-GE47-tlj8gmELtJZp8QJyVL3m78K3i7fCbctFmfDeUI
x-host
tde-deliveryengine-production-67bf548659-zf854
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 28FC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMgsueWREo4nqYiRQvWnO2w&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMgsueWREo4nqYiRQvWnO2w&google_hm=YwyjxHvekt9-CuDihv_SaAAABKAAAAAB&google_nid=index&google_push=AehlK4C61s9XicAn_yfZkU3R1oNt9JUX9Qipx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMgsueWREo4nqYiRQvWnO2w&google_hm=YwyjxHvekt9-CuDihv_SaAAABKAAAAAB&google_nid=index&google_push=AehlK4C61s9XicAn_yfZkU3R1oNt9JUX9Qipxz-y-QogQaRGbicWFkbWTL5UY57VDYFMAQ5gXVq1Km4K6NModQGPFsZnRCK6HR8
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

cf-ray
7424f72d9846d0d1-AMS
pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCH6XCkUXCUiRLJksJe%2B32M%2FGV9SgfVwyAfINSrWRsggSyARt87NPtfSlcZNxJUFmx%2B088AIFH4LpZ7F8bKJAXLt4RR3IrElJ9l4d7wsvWFvcky781SKohOs0QRFhETUHt7Qxg%2Bn2K4ZXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMgsueWREo4nqYiRQvWnO2w&google_hm=YwyjxHvekt9-CuDihv_SaAAABKAAAAAB&google_nid=index&google_push=AehlK4C61s9XicAn_yfZkU3R1oNt9JUX9Qipxz-y-QogQaRGbicWFkbWTL5UY57VDYFMAQ5gXVq1Km4K6NModQGPFsZnRCK6HR8
cache-control
no-cache
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
pixel
cm.g.doubleclick.net/ Frame 28FC
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDJOnQ7-sRBcoQZEosOSYKk&google_cver=1&google_push=AehlK4BgQD6fqKlfo1jNdDgwPKZcibZ9YmUBL_mdmSWFqtMsMPIjyuWHrEbyne2kfaTmCkyynwYKBpYlViJXwj1A...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4BgQD6fqKlfo1jNdDgwPKZcibZ9YmUBL_mdmSWFqtMsMPIjyuWHrEbyne2kfaTmCkyynwYKBpYlViJXwj1AmJ9t2Xi5VKU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4BgQD6fqKlfo1jNdDgwPKZcibZ9YmUBL_mdmSWFqtMsMPIjyuWHrEbyne2kfaTmCkyynwYKBpYlViJXwj1AmJ9t2Xi5VKU
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 29 Aug 2022 11:32:20 GMT
via
1.1 6c9f184c491eed5c51abd110e89bd97a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
VIE50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4BgQD6fqKlfo1jNdDgwPKZcibZ9YmUBL_mdmSWFqtMsMPIjyuWHrEbyne2kfaTmCkyynwYKBpYlViJXwj1AmJ9t2Xi5VKU
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
LwpxZp8JyqNs5mo1uAwsM6dNrrj6Mye-d9BbMXGZMRJ5M1i2sfi8TA==
um
sync.teads.tv/ Frame 28FC 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJDVm55_DgfmBfaTaNRZDK8&google_cver=1&google_push=AehlK4C6kzfPNh0a9TQJ06pFVpHEO3hwU3O7Qz1xqQwW-0iyx4-x8PxgumJiIMMabhvuSsEj32OUmknLEWbXhrwozdfTMCPte5k
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.72 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 29 Aug 2022 11:32:20 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 28FC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K3WihDtX-XmjvwpnCwGWx2dVUklx8D-rXATyEfhhDNFE79MAGdkIjqK7up_zyj4NhtOFhkuw
Requested by
Host: 051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
URL: https://051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame AB23 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgEjU14WNFpFBe9FG_VUSrsf0eDhgqBGUOF2x9s9VoK2_genx2tl-NloNh5bUgPm_so3cLuMWpaE9AOPThu-N9fE3IzGzqKG3DbHVD5Xqq_v4eJTsY_CnEPM9-8DBhUmeeVQf7qR_HNF-TVsNi-qr2sPfMdrxGPrqRtbWl-wm4x_fznlUaWGHJUcJlMPR6VxF3_c7tdlZHOJffef5hxYVSgOxyY1Fped9cPa1wCaYffeEPDD7kEX9qT0xXklJNwmofNc7MRgdax0SAZt4I5nep0gUFlhK5P7lQ0JyGdrswoSaibUacrfXS1I0pZGsj2xSDJ2LZpnc-Z9NjOukOXC3RKOxRg5mAJ3MgVo0rA_0iEg&sai=AMfl-YTwR7cCzjn642asH3Dcn8EEqHGbU_k0OuI1mcVv-ZyjK7U6xphLnWmRCSVUSS7ti6j4y_7VCE5380SNI-P7fkJ2Qlxihewt9o8SGPpp4UdTl_zkB6kHkZHtpEZZnQ&sig=Cg0ArKJSzGI5lpQ8fPvpEAE&id=lidar2&mcvt=1049&p=1157,1599,1158,1600&mtos=1049,1049,1049,1049,1049&tos=1049,0,0,0,0&v=20220824&bin=7&avms=nio&bs=1600,1200&mc=1.08&vu=1&app=0&itpl=19&adk=1271496268&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661772739469&rpt=195&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 8D55 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 8D55
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YwyjxQADPum7lABN
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YwyjxQADPum7lABN&gdpr=1&_test=YwyjxQADPum7lABN
43 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YwyjxQADPum7lABN&gdpr=1&_test=YwyjxQADPum7lABN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7424f730ad360b53-AMS
pragma
no-cache
date
Mon, 29 Aug 2022 11:32:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdDiTRmUxrKau%2BGqs4R9GUiPo5DkW2I9zy8TGMji92%2FXPtrnpbD49o6EfU5w1DpYhBjQ%2FEcKrVUuHRI9A%2FY4jHLIYhEBsW855jOxUX1bav%2FEAVjQjq5TLXMqVktLdiaqiej%2F71pdquwpUA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1661772741.161722,VS0,VE0
x-served-by
cache-ewr18144-EWR
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YwyjxQADPum7lABN&gdpr=1&_test=YwyjxQADPum7lABN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame 8D55 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YwyjxHvekt9-CuDihv_SaAAABKAAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 8D55
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1f09630c-a3c5-4000-bcee-f2b38edcbf7c&gdpr=1&gdpr_consent=
43 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1f09630c-a3c5-4000-bcee-f2b38edcbf7c&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7424f733e90b0b53-AMS
pragma
no-cache
date
Mon, 29 Aug 2022 11:32:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y45jOD3Vx%2FcdmzNHJ%2F1uQgKOjxncighuFzQX7Emk3ZoHcKJHDePJ0PccCHrdb4HMgopA1G0KUdsF4Pxq0Enav%2BO6V0%2FvOeMXu1wCEwHX5tnJvKN3AVUVfiXd3urxHN%2FRp8hZN7RJIRptww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 29 Aug 2022 11:32:21 GMT
Server
MT3 4505 5b23575 master nrt-pixel-x3 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1f09630c-a3c5-4000-bcee-f2b38edcbf7c&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 29 Aug 2022 11:32:20 GMT
rum
dsum-sec.casalemedia.com/ Frame 8D55
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3710702394994080249
43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3710702394994080249
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7424f72e7b0b0b53-AMS
pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCvHeK0AZn5sRhrlvNLCiDg1APqkE0SxPATvRlX0I8w9kQXnrusGBkxjhzF3l4xrqc0es3%2BaziZlMiux2e47ijgrib9nF6z5SDZxFJ2IyutdbVix1ADYtIyZIMss8TfxrBlqSbymXFzXUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3710702394994080249
pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
113
match.deepintent.com/usersync/ Frame 8D55 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
content-length
0
server
b
crum
dsum-sec.casalemedia.com/ Frame 8D55
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322322937487899
43 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322322937487899
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7424f72eeb720b53-AMS
pragma
no-cache
date
Mon, 29 Aug 2022 11:32:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sb%2B9N%2BtQudyVRmtUAz36IE6QSM2NBtuA5sYJQgBR%2BkbqDAsMkVkSo%2Fs8ru52FAdrnT4AGt9ar%2BeDjOlF%2BrLJJPK%2BDQe0ZZ%2B2VQVxHnmxATg%2BzIrHpZ5hCjs%2FPmAd9omNMyG7bWTvJSBZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322322937487899
Date
Mon, 29 Aug 2022 11:32:20 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
no_match_opted_out
um.simpli.fi/ Frame 8D55
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H2
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Aug 2022 11:32:20 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Mon, 29 Aug 2022 11:32:20 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 28 Aug 2022 11:32:20 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 8D55 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YwyjxHvekt9-CuDihv_SaAAABKAAAAAB?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.209.6 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Unused62
8096267
Date
Mon, 29 Aug 2022 11:32:20 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=638
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Aug 2022 11:42:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4F2F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=1679003771417929&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/ Frame 0505 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MDasFQCqAx8Amha0APpYNAFGWzQB4mA0Aad1NAGbeDQBOXo0AWp6NAH0ejQBvHs0Aex7NAFOfDQBgXw0AYJ8NAGwfDQBsXw0Adh8NAEAfTQBFn00ARh9NAEffTQBOH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAXUQ2gH8ENoBjhPaAekdXAJYHlwC0B5cAtseXAJI-4gCafuIAidCqgIoQqoCfWKqAhRxqgLPeqoCXIaqAoCbqgKBm6oCgpuqAqKoqgLHtaoClriqAu7AqgIswaoCnceqAkjMqgJw0qoCVd6qAqDlqgJ08qoCl_SqAvT1qgJZ-KoCB_uqAib7qgJC-6oC9wCrAqsFqwL2BasCJAarArIHqwJIDKsCuwyrAjkRqwJmEqsCuBOrAmgWqwIDGasCcxmrAqwZqwJjHKsCuRyrAlIeqwJZHqsCXB6rAoIeqwKgHqsCRiCrAsIgqwI5IasCZiGrAokhqwKiIasCNSSrAn0kqwKeJKsCciWrAkwnqwKbJ6sCDiirAnEoqwL-KKsCFCmrAhYpqwJpKasCsimrAsApqwLvKasCDyqrAlQqqwJ_KqsC3CqrAhQrqwLmK6sC47PFBew2oAytzmUOzKE1EdCT-xJZtfsSU8r7EmL--xKY__sSVAD8EucA_BJPAfwSZAH8ErgB_BI2AvwSTwL8Eulb0BNbn-oU-FZrGjxJ-kLotb1p&awbid_c=AKAmf-DYWHl7rwcBuRynaovdR2x2Y2Uxqhubr9aGkOxbHzqAV2Ytv_TigiEdxz1GmQtlPA5LsCjJJqiQ44-0OVUvx_ddGw2DyuKA51TpEnrdUe331R2gX3xOWRfhr7AyckNxuNm5GexfWQ_j5ufzoq2P5iwuIZjzTgZvOeJaNbjceEQ3Mot-1IA&awbid_d=AKAmf-BvRxeq7TlEn65kDDtvsLj4AtqnDiso1TGIkgbxONyc8IJgnIXT62mh8JMNnNy_JKYO9j0w1oNcAKe4IDydjPp8yyczpKrXDNMBDEg2Sd2w0fXfpuNGJLDKdDGj6MG35LbGZJ6HY4luSxgDWO8GbIruoIyMchAw-53XycvuC3rdB_AWQcZu6eD_ow0gC3WAxVevbAwgNw7pZEkUYvMJZ7bQTTRZ9gevOfVrejZXzXBlq2c1-4qcObbJ3d7wmGHADye0chdKVdy9e8ZOp-phh7W3D8RdcGsGv6WTCGu73Q49t3OrDaBHWpvLI3Szb1QHvCnkorKl4WMlKz30uGvlEgOEV3BCywpo4-GyPn4VgQauJn5E_i44KPXERfOq-fCvv2dcQGzMnACToxEvqpmagPVQWK4hKDPt2Z6Iszp1n1xezcyOiCYWmXt7t_UCHyxdR7kpk4ec_ybrUZ0t8dQu0zd3Rbyny-umJr0qBPZEgPBo2E5JH1FkRagFkFrClJ6_8rT45ZSmgljixvEFS5YUgo9VZlltoYecNq-1hdm5ygh4-HFM00lygyTSVcTTAujYmTrVqmKq22x_WiNBJFWdqJOmZS3u2KXxi6Up6ysg1bnamI_Z5UQN0b6ho88cK7HNtQshU8zKi204t6NpnekDDqIh2toatlfOPzaPKvoyteUXuu6Nq-3zgsLWL0nJKjmQxljLfBtEEb3KtW8NzOrJVkw3RHgk09c357OFH5SxKeDqJeJjzSEqZcO5Ao9YkGi_1l76lo2TscWFHM6CZwy1W2TWOkkhnboUPVfOcVXubuBhtdIN4Rk&cid=CAASBORoMiU&exk=1682835312&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjxAAAAACZShAfdwF8at4OqgwpuoLz5iiNnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12920bb26cb0b7714c05bd4996b30d5991d5878e4daa8718a278ba37e3a0cc7c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
136474
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3957
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 21:37:46 GMT
expires
Sun, 27 Aug 2023 21:37:46 GMT
last-modified
Fri, 29 Jul 2022 11:24:08 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame E26B 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CiXzMxKMMY-POEfDIzAaM87-gA9vFx_1rzN_-24cQg7f0_QgQASC35YQhYJGEoIWMGKABq9rYuwLIAQmpAlSpVcL8t7A-qAMByANIqgS6Ak_QGoxYcD1708JqCWFsW4PjKFM04xlyCC5_nPSKu1jGekG5vuP6q9BAsxThLb2ZSpbx2qofzOYdZdqoA2-zsRGGJidBZRQ_QGr9W9SyYFpMBMV9CNIQq_VUViuXqradBd5F3lqm5CsjUX9rnZcMUYzpjK59eVY0nMaXoi8ZP1a3Ds4Rl6IC1jMPB2pNY-u3tUvHT-XpSX_0AIZ4VM4BVT8PtsnTdrl5XGQJS0elGCRYKfVsUWqA_zjd9IiMNNq6uOCWg-JeNUKPTjWKV0J1-99tyJthlCteeDqYjSnXovTuYsFtvdRW9Hihn__I6q90Uy-R1r3HY7TY6ysP7zcR5MSFr7Pw7w3B26xlsisy5YjPBX0bfdPOvgEbSnHGXDngiSox_mpe20iwxD25crTua7IqjHxRyRDL4R3dwATI3pisiwSSBQQIBBgBkgUECAUYBKAGLoAHvaWnxAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHANIIEQiA4YAQEAEYADICqgI6AoBA8ggNYmlkZGVyLTM0MTQ2MoAKBMgLAdgTDdAVAYAXAbIXCAoGCAASABgA&sigh=OyA6gFdKjd8&uach_m=[UACH]&pr=13:YwyjxAAAAACZShAfdwF8at4OqgwpuoLz5iiNnw&template_id=419&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MDasFQCqAx8Amha0APpYNAFGWzQB4mA0Aad1NAGbeDQBOXo0AWp6NAH0ejQBvHs0Aex7NAFOfDQBgXw0AYJ8NAGwfDQBsXw0Adh8NAEAfTQBFn00ARh9NAEffTQBOH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAXUQ2gH8ENoBjhPaAekdXAJYHlwC0B5cAtseXAJI-4gCafuIAidCqgIoQqoCfWKqAhRxqgLPeqoCXIaqAoCbqgKBm6oCgpuqAqKoqgLHtaoClriqAu7AqgIswaoCnceqAkjMqgJw0qoCVd6qAqDlqgJ08qoCl_SqAvT1qgJZ-KoCB_uqAib7qgJC-6oC9wCrAqsFqwL2BasCJAarArIHqwJIDKsCuwyrAjkRqwJmEqsCuBOrAmgWqwIDGasCcxmrAqwZqwJjHKsCuRyrAlIeqwJZHqsCXB6rAoIeqwKgHqsCRiCrAsIgqwI5IasCZiGrAokhqwKiIasCNSSrAn0kqwKeJKsCciWrAkwnqwKbJ6sCDiirAnEoqwL-KKsCFCmrAhYpqwJpKasCsimrAsApqwLvKasCDyqrAlQqqwJ_KqsC3CqrAhQrqwLmK6sC47PFBew2oAytzmUOzKE1EdCT-xJZtfsSU8r7EmL--xKY__sSVAD8EucA_BJPAfwSZAH8ErgB_BI2AvwSTwL8Eulb0BNbn-oU-FZrGjxJ-kLotb1p&awbid_c=AKAmf-DYWHl7rwcBuRynaovdR2x2Y2Uxqhubr9aGkOxbHzqAV2Ytv_TigiEdxz1GmQtlPA5LsCjJJqiQ44-0OVUvx_ddGw2DyuKA51TpEnrdUe331R2gX3xOWRfhr7AyckNxuNm5GexfWQ_j5ufzoq2P5iwuIZjzTgZvOeJaNbjceEQ3Mot-1IA&awbid_d=AKAmf-BvRxeq7TlEn65kDDtvsLj4AtqnDiso1TGIkgbxONyc8IJgnIXT62mh8JMNnNy_JKYO9j0w1oNcAKe4IDydjPp8yyczpKrXDNMBDEg2Sd2w0fXfpuNGJLDKdDGj6MG35LbGZJ6HY4luSxgDWO8GbIruoIyMchAw-53XycvuC3rdB_AWQcZu6eD_ow0gC3WAxVevbAwgNw7pZEkUYvMJZ7bQTTRZ9gevOfVrejZXzXBlq2c1-4qcObbJ3d7wmGHADye0chdKVdy9e8ZOp-phh7W3D8RdcGsGv6WTCGu73Q49t3OrDaBHWpvLI3Szb1QHvCnkorKl4WMlKz30uGvlEgOEV3BCywpo4-GyPn4VgQauJn5E_i44KPXERfOq-fCvv2dcQGzMnACToxEvqpmagPVQWK4hKDPt2Z6Iszp1n1xezcyOiCYWmXt7t_UCHyxdR7kpk4ec_ybrUZ0t8dQu0zd3Rbyny-umJr0qBPZEgPBo2E5JH1FkRagFkFrClJ6_8rT45ZSmgljixvEFS5YUgo9VZlltoYecNq-1hdm5ygh4-HFM00lygyTSVcTTAujYmTrVqmKq22x_WiNBJFWdqJOmZS3u2KXxi6Up6ysg1bnamI_Z5UQN0b6ho88cK7HNtQshU8zKi204t6NpnekDDqIh2toatlfOPzaPKvoyteUXuu6Nq-3zgsLWL0nJKjmQxljLfBtEEb3KtW8NzOrJVkw3RHgk09c357OFH5SxKeDqJeJjzSEqZcO5Ao9YkGi_1l76lo2TscWFHM6CZwy1W2TWOkkhnboUPVfOcVXubuBhtdIN4Rk&cid=CAASBORoMiU&exk=1682835312&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjxAAAAACZShAfdwF8at4OqgwpuoLz5iiNnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MDasFQCqAx8Amha0APpYNAFGWzQB4mA0Aad1NAGbeDQBOXo0AWp6NAH0ejQBvHs0Aex7NAFOfDQBgXw0AYJ8NAGwfDQBsXw0Adh8NAEAfTQBFn00ARh9NAEffTQBOH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAXUQ2gH8ENoBjhPaAekdXAJYHlwC0B5cAtseXAJI-4gCafuIAidCqgIoQqoCfWKqAhRxqgLPeqoCXIaqAoCbqgKBm6oCgpuqAqKoqgLHtaoClriqAu7AqgIswaoCnceqAkjMqgJw0qoCVd6qAqDlqgJ08qoCl_SqAvT1qgJZ-KoCB_uqAib7qgJC-6oC9wCrAqsFqwL2BasCJAarArIHqwJIDKsCuwyrAjkRqwJmEqsCuBOrAmgWqwIDGasCcxmrAqwZqwJjHKsCuRyrAlIeqwJZHqsCXB6rAoIeqwKgHqsCRiCrAsIgqwI5IasCZiGrAokhqwKiIasCNSSrAn0kqwKeJKsCciWrAkwnqwKbJ6sCDiirAnEoqwL-KKsCFCmrAhYpqwJpKasCsimrAsApqwLvKasCDyqrAlQqqwJ_KqsC3CqrAhQrqwLmK6sC47PFBew2oAytzmUOzKE1EdCT-xJZtfsSU8r7EmL--xKY__sSVAD8EucA_BJPAfwSZAH8ErgB_BI2AvwSTwL8Eulb0BNbn-oU-FZrGjxJ-kLotb1p&awbid_c=AKAmf-DYWHl7rwcBuRynaovdR2x2Y2Uxqhubr9aGkOxbHzqAV2Ytv_TigiEdxz1GmQtlPA5LsCjJJqiQ44-0OVUvx_ddGw2DyuKA51TpEnrdUe331R2gX3xOWRfhr7AyckNxuNm5GexfWQ_j5ufzoq2P5iwuIZjzTgZvOeJaNbjceEQ3Mot-1IA&awbid_d=AKAmf-BvRxeq7TlEn65kDDtvsLj4AtqnDiso1TGIkgbxONyc8IJgnIXT62mh8JMNnNy_JKYO9j0w1oNcAKe4IDydjPp8yyczpKrXDNMBDEg2Sd2w0fXfpuNGJLDKdDGj6MG35LbGZJ6HY4luSxgDWO8GbIruoIyMchAw-53XycvuC3rdB_AWQcZu6eD_ow0gC3WAxVevbAwgNw7pZEkUYvMJZ7bQTTRZ9gevOfVrejZXzXBlq2c1-4qcObbJ3d7wmGHADye0chdKVdy9e8ZOp-phh7W3D8RdcGsGv6WTCGu73Q49t3OrDaBHWpvLI3Szb1QHvCnkorKl4WMlKz30uGvlEgOEV3BCywpo4-GyPn4VgQauJn5E_i44KPXERfOq-fCvv2dcQGzMnACToxEvqpmagPVQWK4hKDPt2Z6Iszp1n1xezcyOiCYWmXt7t_UCHyxdR7kpk4ec_ybrUZ0t8dQu0zd3Rbyny-umJr0qBPZEgPBo2E5JH1FkRagFkFrClJ6_8rT45ZSmgljixvEFS5YUgo9VZlltoYecNq-1hdm5ygh4-HFM00lygyTSVcTTAujYmTrVqmKq22x_WiNBJFWdqJOmZS3u2KXxi6Up6ysg1bnamI_Z5UQN0b6ho88cK7HNtQshU8zKi204t6NpnekDDqIh2toatlfOPzaPKvoyteUXuu6Nq-3zgsLWL0nJKjmQxljLfBtEEb3KtW8NzOrJVkw3RHgk09c357OFH5SxKeDqJeJjzSEqZcO5Ao9YkGi_1l76lo2TscWFHM6CZwy1W2TWOkkhnboUPVfOcVXubuBhtdIN4Rk&cid=CAASBORoMiU&exk=1682835312&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjxAAAAACZShAfdwF8at4OqgwpuoLz5iiNnw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 29 Aug 2022 11:32:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame E26B 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MDasFQCqAx8Amha0APpYNAFGWzQB4mA0Aad1NAGbeDQBOXo0AWp6NAH0ejQBvHs0Aex7NAFOfDQBgXw0AYJ8NAGwfDQBsXw0Adh8NAEAfTQBFn00ARh9NAEffTQBOH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAXUQ2gH8ENoBjhPaAekdXAJYHlwC0B5cAtseXAJI-4gCafuIAidCqgIoQqoCfWKqAhRxqgLPeqoCXIaqAoCbqgKBm6oCgpuqAqKoqgLHtaoClriqAu7AqgIswaoCnceqAkjMqgJw0qoCVd6qAqDlqgJ08qoCl_SqAvT1qgJZ-KoCB_uqAib7qgJC-6oC9wCrAqsFqwL2BasCJAarArIHqwJIDKsCuwyrAjkRqwJmEqsCuBOrAmgWqwIDGasCcxmrAqwZqwJjHKsCuRyrAlIeqwJZHqsCXB6rAoIeqwKgHqsCRiCrAsIgqwI5IasCZiGrAokhqwKiIasCNSSrAn0kqwKeJKsCciWrAkwnqwKbJ6sCDiirAnEoqwL-KKsCFCmrAhYpqwJpKasCsimrAsApqwLvKasCDyqrAlQqqwJ_KqsC3CqrAhQrqwLmK6sC47PFBew2oAytzmUOzKE1EdCT-xJZtfsSU8r7EmL--xKY__sSVAD8EucA_BJPAfwSZAH8ErgB_BI2AvwSTwL8Eulb0BNbn-oU-FZrGjxJ-kLotb1p&awbid_c=AKAmf-DYWHl7rwcBuRynaovdR2x2Y2Uxqhubr9aGkOxbHzqAV2Ytv_TigiEdxz1GmQtlPA5LsCjJJqiQ44-0OVUvx_ddGw2DyuKA51TpEnrdUe331R2gX3xOWRfhr7AyckNxuNm5GexfWQ_j5ufzoq2P5iwuIZjzTgZvOeJaNbjceEQ3Mot-1IA&awbid_d=AKAmf-BvRxeq7TlEn65kDDtvsLj4AtqnDiso1TGIkgbxONyc8IJgnIXT62mh8JMNnNy_JKYO9j0w1oNcAKe4IDydjPp8yyczpKrXDNMBDEg2Sd2w0fXfpuNGJLDKdDGj6MG35LbGZJ6HY4luSxgDWO8GbIruoIyMchAw-53XycvuC3rdB_AWQcZu6eD_ow0gC3WAxVevbAwgNw7pZEkUYvMJZ7bQTTRZ9gevOfVrejZXzXBlq2c1-4qcObbJ3d7wmGHADye0chdKVdy9e8ZOp-phh7W3D8RdcGsGv6WTCGu73Q49t3OrDaBHWpvLI3Szb1QHvCnkorKl4WMlKz30uGvlEgOEV3BCywpo4-GyPn4VgQauJn5E_i44KPXERfOq-fCvv2dcQGzMnACToxEvqpmagPVQWK4hKDPt2Z6Iszp1n1xezcyOiCYWmXt7t_UCHyxdR7kpk4ec_ybrUZ0t8dQu0zd3Rbyny-umJr0qBPZEgPBo2E5JH1FkRagFkFrClJ6_8rT45ZSmgljixvEFS5YUgo9VZlltoYecNq-1hdm5ygh4-HFM00lygyTSVcTTAujYmTrVqmKq22x_WiNBJFWdqJOmZS3u2KXxi6Up6ysg1bnamI_Z5UQN0b6ho88cK7HNtQshU8zKi204t6NpnekDDqIh2toatlfOPzaPKvoyteUXuu6Nq-3zgsLWL0nJKjmQxljLfBtEEb3KtW8NzOrJVkw3RHgk09c357OFH5SxKeDqJeJjzSEqZcO5Ao9YkGi_1l76lo2TscWFHM6CZwy1W2TWOkkhnboUPVfOcVXubuBhtdIN4Rk&cid=CAASBORoMiU&exk=1682835312&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjxAAAAACZShAfdwF8at4OqgwpuoLz5iiNnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:13:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 11:13:47 GMT
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame 5949 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 20:25:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
227185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Aug 2023 20:25:55 GMT
p.php
stg.truvidplayer.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=1273&wid=6032&cb=2074.102784137044&pid=4168&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F08%2F29%2Fsaya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid%2F
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/6032.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-49.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
f4ca23efbb5675de2d852f470890e0d779e7be9bb9ce7ee1b1002ac115d3391a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:21 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://siakapkeli.my
access-control-allow-credentials
true
x-amz-cf-id
HrS57vq4KRfbyY4iw5YliWX8mwz62IKlDC2bTMPTpCITA-kw7x_C4g==
via
1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 0505 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 13:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 29 Aug 2022 13:42:57 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0505 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 05:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22991
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 30 Aug 2022 05:09:09 GMT
c4a44e818f05de04acb36686c132ba43.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/ Frame 0505 		91 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/c4a44e818f05de04acb36686c132ba43.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92ac78bb63f8fe3d36033c918b8a027e1bb3f2a285739a6c8b4b2c363179a8a9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
136473
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26161
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 11:24:08 GMT
server
sffe
date
Sat, 27 Aug 2022 21:37:47 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 27 Aug 2023 21:37:47 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4292 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MDasFQCqAx8Amha0APpYNAFGWzQB4mA0Aad1NAGbeDQBOXo0AWp6NAH0ejQBvHs0Aex7NAFOfDQBgXw0AYJ8NAGwfDQBsXw0Adh8NAEAfTQBFn00ARh9NAEffTQBOH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAXUQ2gH8ENoBjhPaAekdXAJYHlwC0B5cAtseXAJI-4gCafuIAidCqgIoQqoCfWKqAhRxqgLPeqoCXIaqAoCbqgKBm6oCgpuqAqKoqgLHtaoClriqAu7AqgIswaoCnceqAkjMqgJw0qoCVd6qAqDlqgJ08qoCl_SqAvT1qgJZ-KoCB_uqAib7qgJC-6oC9wCrAqsFqwL2BasCJAarArIHqwJIDKsCuwyrAjkRqwJmEqsCuBOrAmgWqwIDGasCcxmrAqwZqwJjHKsCuRyrAlIeqwJZHqsCXB6rAoIeqwKgHqsCRiCrAsIgqwI5IasCZiGrAokhqwKiIasCNSSrAn0kqwKeJKsCciWrAkwnqwKbJ6sCDiirAnEoqwL-KKsCFCmrAhYpqwJpKasCsimrAsApqwLvKasCDyqrAlQqqwJ_KqsC3CqrAhQrqwLmK6sC47PFBew2oAytzmUOzKE1EdCT-xJZtfsSU8r7EmL--xKY__sSVAD8EucA_BJPAfwSZAH8ErgB_BI2AvwSTwL8Eulb0BNbn-oU-FZrGjxJ-kLotb1p&awbid_c=AKAmf-DYWHl7rwcBuRynaovdR2x2Y2Uxqhubr9aGkOxbHzqAV2Ytv_TigiEdxz1GmQtlPA5LsCjJJqiQ44-0OVUvx_ddGw2DyuKA51TpEnrdUe331R2gX3xOWRfhr7AyckNxuNm5GexfWQ_j5ufzoq2P5iwuIZjzTgZvOeJaNbjceEQ3Mot-1IA&awbid_d=AKAmf-BvRxeq7TlEn65kDDtvsLj4AtqnDiso1TGIkgbxONyc8IJgnIXT62mh8JMNnNy_JKYO9j0w1oNcAKe4IDydjPp8yyczpKrXDNMBDEg2Sd2w0fXfpuNGJLDKdDGj6MG35LbGZJ6HY4luSxgDWO8GbIruoIyMchAw-53XycvuC3rdB_AWQcZu6eD_ow0gC3WAxVevbAwgNw7pZEkUYvMJZ7bQTTRZ9gevOfVrejZXzXBlq2c1-4qcObbJ3d7wmGHADye0chdKVdy9e8ZOp-phh7W3D8RdcGsGv6WTCGu73Q49t3OrDaBHWpvLI3Szb1QHvCnkorKl4WMlKz30uGvlEgOEV3BCywpo4-GyPn4VgQauJn5E_i44KPXERfOq-fCvv2dcQGzMnACToxEvqpmagPVQWK4hKDPt2Z6Iszp1n1xezcyOiCYWmXt7t_UCHyxdR7kpk4ec_ybrUZ0t8dQu0zd3Rbyny-umJr0qBPZEgPBo2E5JH1FkRagFkFrClJ6_8rT45ZSmgljixvEFS5YUgo9VZlltoYecNq-1hdm5ygh4-HFM00lygyTSVcTTAujYmTrVqmKq22x_WiNBJFWdqJOmZS3u2KXxi6Up6ysg1bnamI_Z5UQN0b6ho88cK7HNtQshU8zKi204t6NpnekDDqIh2toatlfOPzaPKvoyteUXuu6Nq-3zgsLWL0nJKjmQxljLfBtEEb3KtW8NzOrJVkw3RHgk09c357OFH5SxKeDqJeJjzSEqZcO5Ao9YkGi_1l76lo2TscWFHM6CZwy1W2TWOkkhnboUPVfOcVXubuBhtdIN4Rk&cid=CAASBORoMiU&exk=1682835312&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjxAAAAACZShAfdwF8at4OqgwpuoLz5iiNnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MDasFQCqAx8Amha0APpYNAFGWzQB4mA0Aad1NAGbeDQBOXo0AWp6NAH0ejQBvHs0Aex7NAFOfDQBgXw0AYJ8NAGwfDQBsXw0Adh8NAEAfTQBFn00ARh9NAEffTQBOH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAXUQ2gH8ENoBjhPaAekdXAJYHlwC0B5cAtseXAJI-4gCafuIAidCqgIoQqoCfWKqAhRxqgLPeqoCXIaqAoCbqgKBm6oCgpuqAqKoqgLHtaoClriqAu7AqgIswaoCnceqAkjMqgJw0qoCVd6qAqDlqgJ08qoCl_SqAvT1qgJZ-KoCB_uqAib7qgJC-6oC9wCrAqsFqwL2BasCJAarArIHqwJIDKsCuwyrAjkRqwJmEqsCuBOrAmgWqwIDGasCcxmrAqwZqwJjHKsCuRyrAlIeqwJZHqsCXB6rAoIeqwKgHqsCRiCrAsIgqwI5IasCZiGrAokhqwKiIasCNSSrAn0kqwKeJKsCciWrAkwnqwKbJ6sCDiirAnEoqwL-KKsCFCmrAhYpqwJpKasCsimrAsApqwLvKasCDyqrAlQqqwJ_KqsC3CqrAhQrqwLmK6sC47PFBew2oAytzmUOzKE1EdCT-xJZtfsSU8r7EmL--xKY__sSVAD8EucA_BJPAfwSZAH8ErgB_BI2AvwSTwL8Eulb0BNbn-oU-FZrGjxJ-kLotb1p&awbid_c=AKAmf-DYWHl7rwcBuRynaovdR2x2Y2Uxqhubr9aGkOxbHzqAV2Ytv_TigiEdxz1GmQtlPA5LsCjJJqiQ44-0OVUvx_ddGw2DyuKA51TpEnrdUe331R2gX3xOWRfhr7AyckNxuNm5GexfWQ_j5ufzoq2P5iwuIZjzTgZvOeJaNbjceEQ3Mot-1IA&awbid_d=AKAmf-BvRxeq7TlEn65kDDtvsLj4AtqnDiso1TGIkgbxONyc8IJgnIXT62mh8JMNnNy_JKYO9j0w1oNcAKe4IDydjPp8yyczpKrXDNMBDEg2Sd2w0fXfpuNGJLDKdDGj6MG35LbGZJ6HY4luSxgDWO8GbIruoIyMchAw-53XycvuC3rdB_AWQcZu6eD_ow0gC3WAxVevbAwgNw7pZEkUYvMJZ7bQTTRZ9gevOfVrejZXzXBlq2c1-4qcObbJ3d7wmGHADye0chdKVdy9e8ZOp-phh7W3D8RdcGsGv6WTCGu73Q49t3OrDaBHWpvLI3Szb1QHvCnkorKl4WMlKz30uGvlEgOEV3BCywpo4-GyPn4VgQauJn5E_i44KPXERfOq-fCvv2dcQGzMnACToxEvqpmagPVQWK4hKDPt2Z6Iszp1n1xezcyOiCYWmXt7t_UCHyxdR7kpk4ec_ybrUZ0t8dQu0zd3Rbyny-umJr0qBPZEgPBo2E5JH1FkRagFkFrClJ6_8rT45ZSmgljixvEFS5YUgo9VZlltoYecNq-1hdm5ygh4-HFM00lygyTSVcTTAujYmTrVqmKq22x_WiNBJFWdqJOmZS3u2KXxi6Up6ysg1bnamI_Z5UQN0b6ho88cK7HNtQshU8zKi204t6NpnekDDqIh2toatlfOPzaPKvoyteUXuu6Nq-3zgsLWL0nJKjmQxljLfBtEEb3KtW8NzOrJVkw3RHgk09c357OFH5SxKeDqJeJjzSEqZcO5Ao9YkGi_1l76lo2TscWFHM6CZwy1W2TWOkkhnboUPVfOcVXubuBhtdIN4Rk&cid=CAASBORoMiU&exk=1682835312&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjxAAAAACZShAfdwF8at4OqgwpuoLz5iiNnw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
3181
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 29 Aug 2022 10:39:19 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame E26B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MDasFQCqAx8Amha0APpYNAFGWzQB4mA0Aad1NAGbeDQBOXo0AWp6NAH0ejQBvHs0Aex7NAFOfDQBgXw0AYJ8NAGwfDQBsXw0Adh8NAEAfTQBFn00ARh9NAEffTQBOH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAXUQ2gH8ENoBjhPaAekdXAJYHlwC0B5cAtseXAJI-4gCafuIAidCqgIoQqoCfWKqAhRxqgLPeqoCXIaqAoCbqgKBm6oCgpuqAqKoqgLHtaoClriqAu7AqgIswaoCnceqAkjMqgJw0qoCVd6qAqDlqgJ08qoCl_SqAvT1qgJZ-KoCB_uqAib7qgJC-6oC9wCrAqsFqwL2BasCJAarArIHqwJIDKsCuwyrAjkRqwJmEqsCuBOrAmgWqwIDGasCcxmrAqwZqwJjHKsCuRyrAlIeqwJZHqsCXB6rAoIeqwKgHqsCRiCrAsIgqwI5IasCZiGrAokhqwKiIasCNSSrAn0kqwKeJKsCciWrAkwnqwKbJ6sCDiirAnEoqwL-KKsCFCmrAhYpqwJpKasCsimrAsApqwLvKasCDyqrAlQqqwJ_KqsC3CqrAhQrqwLmK6sC47PFBew2oAytzmUOzKE1EdCT-xJZtfsSU8r7EmL--xKY__sSVAD8EucA_BJPAfwSZAH8ErgB_BI2AvwSTwL8Eulb0BNbn-oU-FZrGjxJ-kLotb1p&awbid_c=AKAmf-DYWHl7rwcBuRynaovdR2x2Y2Uxqhubr9aGkOxbHzqAV2Ytv_TigiEdxz1GmQtlPA5LsCjJJqiQ44-0OVUvx_ddGw2DyuKA51TpEnrdUe331R2gX3xOWRfhr7AyckNxuNm5GexfWQ_j5ufzoq2P5iwuIZjzTgZvOeJaNbjceEQ3Mot-1IA&awbid_d=AKAmf-BvRxeq7TlEn65kDDtvsLj4AtqnDiso1TGIkgbxONyc8IJgnIXT62mh8JMNnNy_JKYO9j0w1oNcAKe4IDydjPp8yyczpKrXDNMBDEg2Sd2w0fXfpuNGJLDKdDGj6MG35LbGZJ6HY4luSxgDWO8GbIruoIyMchAw-53XycvuC3rdB_AWQcZu6eD_ow0gC3WAxVevbAwgNw7pZEkUYvMJZ7bQTTRZ9gevOfVrejZXzXBlq2c1-4qcObbJ3d7wmGHADye0chdKVdy9e8ZOp-phh7W3D8RdcGsGv6WTCGu73Q49t3OrDaBHWpvLI3Szb1QHvCnkorKl4WMlKz30uGvlEgOEV3BCywpo4-GyPn4VgQauJn5E_i44KPXERfOq-fCvv2dcQGzMnACToxEvqpmagPVQWK4hKDPt2Z6Iszp1n1xezcyOiCYWmXt7t_UCHyxdR7kpk4ec_ybrUZ0t8dQu0zd3Rbyny-umJr0qBPZEgPBo2E5JH1FkRagFkFrClJ6_8rT45ZSmgljixvEFS5YUgo9VZlltoYecNq-1hdm5ygh4-HFM00lygyTSVcTTAujYmTrVqmKq22x_WiNBJFWdqJOmZS3u2KXxi6Up6ysg1bnamI_Z5UQN0b6ho88cK7HNtQshU8zKi204t6NpnekDDqIh2toatlfOPzaPKvoyteUXuu6Nq-3zgsLWL0nJKjmQxljLfBtEEb3KtW8NzOrJVkw3RHgk09c357OFH5SxKeDqJeJjzSEqZcO5Ao9YkGi_1l76lo2TscWFHM6CZwy1W2TWOkkhnboUPVfOcVXubuBhtdIN4Rk&cid=CAASBORoMiU&exk=1682835312&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjxAAAAACZShAfdwF8at4OqgwpuoLz5iiNnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:24:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
500
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1431
x-xss-protection
0
server
cafe
etag
17826921741551292351
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 11:24:00 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame E26B 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MDasFQCqAx8Amha0APpYNAFGWzQB4mA0Aad1NAGbeDQBOXo0AWp6NAH0ejQBvHs0Aex7NAFOfDQBgXw0AYJ8NAGwfDQBsXw0Adh8NAEAfTQBFn00ARh9NAEffTQBOH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAXUQ2gH8ENoBjhPaAekdXAJYHlwC0B5cAtseXAJI-4gCafuIAidCqgIoQqoCfWKqAhRxqgLPeqoCXIaqAoCbqgKBm6oCgpuqAqKoqgLHtaoClriqAu7AqgIswaoCnceqAkjMqgJw0qoCVd6qAqDlqgJ08qoCl_SqAvT1qgJZ-KoCB_uqAib7qgJC-6oC9wCrAqsFqwL2BasCJAarArIHqwJIDKsCuwyrAjkRqwJmEqsCuBOrAmgWqwIDGasCcxmrAqwZqwJjHKsCuRyrAlIeqwJZHqsCXB6rAoIeqwKgHqsCRiCrAsIgqwI5IasCZiGrAokhqwKiIasCNSSrAn0kqwKeJKsCciWrAkwnqwKbJ6sCDiirAnEoqwL-KKsCFCmrAhYpqwJpKasCsimrAsApqwLvKasCDyqrAlQqqwJ_KqsC3CqrAhQrqwLmK6sC47PFBew2oAytzmUOzKE1EdCT-xJZtfsSU8r7EmL--xKY__sSVAD8EucA_BJPAfwSZAH8ErgB_BI2AvwSTwL8Eulb0BNbn-oU-FZrGjxJ-kLotb1p&awbid_c=AKAmf-DYWHl7rwcBuRynaovdR2x2Y2Uxqhubr9aGkOxbHzqAV2Ytv_TigiEdxz1GmQtlPA5LsCjJJqiQ44-0OVUvx_ddGw2DyuKA51TpEnrdUe331R2gX3xOWRfhr7AyckNxuNm5GexfWQ_j5ufzoq2P5iwuIZjzTgZvOeJaNbjceEQ3Mot-1IA&awbid_d=AKAmf-BvRxeq7TlEn65kDDtvsLj4AtqnDiso1TGIkgbxONyc8IJgnIXT62mh8JMNnNy_JKYO9j0w1oNcAKe4IDydjPp8yyczpKrXDNMBDEg2Sd2w0fXfpuNGJLDKdDGj6MG35LbGZJ6HY4luSxgDWO8GbIruoIyMchAw-53XycvuC3rdB_AWQcZu6eD_ow0gC3WAxVevbAwgNw7pZEkUYvMJZ7bQTTRZ9gevOfVrejZXzXBlq2c1-4qcObbJ3d7wmGHADye0chdKVdy9e8ZOp-phh7W3D8RdcGsGv6WTCGu73Q49t3OrDaBHWpvLI3Szb1QHvCnkorKl4WMlKz30uGvlEgOEV3BCywpo4-GyPn4VgQauJn5E_i44KPXERfOq-fCvv2dcQGzMnACToxEvqpmagPVQWK4hKDPt2Z6Iszp1n1xezcyOiCYWmXt7t_UCHyxdR7kpk4ec_ybrUZ0t8dQu0zd3Rbyny-umJr0qBPZEgPBo2E5JH1FkRagFkFrClJ6_8rT45ZSmgljixvEFS5YUgo9VZlltoYecNq-1hdm5ygh4-HFM00lygyTSVcTTAujYmTrVqmKq22x_WiNBJFWdqJOmZS3u2KXxi6Up6ysg1bnamI_Z5UQN0b6ho88cK7HNtQshU8zKi204t6NpnekDDqIh2toatlfOPzaPKvoyteUXuu6Nq-3zgsLWL0nJKjmQxljLfBtEEb3KtW8NzOrJVkw3RHgk09c357OFH5SxKeDqJeJjzSEqZcO5Ao9YkGi_1l76lo2TscWFHM6CZwy1W2TWOkkhnboUPVfOcVXubuBhtdIN4Rk&cid=CAASBORoMiU&exk=1682835312&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjxAAAAACZShAfdwF8at4OqgwpuoLz5iiNnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f882756b47651b0f3e87b7031f4d98412c1f2b43fc6cfa900285b8d00a3d3c11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:23:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
538
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10270
x-xss-protection
0
server
cafe
etag
538911934249463863
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 11:23:22 GMT
7321b905f8aeae9f30dcb036328ac6bb.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/ Frame 0505 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/7321b905f8aeae9f30dcb036328ac6bb.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/c4a44e818f05de04acb36686c132ba43.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e101dba70583875d7b02a9f69c5849db15d5fcbc609ad5a80b9835ee73a0d9c1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
136473
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2586
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 11:24:08 GMT
server
sffe
date
Sat, 27 Aug 2022 21:37:47 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 27 Aug 2023 21:37:47 GMT
7631be8b2082f94b8b62ea27e05d4ed9.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/ Frame 0505 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/7631be8b2082f94b8b62ea27e05d4ed9.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/c4a44e818f05de04acb36686c132ba43.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b4f0cea19b48f7dcf4bb6b36d97969942927e2ca2f61958646e5e68585e930f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
136473
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3000
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 11:24:08 GMT
server
sffe
date
Sat, 27 Aug 2022 21:37:47 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 27 Aug 2023 21:37:47 GMT
06ce5424df3bd162cfdf32902459520c.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/ Frame 0505 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/06ce5424df3bd162cfdf32902459520c.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/c4a44e818f05de04acb36686c132ba43.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf0fc0e495c936ef8854651382a5f9af6832bc3bc7814047226f34ba79489861
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
136473
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17406
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 11:24:08 GMT
server
sffe
date
Sat, 27 Aug 2022 21:37:47 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 27 Aug 2023 21:37:47 GMT
223a0dc9c87870bbc98979bb36f36662.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/ Frame 0505 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/223a0dc9c87870bbc98979bb36f36662.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/c4a44e818f05de04acb36686c132ba43.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55f1e96c2c7fc4bd9d9c8cd43f656fb17132a03c1eaf0978c14146287e09671
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
136473
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1762
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 11:24:08 GMT
server
sffe
date
Sat, 27 Aug 2022 21:37:47 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 27 Aug 2023 21:37:47 GMT
54bf5fda2ea68596d316f92c0ab6681f.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/ Frame 0505 		14 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/media/54bf5fda2ea68596d316f92c0ab6681f.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/c4a44e818f05de04acb36686c132ba43.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02279a092440015a227a4ff51563238b15bee4c9aea55fc03de78e288db886d6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
136473
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4480
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 11:24:08 GMT
server
sffe
date
Sat, 27 Aug 2022 21:37:47 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 27 Aug 2023 21:37:47 GMT
css
fonts.googleapis.com/ Frame 0505 		2 KB
502 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17621850321678087786/c4a44e818f05de04acb36686c132ba43.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
91292b9cdf7a8015c10adc80a9b225e6d4f4342d2c2dfc58c3fe3f73fa245328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 11:15:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 29 Aug 2022 11:32:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Aug 2022 11:32:20 GMT
l
www.google.com/ads/measurement/ Frame E26B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSLyMPFAhFGpayWJnw_5X8oBW3wgXx6OrWt_Cv8xCQvvippTvsXNNwIJVbgZeWV0Awsklm_jLe69XPnKrBtwi_Yd4YBhQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MDasFQCqAx8Amha0APpYNAFGWzQB4mA0Aad1NAGbeDQBOXo0AWp6NAH0ejQBvHs0Aex7NAFOfDQBgXw0AYJ8NAGwfDQBsXw0Adh8NAEAfTQBFn00ARh9NAEffTQBOH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAXUQ2gH8ENoBjhPaAekdXAJYHlwC0B5cAtseXAJI-4gCafuIAidCqgIoQqoCfWKqAhRxqgLPeqoCXIaqAoCbqgKBm6oCgpuqAqKoqgLHtaoClriqAu7AqgIswaoCnceqAkjMqgJw0qoCVd6qAqDlqgJ08qoCl_SqAvT1qgJZ-KoCB_uqAib7qgJC-6oC9wCrAqsFqwL2BasCJAarArIHqwJIDKsCuwyrAjkRqwJmEqsCuBOrAmgWqwIDGasCcxmrAqwZqwJjHKsCuRyrAlIeqwJZHqsCXB6rAoIeqwKgHqsCRiCrAsIgqwI5IasCZiGrAokhqwKiIasCNSSrAn0kqwKeJKsCciWrAkwnqwKbJ6sCDiirAnEoqwL-KKsCFCmrAhYpqwJpKasCsimrAsApqwLvKasCDyqrAlQqqwJ_KqsC3CqrAhQrqwLmK6sC47PFBew2oAytzmUOzKE1EdCT-xJZtfsSU8r7EmL--xKY__sSVAD8EucA_BJPAfwSZAH8ErgB_BI2AvwSTwL8Eulb0BNbn-oU-FZrGjxJ-kLotb1p&awbid_c=AKAmf-DYWHl7rwcBuRynaovdR2x2Y2Uxqhubr9aGkOxbHzqAV2Ytv_TigiEdxz1GmQtlPA5LsCjJJqiQ44-0OVUvx_ddGw2DyuKA51TpEnrdUe331R2gX3xOWRfhr7AyckNxuNm5GexfWQ_j5ufzoq2P5iwuIZjzTgZvOeJaNbjceEQ3Mot-1IA&awbid_d=AKAmf-BvRxeq7TlEn65kDDtvsLj4AtqnDiso1TGIkgbxONyc8IJgnIXT62mh8JMNnNy_JKYO9j0w1oNcAKe4IDydjPp8yyczpKrXDNMBDEg2Sd2w0fXfpuNGJLDKdDGj6MG35LbGZJ6HY4luSxgDWO8GbIruoIyMchAw-53XycvuC3rdB_AWQcZu6eD_ow0gC3WAxVevbAwgNw7pZEkUYvMJZ7bQTTRZ9gevOfVrejZXzXBlq2c1-4qcObbJ3d7wmGHADye0chdKVdy9e8ZOp-phh7W3D8RdcGsGv6WTCGu73Q49t3OrDaBHWpvLI3Szb1QHvCnkorKl4WMlKz30uGvlEgOEV3BCywpo4-GyPn4VgQauJn5E_i44KPXERfOq-fCvv2dcQGzMnACToxEvqpmagPVQWK4hKDPt2Z6Iszp1n1xezcyOiCYWmXt7t_UCHyxdR7kpk4ec_ybrUZ0t8dQu0zd3Rbyny-umJr0qBPZEgPBo2E5JH1FkRagFkFrClJ6_8rT45ZSmgljixvEFS5YUgo9VZlltoYecNq-1hdm5ygh4-HFM00lygyTSVcTTAujYmTrVqmKq22x_WiNBJFWdqJOmZS3u2KXxi6Up6ysg1bnamI_Z5UQN0b6ho88cK7HNtQshU8zKi204t6NpnekDDqIh2toatlfOPzaPKvoyteUXuu6Nq-3zgsLWL0nJKjmQxljLfBtEEb3KtW8NzOrJVkw3RHgk09c357OFH5SxKeDqJeJjzSEqZcO5Ao9YkGi_1l76lo2TscWFHM6CZwy1W2TWOkkhnboUPVfOcVXubuBhtdIN4Rk&cid=CAASBORoMiU&exk=1682835312&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjxAAAAACZShAfdwF8at4OqgwpuoLz5iiNnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E26B 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MDasFQCqAx8Amha0APpYNAFGWzQB4mA0Aad1NAGbeDQBOXo0AWp6NAH0ejQBvHs0Aex7NAFOfDQBgXw0AYJ8NAGwfDQBsXw0Adh8NAEAfTQBFn00ARh9NAEffTQBOH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAXUQ2gH8ENoBjhPaAekdXAJYHlwC0B5cAtseXAJI-4gCafuIAidCqgIoQqoCfWKqAhRxqgLPeqoCXIaqAoCbqgKBm6oCgpuqAqKoqgLHtaoClriqAu7AqgIswaoCnceqAkjMqgJw0qoCVd6qAqDlqgJ08qoCl_SqAvT1qgJZ-KoCB_uqAib7qgJC-6oC9wCrAqsFqwL2BasCJAarArIHqwJIDKsCuwyrAjkRqwJmEqsCuBOrAmgWqwIDGasCcxmrAqwZqwJjHKsCuRyrAlIeqwJZHqsCXB6rAoIeqwKgHqsCRiCrAsIgqwI5IasCZiGrAokhqwKiIasCNSSrAn0kqwKeJKsCciWrAkwnqwKbJ6sCDiirAnEoqwL-KKsCFCmrAhYpqwJpKasCsimrAsApqwLvKasCDyqrAlQqqwJ_KqsC3CqrAhQrqwLmK6sC47PFBew2oAytzmUOzKE1EdCT-xJZtfsSU8r7EmL--xKY__sSVAD8EucA_BJPAfwSZAH8ErgB_BI2AvwSTwL8Eulb0BNbn-oU-FZrGjxJ-kLotb1p&awbid_c=AKAmf-DYWHl7rwcBuRynaovdR2x2Y2Uxqhubr9aGkOxbHzqAV2Ytv_TigiEdxz1GmQtlPA5LsCjJJqiQ44-0OVUvx_ddGw2DyuKA51TpEnrdUe331R2gX3xOWRfhr7AyckNxuNm5GexfWQ_j5ufzoq2P5iwuIZjzTgZvOeJaNbjceEQ3Mot-1IA&awbid_d=AKAmf-BvRxeq7TlEn65kDDtvsLj4AtqnDiso1TGIkgbxONyc8IJgnIXT62mh8JMNnNy_JKYO9j0w1oNcAKe4IDydjPp8yyczpKrXDNMBDEg2Sd2w0fXfpuNGJLDKdDGj6MG35LbGZJ6HY4luSxgDWO8GbIruoIyMchAw-53XycvuC3rdB_AWQcZu6eD_ow0gC3WAxVevbAwgNw7pZEkUYvMJZ7bQTTRZ9gevOfVrejZXzXBlq2c1-4qcObbJ3d7wmGHADye0chdKVdy9e8ZOp-phh7W3D8RdcGsGv6WTCGu73Q49t3OrDaBHWpvLI3Szb1QHvCnkorKl4WMlKz30uGvlEgOEV3BCywpo4-GyPn4VgQauJn5E_i44KPXERfOq-fCvv2dcQGzMnACToxEvqpmagPVQWK4hKDPt2Z6Iszp1n1xezcyOiCYWmXt7t_UCHyxdR7kpk4ec_ybrUZ0t8dQu0zd3Rbyny-umJr0qBPZEgPBo2E5JH1FkRagFkFrClJ6_8rT45ZSmgljixvEFS5YUgo9VZlltoYecNq-1hdm5ygh4-HFM00lygyTSVcTTAujYmTrVqmKq22x_WiNBJFWdqJOmZS3u2KXxi6Up6ysg1bnamI_Z5UQN0b6ho88cK7HNtQshU8zKi204t6NpnekDDqIh2toatlfOPzaPKvoyteUXuu6Nq-3zgsLWL0nJKjmQxljLfBtEEb3KtW8NzOrJVkw3RHgk09c357OFH5SxKeDqJeJjzSEqZcO5Ao9YkGi_1l76lo2TscWFHM6CZwy1W2TWOkkhnboUPVfOcVXubuBhtdIN4Rk&cid=CAASBORoMiU&exk=1682835312&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjxAAAAACZShAfdwF8at4OqgwpuoLz5iiNnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 29 Aug 2022 11:32:20 GMT
truncated
/ Frame E26B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
690752537edc9cf0d88a8f361f84aef0d551bc7a753bfde17715ffb829abfb8a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4292
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2a00:1630:2::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid&sub_client=bidder-341462&aceid=MDasFQCqAx8Amha0APpYNAFGWzQB4mA0Aad1NAGbeDQBOXo0AWp6NAH0ejQBvHs0Aex7NAFOfDQBgXw0AYJ8NAGwfDQBsXw0Adh8NAEAfTQBFn00ARh9NAEffTQBOH00AUt9NAFSfTQBV300AWF9NAFlfTQBaX00AXx9NAGAfTQBg300AYZ9NAFLc0EBU3NBAXUQ2gH8ENoBjhPaAekdXAJYHlwC0B5cAtseXAJI-4gCafuIAidCqgIoQqoCfWKqAhRxqgLPeqoCXIaqAoCbqgKBm6oCgpuqAqKoqgLHtaoClriqAu7AqgIswaoCnceqAkjMqgJw0qoCVd6qAqDlqgJ08qoCl_SqAvT1qgJZ-KoCB_uqAib7qgJC-6oC9wCrAqsFqwL2BasCJAarArIHqwJIDKsCuwyrAjkRqwJmEqsCuBOrAmgWqwIDGasCcxmrAqwZqwJjHKsCuRyrAlIeqwJZHqsCXB6rAoIeqwKgHqsCRiCrAsIgqwI5IasCZiGrAokhqwKiIasCNSSrAn0kqwKeJKsCciWrAkwnqwKbJ6sCDiirAnEoqwL-KKsCFCmrAhYpqwJpKasCsimrAsApqwLvKasCDyqrAlQqqwJ_KqsC3CqrAhQrqwLmK6sC47PFBew2oAytzmUOzKE1EdCT-xJZtfsSU8r7EmL--xKY__sSVAD8EucA_BJPAfwSZAH8ErgB_BI2AvwSTwL8Eulb0BNbn-oU-FZrGjxJ-kLotb1p&awbid_c=AKAmf-DYWHl7rwcBuRynaovdR2x2Y2Uxqhubr9aGkOxbHzqAV2Ytv_TigiEdxz1GmQtlPA5LsCjJJqiQ44-0OVUvx_ddGw2DyuKA51TpEnrdUe331R2gX3xOWRfhr7AyckNxuNm5GexfWQ_j5ufzoq2P5iwuIZjzTgZvOeJaNbjceEQ3Mot-1IA&awbid_d=AKAmf-BvRxeq7TlEn65kDDtvsLj4AtqnDiso1TGIkgbxONyc8IJgnIXT62mh8JMNnNy_JKYO9j0w1oNcAKe4IDydjPp8yyczpKrXDNMBDEg2Sd2w0fXfpuNGJLDKdDGj6MG35LbGZJ6HY4luSxgDWO8GbIruoIyMchAw-53XycvuC3rdB_AWQcZu6eD_ow0gC3WAxVevbAwgNw7pZEkUYvMJZ7bQTTRZ9gevOfVrejZXzXBlq2c1-4qcObbJ3d7wmGHADye0chdKVdy9e8ZOp-phh7W3D8RdcGsGv6WTCGu73Q49t3OrDaBHWpvLI3Szb1QHvCnkorKl4WMlKz30uGvlEgOEV3BCywpo4-GyPn4VgQauJn5E_i44KPXERfOq-fCvv2dcQGzMnACToxEvqpmagPVQWK4hKDPt2Z6Iszp1n1xezcyOiCYWmXt7t_UCHyxdR7kpk4ec_ybrUZ0t8dQu0zd3Rbyny-umJr0qBPZEgPBo2E5JH1FkRagFkFrClJ6_8rT45ZSmgljixvEFS5YUgo9VZlltoYecNq-1hdm5ygh4-HFM00lygyTSVcTTAujYmTrVqmKq22x_WiNBJFWdqJOmZS3u2KXxi6Up6ysg1bnamI_Z5UQN0b6ho88cK7HNtQshU8zKi204t6NpnekDDqIh2toatlfOPzaPKvoyteUXuu6Nq-3zgsLWL0nJKjmQxljLfBtEEb3KtW8NzOrJVkw3RHgk09c357OFH5SxKeDqJeJjzSEqZcO5Ao9YkGi_1l76lo2TscWFHM6CZwy1W2TWOkkhnboUPVfOcVXubuBhtdIN4Rk&cid=CAASBORoMiU&exk=1682835312&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YwyjxAAAAACZShAfdwF8at4OqgwpuoLz5iiNnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Aug 2022 11:32:20 GMT
expires
Mon, 29 Aug 2022 11:32:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Aug 2022 11:32:20 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 5949 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ph8r0Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0U1.woff2
fonts.gstatic.com/s/rubik/v21/ Frame 0505 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v21/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0U1.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
449e0e19df5442ea97aab5b9a9dfb975ba6ab440f61b4643aed6dc6cba26cf9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 00:36:41 GMT
x-content-type-options
nosniff
age
557739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17288
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:20:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Aug 2023 00:36:41 GMT
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame 0505 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 20:25:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
227186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Aug 2023 20:25:55 GMT
ins.js
s.trvdp.com/scripts/v5.765/ 		475 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.trvdp.com/scripts/v5.765/ins.js
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/6032.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-110.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d0657bc4496d96c7f52c0dc94897ad3f909a2ddbe9ac9568d719c2aefb136041

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 13:04:28 GMT
content-encoding
br
last-modified
Wed, 27 Jul 2022 11:38:00 GMT
server
AmazonS3
age
2845674
etag
W/"63ce8648eb8c1582aa2f96deec2797e7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
-237lufo3aeD3HOoZcNcw-DLnvU0An1uvYI244ofMTJ9zzIVQkz3lg==
activeview
pagead2.googlesyndication.com/pcs/ Frame 9BF7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWCw0j1IiMgYvS1gYRuINyhR_xJ-wW7zXeYeI4IK_yPf3A-K_58Sm2dog-w_twiT73w-FnfA0noA3RZbkcUhhKhJ7ZbUll1czKRpiSGrtHXmj96CXG&sig=Cg0ArKJSzB00YvSnqzUmEAE&id=lidar2&mcvt=1001&p=606,1035,806,1335&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220824&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3069031006&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661772739688&rpt=681&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cors
data.ad-score.com/score/ 		52 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=siakapkeli.my&l1=6032&l2=siakapkeli.my&l3=NL&l4=desktop&l5=5.765B&cb=0.4881665420770507
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.765/ins.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Aug 2022 11:32:21 GMT
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://siakapkeli.my
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
52
sodar
pagead2.googlesyndication.com/pagead/ Frame 9BF7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=1679003771417929&bg=!FhWlFVHNAAYUOm8VNDo7ACkAdvg8WqPx1D_scsJAZybSmSq_tlVX89GMhekBycURBwopMAjD_HA6xQIAAACAUgAAAAJoAQcKAC1Y8HG8wWvoBNX0dpGfOAYM0GrYL0PJMy3YDv5KznXGoheDNSazDiw9qUARAgGZAuZBZVk5DyLLNLPnH6y40zwj8QspDri1PnPM1nUyeGm9j6DnTWQYEmGUV0DZ34uPbeRGc7f9Ah0YRkJqK_VO7A-dCIFl63NQCsHJc_db5Wwk2ZMAQR_FgJUcFfi4XSzzP7FybCxA1clHAu4IKuu3MzJDDvhelpr4AiOk6SMwzzQJ42RoBL6BdzDYEWXuTLeT7g-rKoZHAvJHN5fU9tr0745uz_oeJ331SYlLmRzMeBrSTQumRrTTk3ZR-SeOh7luANPtXy3y7aWpTT2oQ3JT3orIHIPbhfjAb068zipadNaSs0kKk2ina64EflJIaYl25LpJENFlS7ShHdsNEb8vryr-eq1u9YxFJ0N-YAtwnkV0TXkiK-AGw8nQmFrkV89zI5bOINChoAX0PZUH686KxrMCoqnNyOZ2z1QSxf8n6KErWRD4cd2PIgjIACNJkurqSasjCecz2IrliZBIpmZTBSGyWzls650WaWKBlkZk08l3XgsMpQw0ZYxf6LHA18rI72e3pvBpd2cOYPSMiNH--yThzna94du4sTkq2rE1ycGso4x3Qfn1hPQpC1RdGkYXfuWpBMSCFOl480rLjmFXDTIzxkWjHRRzlqya0Wa3th69h500QTsXDbFiVDhywLAhx9M-nunWn0l3qFy3sQOYxX7tRZwH3TX-nwuBtvvg3D7hFM0SjJRl8Axtc3kSjZ1VpcvjVCvYhE_bM2PVAPPeKxAPAd7o0GK_YBixP8aa6tD7xNvrewU4BkOrtWLXbd7ZZ56xDhQuUnZI2s30mvn8748NsmnAd6K0tgA7nNIYLBeHdWa_5TqPxlzQ3X8HIZKZEl8K11M3fIxqGcFyziuZBiTHCZxBdttfDvk2KJCMvQIRYBGl6Up3a_u0wEeHED2PcaFQL__n-NSpMZIu0rJ5tRvl7uQu-HaW_aNlwoCw2bjCPm6VLr31YpdIYS5D5NyyUdVe6nDd_2eivBQvTfk_HGcKR70GERih
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsiakapkeli.my%2F&domain=siakapkeli.my&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=fOG-73w2ckhpb1RBR2xyMCtiT1FodWdWZlB6ZUFlRXdkblNKQTE4d1hDbzhFNngzK2llU21RQTJVRkFHVXVRcmc4RE1KeXZHcitvelRDMVh6MUtPZkUzM3AxS05nOGEvUVhTRjdZTUlyWER1ZkpIbXcvYXlkNXFWY2hBbi...
406 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=fOG-73w2ckhpb1RBR2xyMCtiT1FodWdWZlB6ZUFlRXdkblNKQTE4d1hDbzhFNngzK2llU21RQTJVRkFHVXVRcmc4RE1KeXZHcitvelRDMVh6MUtPZkUzM3AxS05nOGEvUVhTRjdZTUlyWER1ZkpIbXcvYXlkNXFWY2hBbisxUVJDNklRY0J4OU1LVmVhakFlckFRTDZ6czN4TmRCcFQvb0ZILzNHUnNqTHNoQVd2OXVvYS9XbW9VbkJ1Mms4UUZPUkQwYXY3V0pzdjFOZ2lNUTQ3dFEvTVR2OFJrVyt5VU9Lc2d3cFY2N0xVeXliTnFpS2Jpd2lobFprT3AxYStodkw2OWw3NXE3eFdGYk5rZkF2ZGVLVDlkOWwrQT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5bae3e48c0a81c77951bbbc4f9bad7bdd41b622bdc3921932bf779e8dfacb076
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:24 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3531
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:24 GMT
location
https://mug.criteo.com/sid?cpp=fOG-73w2ckhpb1RBR2xyMCtiT1FodWdWZlB6ZUFlRXdkblNKQTE4d1hDbzhFNngzK2llU21RQTJVRkFHVXVRcmc4RE1KeXZHcitvelRDMVh6MUtPZkUzM3AxS05nOGEvUVhTRjdZTUlyWER1ZkpIbXcvYXlkNXFWY2hBbisxUVJDNklRY0J4OU1LVmVhakFlckFRTDZ6czN4TmRCcFQvb0ZILzNHUnNqTHNoQVd2OXVvYS9XbW9VbkJ1Mms4UUZPUkQwYXY3V0pzdjFOZ2lNUTQ3dFEvTVR2OFJrVyt5VU9Lc2d3cFY2N0xVeXliTnFpS2Jpd2lobFprT3AxYStodkw2OWw3NXE3eFdGYk5rZkF2ZGVLVDlkOWwrQT09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1612
content-length
541
expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F27B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-184-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33279
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 29 Aug 2022 11:32:25 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 29 Aug 2022 20:47:04 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 1CE5 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 29 Aug 2022 11:32:25 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 6C70 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.209.6 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Aug 2022 11:32:25 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 086F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.9.160 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Aug 2022 11:32:25 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsiakapkeli.my%2F&domain=siakapkeli.my&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://siakapkeli.my
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://siakapkeli.my
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 29 Aug 2022 11:32:25 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1136
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 8C6C 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 29 Aug 2022 11:32:25 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
check.html
biddr.brealtime.com/ Frame C060 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Age
4411
CF-Cache-Status
HIT
CF-RAY
7424f74a5d2bb7ac-AMS
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 29 Aug 2022 11:32:25 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Mon, 29 Aug 2022 12:32:25 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
Iq7vMYuwm6BBL5qb+Ik+o2Mbh4u6ayHk22WKgnyW6Lq00k39CQU7C6k+wB5cTTy8abx8KzUCGFE=
x-amz-request-id
W8VCG0XRFMNASQC5
async_usersync.html
acdn.adnxs.com/dmp/ Frame F25E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_28_16_19_22.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.184.188 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://siakapkeli.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 29 Aug 2022 11:32:25 GMT
ETag
"623de86a-cf34"
Expires
Tue, 30 Aug 2022 11:32:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=&uid=7421493559337235145
0
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=&uid=7421493559337235145
Protocol
H2
Server
18.198.39.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-39-162.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=&uid=7421493559337235145
date
Mon, 29 Aug 2022 11:32:25 GMT
server
nginx
content-length
0
content-type
text/plain
pixelSync
pixel-sync.sitescout.com/dmp/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:25 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa-prebid.vidoomy.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=3946383378954944572
0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=3946383378954944572
Protocol
H2
Server
18.198.39.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-39-162.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 29 Aug 2022 11:32:25 GMT
X-Proxy-Origin
31.204.150.147; 31.204.150.147; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
84f10786-9f9d-4797-a913-c511c8beb82f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=3946383378954944572
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3Df1d7de81-b823-4757-9d45-c83dbc65cf4...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=1f09630c-a3c5-4000-bcee-f2b38edcbf7c&expires=30&ssp=vidoomy&bsw_param=f1d7de81-b823-4757-9d45-c83dbc65cf4c&gdpr=&gdpr_consent=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=f1d7de81-b823-4757-9d45-c83dbc65cf4c
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=f1d7de81-b823-4757-9d45-c83dbc65cf4c
Protocol
H2
Server
18.198.39.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-39-162.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:25 GMT
content-encoding
none
server
fasthttp
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

Location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=f1d7de81-b823-4757-9d45-c83dbc65cf4c
Date
Mon, 29 Aug 2022 11:32:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-L1mYMMlE2uGME.JlkjWZV3TyjKvTC9LK8HRYcHA-~A&gdpr=0&gdpr_consent=
0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-L1mYMMlE2uGME.JlkjWZV3TyjKvTC9LK8HRYcHA-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
18.198.39.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-39-162.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://siakapkeli.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-L1mYMMlE2uGME.JlkjWZV3TyjKvTC9LK8HRYcHA-~A&gdpr=0&gdpr_consent=
date
Mon, 29 Aug 2022 11:32:25 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
PugMaster
image6.pubmatic.com/AdServer/ Frame F27B 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75057412&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:25 GMT
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame 0041 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2115e29f9d4ec594906b2d5ad075f1dae30f20e0d86d8913a34b1af807692aaf

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7424f74a1d2cd0d1-AMS
content-encoding
br
content-type
text/html
date
Mon, 29 Aug 2022 11:32:25 GMT
dropped-udsids
130|65|111|64|46|190|8|17
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUbN0BL5s4Iq6iNgwGCgDvMM3Od%2BXz4vV9XIVuQJwwXcefhCD6bjwXhgTgFvHsSu62xiyPMAPCF%2B58fMMZYzqY8l9VbXDVHAkkKAMHllh2XC43iBObUOPtPXMPu%2FfJsHe7T%2FXMpRZdOm%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=fOG-73w2ckhpb1RBR2xyMCtiT1FodWdWZlB6ZUFlRXdkblNKQTE4d1hDbzhFNngzK2llU21RQTJVRkFHVXVRcmc4RE1KeXZHcitvelRDMVh6MUtPZkUzM3AxS05nOGEvUVhTRjdZTUlyWER1ZkpIbXcvYXlkNXFWY2hBbisxUVJDNklRY0J4OU1LVmVhakFlckFRTDZ6czN4TmRCcFQvb0ZILzNHUnNqTHNoQVd2OXVvYS9XbW9VbkJ1Mms4UUZPUkQwYXY3V0pzdjFOZ2lNUTQ3dFEvTVR2OFJrVyt5VU9Lc2d3cFY2N0xVeXliTnFpS2Jpd2lobFprT3AxYStodkw2OWw3NXE3eFdGYk5rZkF2ZGVLVDlkOWwrQT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 29 Aug 2022 11:32:25 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1069
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ie
match.prod.bidr.io/cookie-sync/ Frame 0041 		0
0
rum
dsum.casalemedia.com/ Frame 0041
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661859145&gdpr=1
43 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661859145&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7424f74f4945b7f1-AMS
pragma
no-cache
date
Mon, 29 Aug 2022 11:32:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fk6%2FkfajcXxw3OmMcaxQ6moh6T9%2FBbRolWDOqZdMRn2hvELVHaT4Yn8U2H1URJTTQ8keBJ%2BX2NesDJJaomiP3Ec7aZ%2FsFF4WyKN4BmVk4w857mjsifkIP2F2Ee4J6kdOAh3tikCC"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661859145&gdpr=1
pragma
no-cache
date
Mon, 29 Aug 2022 11:32:25 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
match
c1.adform.net/serving/cookie/ Frame 0041 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:25 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0041 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:25 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
getuid
secure.adnxs.com/ Frame 0041 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
getuid
ib.adnxs.com/ Frame 0041 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
ix.gif
beacon.lynx.cognitivlabs.com/ Frame 0041 		0
0
/
b1sync.zemanta.com/usersync/index/ Frame 0041 		0
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 0041 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YwyjxHvekt9.CuDihv-SaAAA%261184
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:32:26 GMT
cf-cache-status
HIT
age
16
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
content-length
43
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
etag
"761e21-2b-546dc3a097100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7424f74f483b426c-AMS
expires
Mon, 29 Aug 2022 15:32:26 GMT
usync.js
eus.rubiconproject.com/ Frame 086F 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.9.160 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
72bbfee7a6b83380fdc2cb0c51f0fa6d9e814b9bf654dd9e01d181efdfd0194e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 11:32:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:18 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=63224
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9377
Expires
Tue, 30 Aug 2022 05:06:09 GMT
async_usersync
ib.adnxs.com/ Frame F25E 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Aug 2022 11:32:25 GMT
X-Proxy-Origin
31.204.150.147; 31.204.150.147; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
3d8c2a6f-6870-4cbd-94bd-ece2503dffc1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
token
token.rubiconproject.com/ Frame 086F 		0
0
tap.php
pixel.rubiconproject.com/ Frame 086F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOxKaQWJ7S_QQik-CVdrpNg&google_cver=1
0
0
709414.gif
id.rlcdn.com/ Frame 086F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
dcm
aax-eu.amazon-adsystem.com/s/ Frame 086F 		0
0
rubicon
match.adsrvr.org/track/cmf/ Frame 086F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 11:32:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
token
token.rubiconproject.com/ Frame 086F 		0
0
token
token.rubiconproject.com/ Frame 086F 		0
0
dcm
s.amazon-adsystem.com/ Frame 086F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Domain
beacon.lynx.cognitivlabs.com
URL
https://beacon.lynx.cognitivlabs.com/ix.gif
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOxKaQWJ7S_QQik-CVdrpNg&google_cver=1
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=25470
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=36584
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

Verdicts & Comments Add Verdict or Comment

232 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| googletag object| twemoji object| wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ggeac object| google_js_reporting_queue function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| sas object| adloox_pubint object| anymindTS function| startAnymindTS object| PWT object| atspbjs object| ajax_tptn_tracker function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| gridlove_js_settings function| objectFitImages function| EventEmitter object| eventie function| docReady function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery object| ai_front function| b64e function| b64d number| ai_jquery_waiting_counter undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active boolean| ai_tracking_finished boolean| ai_js_code function| ptag function| ai_process_lists function| ai_process_ip_addresses function| ai_install_standard_click_trackers function| ai_install_click_trackers function| ai_process_impressions object| adbro function| abdro_init_function object| Handlebars number| blockedPercentForAddtlConsent number| numberBetweenZeroAndOne boolean| isBlockingAddtlConsent boolean| sas_blockAddtlConsent object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd function| owpbjsChunk object| owpbjs object| ucTag object| OWT object| atspbjsChunk object| mnet object| Criteo object| GoogleGcLKhOms object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_128 object| Criteo_identitytag_128 function| lotameIsCompatible function| sync16589_c function| sync16589_d undefined| sync16589_e undefined| sync16589_f undefined| sync16589_g function| sync16589_h object| sync16589_j function| sync16589_k function| sync16589_l object| sync16589_ object| sync16589_la function| sync16589_a function| sync16589_b function| sync16589_i function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_aa function| sync16589_q function| sync16589_r function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_ba function| sync16589_ca function| sync16589_v function| sync16589_da function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_ea function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_fa function| sync16589_J function| sync16589_K function| sync16589_ga function| sync16589_ha function| sync16589_L function| sync16589_M function| sync16589_ia function| sync16589_ja function| sync16589_ka function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Z function| sync16589_Y function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_4 function| sync16589_5 function| sync16589_ma function| sync16589_3 function| sync16589_7 function| sync16589_6 function| sync16589_na function| sync16589_8 function| sync16589_oa function| sync16589_9 function| sync16589_pa function| sync16589_$ function| sync16589_qa object| lotame_sync_16589 function| __esp_getUID2Async object| __uid2 object| pbjs object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_image_requests object| ai_check_data object| ai_cookie object| brWidgetInit object| truvid_protected function| arrive function| unbindArrive function| leave function| unbindLeave

44 Cookies

Domain/Path Name / Value
siakapkeli.my/ Name: PHPSESSID
Value: p1bo2kgvvs3s8opr8gk04qbhvo
.siakapkeli.my/ Name: _ga_XYKC64V3NY
Value: GS1.1.1661772736.1.0.1661772736.0.0.0
.siakapkeli.my/ Name: _ga
Value: GA1.2.612483709.1661772736
.siakapkeli.my/ Name: _gid
Value: GA1.2.1581468169.1661772736
.siakapkeli.my/ Name: _gat_gtag_UA_62716246_1
Value: 1
xhr.invl.co/ Name: AWSALBCORS
Value: EupEw8x+Gev0O5FXhAjvSatenFrp8kCgT91s5DVBonmuIM4Cr5GbgthTbs4P6h4+qbo5TM7yY9udGT2Kv09jesYzTw5S6tkCGmJXGVt0Vy102G11NfD/gONmc4n+
.siakapkeli.my/ Name: __cf_bm
Value: iABdpm69qImxrCnG1v5W70uOWm1j5.dUY8G8GYkv170-1661772737-0-AUXYBrIKn6m2DtZYbyP46nh7yDwhiFPuj9RHR5cJfBiskMLY9lyL48O77SdI9EppW1ypdz8tJeSm9+7s6QbN+jioYqUVPyKrFOCH7DIzplQWwugWu1tgAa4Gw1A1RbySjg==
siakapkeli.my/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.siakapkeli.my/ Name: _pubcid
Value: a6fdf1a4-46ad-4680-b157-7519cf9ad8f8
.rubiconproject.com/ Name: khaos
Value: L7EOKZ3I-1P-BYPS
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qq/qa7QgBYfe+fhqFI7AU9U903mtsHdljCkG7c5wbH6XLOUeJTBrR4eLYZCvcXU+1w+YlvmjJDClTm05Xhm+qskudG7ymXM6VE=
.criteo.com/ Name: uid
Value: 7b388d58-b282-4a47-85ee-bc0c61298a0f
.openx.net/ Name: i
Value: 3ef8473c-f073-4d52-8b90-c03219c6c97c|1661772739
siakapkeli.my/ Name: pubmatic-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-08-29T11%3A32%3A19%22%7D
.siakapkeli.my/ Name: cto_bundle
Value: 0W6jK19GNUlmMU96eVRvQzRzWEFTNmY5SVU3bldwVjJCOHk2Y21KekkxdUpvMk1kYSUyQkV3Mk9yblV5R2RtaERFV0FaazJVVDJZZ2N0NmgzOVNQSTk0dVZtb3RaYkRhWkdmYWJSWSUyQm9mYm05UmM1akthQXNKSXd4TmF1JTJCSTNhRTdHNVlYY0h3a2tOUzdkNlNJdDZudjliajR2QkElM0QlM0Q
.siakapkeli.my/ Name: __gads
Value: ID=32b76a1cd0524d07-22b202f208ce00ff:T=1661772736:RT=1661772740:S=ALNI_MaqMgz8v7hKysWKuDFTZjlw3am-bw
.casalemedia.com/ Name: CMID
Value: YwyjxHvekt9.CuDihv-SaAAA
.casalemedia.com/ Name: CMPS
Value: 5134
.adfarm1.adition.com/ Name: UserID1
Value: 7137259571694532756
.simpli.fi/ Name: suid
Value: 90062ED350C34CFABC78B9CE39542BB5
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0a0fb0d3-b846-4f35-bc07-8edc7578332e-003%22%7D
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7421493559337235145
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0a0fb0d3-b846-4f35-bc07-8edc7578332e-003%22%7D
.doubleclick.net/ Name: DSID
Value: NO_DATA
.casalemedia.com/ Name: CMPRO
Value: 1184
.casalemedia.com/ Name: CMST
Value: YwyjxGMMo8QA
.casalemedia.com/ Name: CMRUM3
Value: 7b630ca3c405a0&ce630ca3c405a0&39630ca3c405a0&58630ca3c405a0&5a630ca3c405a0&b0630ca3c405a00&03630ca3c405a0&98630ca3c405a00&27630ca3c40b40&2d630ca3c405a0&04630ca3c405a0&49630ca3c405a0&2e630ca3c405a0&f1630ca3c405a0&0b630ca3c405a0&e6630ca3c42760
.yahoo.com/ Name: A3
Value: d=AQABBMSjDGMCEOwXKpNuzPFZEEqn9bPrt_AFEgEBAQH1DWMWYwAAAAAA_eMAAA&S=AQAAApSVqKoZZJsQHkghL7np_Lw
.blismedia.com/ Name: b
Value: 630CA3C4EBAEB649672762A3BLIS
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22A25B4A2A-C8A0-4C4C-968A-9DFA8E7CC981%22%7D
.turn.com/ Name: uid
Value: 3710702394994080249
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MgIiS2NzEwtzC0tLIT5DXRNdwxLnvJKQ5MzkIgDTG4hpJQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MgIiS2NzEwtzC0tLIT5DXRNdwxLnvJKQ5MzkIgDTG4hpJQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmZobm5kbmJgaWgBAPU4M3EQAAAA
.tidaltv.com/ Name: tidal_ttid
Value: 91038fd3-99c1-4c19-8ed0-f7e1e65fad41
.doubleclick.net/ Name: IDE
Value: AHWqTUk00hYU95a1JMSxkUP8tiW1uzJfYQvGN3C1oK-HTmsdTaL8oH2nmhNCEKBkM3U
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjIysTI0sgAAt+OjiQkAAAA="
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-25eb9fde-c82e-4aa9-7d99-53ab31cec3ab.N8wEDj%2FZng5WzLJE1dYoASjsW2F0Z8vB8%2F9%2BMRmfTlQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AJeuf3sguSql9mVOrMc7Dqx_MlpM.0eDeLzrpLcyMXFmDpn9u7oqqXR2Y7MnRkSsJB1PhxwM
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YwyjxQADPum7lABN
.mathtag.com/ Name: uuid
Value: 1f09630c-a3c5-4000-bcee-f2b38edcbf7c
.casalemedia.com/ Name: CMTS
Value: 1213
data.ad-score.com/ Name: token
Value: VoVmZIUcBGtVP-c3l6-jEuehKeLffogI

11 Console Messages

Source Level URL
Text
other warning URL: https://siakapkeli.my/2022/08/29/saya-tolak-sumbangan-jika-tahu-sumbernya-daripada-aktiviti-haram-ahmad-zahid/(Line 289)
Message:
Unrecognized feature: 'web-share'.
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

051e4b394c7113b124ebc339d0be7e84.safeframe.googlesyndication.com
a-prebid.vidoomy.com
a.vidoomy.com
a2171.casalemedia.com
a300.casalemedia.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
adasia-d.openx.net
adnetwork.adasiaholdings.com
ads.pubmatic.com
ads.travelaudience.com
adservice.google.com
adservice.google.nl
anymind360.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bidder.criteo.com
biddr.brealtime.com
c1.adform.net
casale-match.dotomi.com
cdn.adbro.me
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ced.sascdn.com
cm.adform.net
cm.g.doubleclick.net
cnt.trvdp.com
d.vidoomy.com
data.ad-score.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id.sharedid.org
id5-sync.com
image6.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.ad.smaato.net
prebid.media.net
prg-apac.smartadserver.com
prod.uidapi.com
r.casalemedia.com
region1.google-analytics.com
s.ad.smaato.net
s.amazon-adsystem.com
s.trvdp.com
scontent-ams2-1.xx.fbcdn.net
scontent.xx.fbcdn.net
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
siakapkeli.my
sk-bucket.sgp1.cdn.digitaloceanspaces.com
sk-bucket.sgp1.digitaloceanspaces.com
ssum-sec.casalemedia.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
sync-tm.everesttech.net
sync.1rx.io
sync.extend.tv
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.tidaltv.com
tag.adbro.me
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
xhr.invl.co
aax-eu.amazon-adsystem.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
match.prod.bidr.io
pixel.rubiconproject.com
s.amazon-adsystem.com
token.rubiconproject.com
103.229.205.243
103.253.144.208
104.17.120.107
104.18.18.126
104.18.19.126
108.138.17.94
13.248.245.213
13.32.99.110
130.211.115.4
141.95.98.68
142.250.184.194
142.250.186.66
143.204.89.70
151.101.2.49
169.197.150.8
169.50.137.182
178.250.0.165
178.250.2.146
18.158.113.209
18.198.39.162
185.170.60.202
185.80.36.212
185.86.137.114
185.89.210.46
185.89.210.90
193.0.160.129
198.47.127.19
198.47.127.22
2.18.79.142
2.21.184.188
2.21.184.200
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
205.185.216.42
213.19.147.44
23.106.127.48
23.47.209.6
23.47.209.72
2600:9000:206e:5600:1b:5138:8a40:93a1
2602:803:c003:200::51
2606:4700:10::6816:30fd
2606:4700:10::ac43:266a
2606:4700::6811:180e
2606:4700::6812:c4c
2a00:1450:4001:800::2002
2a00:1450:4001:800::2008
2a00:1450:4001:801::2004
2a00:1450:4001:812::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:830::200e
2a00:1450:400c:c08::9a
2a02:2638:1::13
2a02:2638:1::3
2a02:fa8:8806:12::1370
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:200::485
2a04:4e42:400::645
2a04:fa87:fffe::c000:4902
2a05:d018:24:b002:d4fc:f527:7aed:872f
2a05:d018:d29:3601:ebd:fba0:5325:a4e6
2a06:98c1:3121::c
3.12.169.211
3.122.40.23
3.126.56.137
3.65.55.62
34.102.146.192
34.107.148.139
34.120.107.143
34.95.81.168
34.96.105.8
35.190.0.66
35.244.159.8
35.244.174.68
35.71.131.137
37.157.3.28
37.157.6.242
51.89.9.251
52.204.37.210
52.214.46.176
52.222.214.49
52.222.236.18
52.46.155.104
52.54.46.88
52.76.118.250
54.200.17.135
54.72.151.170
66.155.71.25
85.114.159.93
92.123.9.160
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02279a092440015a227a4ff51563238b15bee4c9aea55fc03de78e288db886d6
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92
0ae51db89330e3d61d87364e57c605b15f457b5e7a13888ca8309f5cf0052d4e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
12920bb26cb0b7714c05bd4996b30d5991d5878e4daa8718a278ba37e3a0cc7c
13385bc296bb2dc9cac61d19963d6868de43445187fdb91b6980e892773a1c37
145a4e4c52c420d17fbe52a2bb7112e297a92b36129c27e75817343dea28fd22
156a976781b5a5ed81641824f0b66adde9275436ac1872c5233f57c43e3c4612
170b6d52592297bdada87342ee813aba025c271da5c10de96e0d37512f306370
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b104d385dba883c61ff7c11eca00ac154430c42f2d62c98de1567b57d2d98e6
1c5508fec8820bbbe6cbcb8a88149a25ce5a80fbfaf362810b7850fa9c3cc3ad
202fd856715c95ea9c24a50ea4596400d512462a291d097ccb9655b4c7e51097
2115e29f9d4ec594906b2d5ad075f1dae30f20e0d86d8913a34b1af807692aaf
239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0
23f62d25e778f1cf1220aad8dd2a9155d195e9eeab8d706e3b8dd69533c3b13a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27b69cbd90055b356bd4c1c4432339df600f81af082c649f37eac83629b82141
2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c78ca1838bdf90ab875f3e92e545069a827fd41f2301e00b570d033f86b1ced
2e816e393281d62da2dabe5afa2a1fa84b9305a037904f04546b3d00e17f8ab9
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36d774c1165ee2038184e44bb698ade39c2341b3ee13045e3fd3de74251ab274
3ac59cc65518803816232b13dec7a4b7ca3be9c37264b6f06f3d4af132dc4670
3d4d082fd9cda40cc1f1079818a807a09a53ba012be168ece1995121d7a62892
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
40db0eac9f4b63e38ed3224be256d302bc29476505422ba19a5920df374305a3
4150b55cfb32c46c189135772c9ac2e76f120eb9346168c16e94a0ad165cda1d
420aa7c1d96c4bec5287b97f5de519aed454b232b4fa2253cdab4eb5d081dc27
449e0e19df5442ea97aab5b9a9dfb975ba6ab440f61b4643aed6dc6cba26cf9c
483a4fdfc56fb9d51ab02fe709b7a4d353005f0662f6833785e1539cf39fee34
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a05bd5b7e6899c60dc8439d383c40d3676cee3182a64719396fddafb5a22cb5
4a8bbb47122a9c68f5b98358df4fb5523544174184af43b057c688ceedf16d38
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b4f0cea19b48f7dcf4bb6b36d97969942927e2ca2f61958646e5e68585e930f
5bae3e48c0a81c77951bbbc4f9bad7bdd41b622bdc3921932bf779e8dfacb076
5bb7848d31f0adbf0b556fdea153b4e118eb60c3a768896c9dbd7518bef1b3b8
5f1dbd128d2dbea474c6e9b5a16846cdecee00cfd8327c4f557ca0769e9656f0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624026baa34887bce2caf6feb629fb5472a4ccdab7fe3e6d9bda4fcaf5a47a22
63d24113f70ea575118a3a4c2ade73b15cc78dfd333d0de0671b1348f807d177
67f773b8165c40ef5268fc3fb8dafcde7d476050dab58d46e288da44c917a69c
690752537edc9cf0d88a8f361f84aef0d551bc7a753bfde17715ffb829abfb8a
693942041877e7d0f600685b0b637fc744e8198bd33082d40b476637865fa216
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cce90e944e79ff8a47eb85a04ab7d402cc873622cf6bf8cb1d2262a11cabf96
6cd169caaa5e5045647328ebe3c847acd6f40e0927c58a6a15c8baca72b4f8aa
6e03307e9c4699e6b0c40dea04b81b2fba77aa78eed2b33d314adfebd0c65ddb
6f2a35e0b9b2bb26f81bb61b409639bf7ec48ffa4e203f015a820157fb25b318
728f187d0488bda43367a6bee1f3ce789173952ce5d6d0ac663f612189dec182
72bbfee7a6b83380fdc2cb0c51f0fa6d9e814b9bf654dd9e01d181efdfd0194e
72c0a71edbb9542e13bd1b95045d742d7acee3ce8f78aa51399f61cee7e492fb
77f198dd7335ff424de288c16a68b57a0bb8061a93566b8359597bacd692b9f9
79e87ff58df786f598669762a3135ffe896fbbf19e15e8a0efaebf59aeb30fe7
7ad0e4800287d61b6757e2e5f1929d3c2ea6900cd6b119a91db82a040b0020d8
7fde7329b15a4d1abee58ed40faf598a3469f02bb17d6889a235657ae84befa2
80242ea050d1312e71e369791b2d23e5e1dbcdef20ea43d22fce11053141b7ef
8141aa0e1fd2ea4751b1a809f41c2f544b37bcbbe156643aa031fbb76779e1a9
815564293529e8a1273e2d86754ea536392b6bfa1e9d98dadd708d3268e30c21
81683dd6e9edf61c6606f28fb7b7261b7b88ea30e286d0a132f63c5ff42a2678
81ebc5583a657ee756977210741840b379049078684628025c6f98a677076fca
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
85d00a0674f1d793ab72cffa9f5cd6563037f1ce8c9034a6893d11f98b34e329
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8704f607741a4e0a4d82cf024d026c9e7c1d65241250c2223f31dca29a07dc15
87790b81d9cc99d100bc5996e0f70701a922877b1f7f9afc3146d4b17522b510
899e3013266131f77f2ae98f1ee2caa78eeffd29d29d7d9466d29109b6007ff1
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b9b11a7948d2d5dfedcb0f622b68945cedf9c74611237886ca5a3692b4688d0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e5bf6072983b026d124a67a0e769c5c3eb591f53a4fc0f97dd2d1bb722649db
8ee6a829478761f158d239ceb4dd636ae4e703dc1970057c71628549d1de6d14
9041d8c49a0ec40b63b1607094ac92c06187e3391959074af149ea5c5f209ee0
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
91292b9cdf7a8015c10adc80a9b225e6d4f4342d2c2dfc58c3fe3f73fa245328
9188cd7d4776caa997d40ef5a74abf4908e84d55de744605a3b57e248b3d0117
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91c90926e067942ddf4c93eac3e959a3c49eabf7e59be9ff1e33f645e8b496b7
92ac78bb63f8fe3d36033c918b8a027e1bb3f2a285739a6c8b4b2c363179a8a9
93d6876fcddefb0140cc1c86bb6f9d8b3f437b46090d4e0e7d103a3e8c93e20c
9523c49b34773652c08493672083c5cc9ddc995b9b73a468d22a54a1efdbddc9
96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
98fe30f382b2b529d1d163539c5a866718b38ddd778b704c8c4e84eeed9da15c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c086afdc97ea39653c629050f03b1d3c9fe6713ed42e0cea3b91e8a0a73c736
9d54849bd13f04e00c62235d9814a7cc4ba3fa644c1b1fc60af868a7f87c8dc4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2ce3e0151c7d493420f17d3c06fd94839d414d655838e34c605ff993c4d3cfd
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5769109d19889439c30927860fa1ea6aa23b9a2b443bf69dcadb816743a38ce
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
aea339c0379bdf6d66bbcd1f7671373468be82cbae34169aaebda9503ae8ad0f
b115cccf8f40a47e153fbd79f4cb18488f4cc952ccb40881f120e5f21dd39a63
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b45b9497d3293b6ba6b18bdb7222f1981cb5b75fe75a09adc80154f03218440b
b4600adad31dc74c34a23d15f3deb3e35a40e0588e354289c01b4429865e222d
b47eb2c147c468eb6aa9c3ba546db61b822d6d7be251f41e06aefc0d3c828163
b8cd6a935771c335b708ce50bb07ff972f1e8d65185231435365bb0a66062411
b96809c7445a71d16a77253355bf0849dd747766305640346feda972c466aa93
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd83261bfe235268f3a2ba07af32fbc3128697ba75174d68c97d029204cbd912
bdce95953cb206deb3f32cbf2ef8148488d546fc0d17546d765b1ca70ec6e444
bf0fc0e495c936ef8854651382a5f9af6832bc3bc7814047226f34ba79489861
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c1a54f94514b436a4d9e913a18e241a46e58301a496ea8496fe91b1e20c84e6b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c272c6ddd4f70ef6328798da8aaf081a33636682bf89e555bbbd9251e15ddbd4
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c55f1e96c2c7fc4bd9d9c8cd43f656fb17132a03c1eaf0978c14146287e09671
c717b7d2f4dd07636fa38bf546ea63905199004a8bc89e53ca27cf0f3a19cba5
c748d1a4678726f8a025454dfded8489d97e9a5269eb10123d1f5b8ab6890e4e
c75ffba8a58ef25be5cf6f7e1e6ac9bb55db8f058b93526203b9d97fd445f591
c7fa0824f1610582bda428574e4e78c9d295db61644a4e80ce5eaa414566036f
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604
c9cb18ea76b5dbd40e8824323035c63266c389b046c785dfc12451c1043699f3
cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0
d02b2816156c0b65f812c399f986ff60c44d1de45efc634ed460e1cffb538315
d0657bc4496d96c7f52c0dc94897ad3f909a2ddbe9ac9568d719c2aefb136041
d0a77e495359613dd0f75850a9b9a541f059b6f215c76acddb418bedb7a2cf6b
d0dc0da1d79307dbaaa34e234f044e906e49cb4b3ccad5bc04afdc3cc8e81383
d261205cf1f286a5d6255461ac2332f0c24327323aa37cbabc04886411b2f9d2
d4b9284a97b56b07179f8876dcb58a12d6d381d67ec0c8eceb650af78d3328a1
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
db5c23bd3cbf5abddb3b4252e3777d9d38eb7cbcef8749da98e0a0a9040120d4
dbaa4a1ab66e5872add9c74745b043698d73ad92f01ea04abf1734e4bd611d53
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
ddb5f37e49e5bb129115dc56bf737c89b3a27770107d3c24abe60b2cec84460e
de196fa938446c7486bcecc14b72919df6f78871a4af22c4f168a2785a0139ff
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e101dba70583875d7b02a9f69c5849db15d5fcbc609ad5a80b9835ee73a0d9c1
e1517f6fa9990ebfbfb0adf264264c31f14f6cf44ad1dcfcfcfce805c42adbc5
e1c132d90c6034289b0e2d3178e190ad5832dbf6f2bcb9f895345d80c3172a63
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44c51c44d98e56e70bfdd2a2a9fe73171015812ac7cdb4ce599b66f92b8fde1
e4d15ff27116f81096ffb8c4d0ee96805cf9fad3c4837847ea7f64ad96dad610
e55617270594cd6380118c8c85d2bb4af1db5a7cbe998a7cb6bf9dd9059b9d05
e97961c8293adfe343529b77e0a25a3035a6c009bc134f5532b473f3180709af
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f019c9125d6524165823a3f6e41921900a3fbb2d83789d661586f4e156b39a8e
f0dfa59d2d5b22de466062abeb088f91bd19db3d070ccf8d7549da7e05749e78
f0e50a930ba26959f6ea1a150132131255d537214eb745a0f7d47abab3297537
f4586a8ff3624c10184b9bf2455417972690998d7cec5667a33c0e599814aa37
f4ca23efbb5675de2d852f470890e0d779e7be9bb9ce7ee1b1002ac115d3391a
f6e4532edf56676eef680bc8e099667bbb926c4bfca1a57e8318b8f83fc58837
f882756b47651b0f3e87b7031f4d98412c1f2b43fc6cfa900285b8d00a3d3c11
f976f171923cc1ae4aad0617193dfca0addd7f4211cee228a0fe2738c120e097
fa1a6d4bb65840edc7b4f73e3375396bcb77da51f4993295ae2000ddecfc60d4
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fd064d34f0dcc0443cc49b5f5ce493154c57a3b3b402935bbbe2d75c9599d7d7
fe4ab65ab82cc6ddedba1303167ee5ff1907b453b65efe73c4bd55e8ea896aea
fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869