urlscan.io logo urlscan.io
SecurityTrails logo

www.thestar.com.my Open in urlscan Pro
65.9.68.115  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Submission: On December 06 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 107 IPs in 12 countries across 86 domains to perform 545 HTTP transactions. The main IP is 65.9.68.115, located in United States and belongs to AMAZON-02, US. The main domain is www.thestar.com.my.
TLS certificate: Issued by Amazon on August 16th 2021. Valid for: a year.
This is the only time www.thestar.com.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 65.9.68.115 16509 (AMAZON-02)
93 13.32.22.15 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a03:2880:f01... 32934 (FACEBOOK)
6 104.75.88.126 16625 (AKAMAI-AS)
30 142.250.184.226 15169 (GOOGLE)
2 93.184.220.66 15133 (EDGECAST)
1 52.219.128.62 16509 (AMAZON-02)
29 13.35.253.81 16509 (AMAZON-02)
3 8 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
5 2.18.234.190 16625 (AKAMAI-AS)
7 2a00:1450:400... 15169 (GOOGLE)
1 2.18.235.40 16625 (AKAMAI-AS)
15 52.219.133.34 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
4 64.202.112.159 22075 (AS-OUTBRAIN)
2 178.79.242.16 22822 (LLNW)
1 2a0b:4d07:1::1 44239 (PROINITY ...)
7 2a03:2880:f11... 32934 (FACEBOOK)
3 147.75.85.120 54825 (PACKET)
1 10 37.252.173.38 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 4 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
9 2.18.232.28 16625 (AKAMAI-AS)
9 2a00:1450:400... 15169 (GOOGLE)
1 13.228.188.75 16509 (AMAZON-02)
1 3.129.250.65 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 13.35.253.28 16509 (AMAZON-02)
1 95.101.27.33 20940 (AKAMAI-ASN1)
1 151.101.114.132 54113 (FASTLY)
4 2606:4700::68... 13335 (CLOUDFLAR...)
27 2a00:1450:400... 15169 (GOOGLE)
4 2.18.232.7 16625 (AKAMAI-AS)
8 151.139.128.11 20446 (HIGHWINDS3)
2 2 66.155.71.25 13768 (COGECO-PEER1)
2 3.122.218.60 16509 (AMAZON-02)
5 5 18.196.195.54 16509 (AMAZON-02)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 99.83.189.147 16509 (AMAZON-02)
3 2.18.234.233 16625 (AKAMAI-AS)
1 64.74.236.159 19024 (INTERNAP-...)
1 188.65.124.59 41690 (DAILYMOTI...)
1 188.65.124.90 41690 (DAILYMOTI...)
5 2a00:1450:400... 15169 (GOOGLE)
1 151.101.129.131 54113 (FASTLY)
1 35.186.249.84 15169 (GOOGLE)
1 2 185.94.180.126 35220 (SPOTX-AMS)
7 146.20.132.73 27357 (RACKSPACE)
1 104.244.42.72 13414 (TWITTER)
3 116.202.80.165 24940 (HETZNER-AS)
2 13.232.101.246 16509 (AMAZON-02)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2600:9000:205... 16509 (AMAZON-02)
1 13.235.123.107 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 65.9.68.42 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2600:9000:211... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
17 146.20.128.58 27357 (RACKSPACE)
1 13.32.22.18 16509 (AMAZON-02)
1 13.35.253.27 16509 (AMAZON-02)
3 13.32.29.201 16509 (AMAZON-02)
1 34.249.212.247 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.49.172.98 16509 (AMAZON-02)
1 34.107.231.31 15169 (GOOGLE)
1 69.16.175.42 20446 (HIGHWINDS3)
4 2600:1f18:612... 14618 (AMAZON-AES)
4 37.157.6.252 198622 (ADFORM)
1 6 18.195.249.59 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
2 2600:9000:206... 16509 (AMAZON-02)
16 2.18.233.180 16625 (AKAMAI-AS)
4 4 35.157.241.218 16509 (AMAZON-02)
2 5 3.126.56.137 16509 (AMAZON-02)
5 5 142.250.185.194 15169 (GOOGLE)
3 3 151.101.130.49 54113 (FASTLY)
4 4 52.223.40.198 16509 (AMAZON-02)
3 198.47.127.19 62713 (AS-PUBMATIC)
3 4 37.157.3.30 198622 (ADFORM)
2 2 213.155.156.183 1299 (TWELVE99 ...)
17 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
2 2 185.29.132.241 30419 (MEDIAMATH...)
2 198.47.127.20 62713 (AS-PUBMATIC)
1 2 51.210.112.236 16276 (OVH)
2 2 34.254.143.3 16509 (AMAZON-02)
1 169.50.137.182 36351 (SOFTLAYER)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 185.64.189.111 62713 (AS-PUBMATIC)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 3 54.77.6.213 16509 (AMAZON-02)
3 3 213.19.147.45 26120 (RHYTHMONE)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 47.252.78.131 45102 (CNNIC-ALI...)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3.19.190.206 16509 (AMAZON-02)
2 35.190.74.49 15169 (GOOGLE)
1 52.57.42.190 ()
1 1 23.88.75.186 ()
1 1 94.23.171.206 ()
1 2606:4700:20:... ()
1 195.5.165.20 ()
1 1 159.65.197.210 ()
1 34.254.122.11 ()
545 107
8    65.9.68.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-115.fra56.r.cloudfront.net
www.thestar.com.my
93    13.32.22.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-15.fra56.r.cloudfront.net
cdn.thestar.com.my
3    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a02:26f0:6c00:2bf::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
scdn.cxense.com
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
6    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
30    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
2    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    52.219.128.62 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1.amazonaws.com
s3.ap-southeast-1.amazonaws.com
29    13.35.253.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-81.fra6.r.cloudfront.net
apicms.thestar.com.my
8    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a02:26f0:6c00:2a7::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
5    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
amplify.outbrain.com
widget-pixels.outbrain.com
7    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
15    52.219.133.34 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1.amazonaws.com
s3-ap-southeast-1.amazonaws.com
1    2600:9000:211e:e00:1c:47d:4bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
tw.netcore.co.in
4    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
log.outbrainimg.com
2    178.79.242.16 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net
api.dmcdn.net
1    2a0b:4d07:1::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
survey.survicate.com
7    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    147.75.85.120 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
api.cxense.com
10    37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
11    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
adservice.google.co.uk
googleads.g.doubleclick.net
5    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
e66e4ff9650e16c05403fc85f0686c39.safeframe.googlesyndication.com
4    2606:4700:10::6816:30fd (United States)

ASN13335 (CLOUDFLARENET, US)
tag.adbro.me
cdn.adbro.me
apis.adbro.me
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
9    2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
9    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    13.228.188.75 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-188-75.ap-southeast-1.compute.amazonaws.com
sites.thestar.com.my
1    3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
ads.vidoomy.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    13.35.253.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-28.fra6.r.cloudfront.net
sb.scorecardresearch.com
1    95.101.27.33 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-33.deploy.static.akamaitechnologies.com
osjs.netcoresmartech.com
1    151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
4    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
27    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
t.teads.tv
8    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
ad.lkqd.net
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    3.122.218.60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-218-60.eu-central-1.compute.amazonaws.com
a.vidoomy.com
5    18.196.195.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-195-54.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    2a05:d018:d29:3605:15eb:8f8e:fe0:229e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    99.83.189.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae6a0aaac8071ff4b.awsglobalaccelerator.com
stg.vidoomy.com
3    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    64.74.236.159 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
mcdp-chidc2.outbrain.com
1    188.65.124.59 (L'Haÿ-les-Roses, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ebed2.dm.gg
pebed.dm-event.net
1    188.65.124.90 (L'Haÿ-les-Roses, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: fp.dc3.dailymotion.com
api.pxl.dailymotion.com
5    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.129.131 (United States)

ASN54113 (FASTLY, US)
52a360d4000447a08efd7617080680a9.js.ubembed.com
1    35.186.249.84 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 84.249.186.35.bc.googleusercontent.com
j93557g.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
7    146.20.132.73 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
3    116.202.80.165 (Osterhofen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.80.202.116.clients.your-server.de
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
2    13.232.101.246 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-232-101-246.ap-south-1.compute.amazonaws.com
twa.netcoresmartech.com
2    2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdndc.netcoresmartech.com
1    2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdnt.netcoresmartech.com
1    2600:9000:2057:c000:9:a948:8e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.boxx.ai
1    13.235.123.107 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-235-123-107.ap-south-1.compute.amazonaws.com
psegment.netcoresmartech.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
3    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
1    65.9.68.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-42.fra56.r.cloudfront.net
assets.ubembed.com
1    2a02:26f0:6c00:191::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s8t.teads.tv
1    2600:9000:211e:6600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
3    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
17    146.20.128.58 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
1    13.32.22.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-18.fra56.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    13.35.253.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-27.fra6.r.cloudfront.net
assets-tracking.crazyegg.com
3    13.32.29.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-201.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    34.249.212.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-212-247.eu-west-1.compute.amazonaws.com
tracking.crazyegg.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
1    52.49.172.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-172-98.eu-west-1.compute.amazonaws.com
global.cloud.netacuity.com
1    34.107.231.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
1    69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net
rtbpass-us.andbeyond.media
4    2600:1f18:612b:4264:7919:d06d:12c8:6304 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
4cywq-eqnre.ads.tremorhub.com
4    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
adx.adform.net
6    18.195.249.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-249-59.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
1    2600:9000:2057:4e00:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
1    2600:9000:206f:b200:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
2    2600:9000:206f:a800:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
vpaid.springserve.com
16    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
aktrack.pubmatic.com
4    35.157.241.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-241-218.eu-central-1.compute.amazonaws.com
pixel.advertising.com
5    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
5    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.183 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com
d5p.de17a.com
17    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: pikafka-1.cloudy.ovh
pixel.onaudience.com
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loada.exelator.com
1    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    185.64.189.111 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    54.77.6.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-6-213.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Ballerup Municipality, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    3.19.190.206 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-190-206.us-east-2.compute.amazonaws.com
vid-io-cle.springserve.com
2    35.190.74.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.74.190.35.bc.googleusercontent.com
handyfireman.com
1    52.57.42.190 (None, )

ASN- ()
ads-eu.v.ssp.yahoo.com
1    23.88.75.186 (None, )

ASN- ()
csync.loopme.me
1    94.23.171.206 (None, )

ASN- ()
green.erne.co
1    2606:4700:20::681a:ad1 (None, )

ASN- ()
ad4m.at
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    159.65.197.210 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    34.254.122.11 (None, )

ASN- ()
rtb.gumgum.com
Apex Domain
Subdomains		 Transfer
131 thestar.com.my
www.thestar.com.my
cdn.thestar.com.my
apicms.thestar.com.my
sites.thestar.com.my
1 MB
44 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
450 KB
41 pubmatic.com
vpaid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
vid.pubmatic.com
aktrack.pubmatic.com
aud.pubmatic.com
221 KB
35 googlesyndication.com
c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
e66e4ff9650e16c05403fc85f0686c39.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
723 KB
32 lkqd.net
ad.lkqd.net
v.lkqd.net
t.lkqd.net
cs.lkqd.net Failed
215 KB
16 amazonaws.com
s3.ap-southeast-1.amazonaws.com
s3-ap-southeast-1.amazonaws.com
228 KB
15 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
519 KB
13 google.com
www.google.com
adservice.google.com
analytics.google.com
22 KB
11 cxense.com
scdn.cxense.com
cdn.cxense.com
api.cxense.com
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
73 KB
10 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
4 KB
10 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
images.outbrainimg.com
260 KB
10 adnxs.com
ib.adnxs.com
secure.adnxs.com Failed
11 KB
10 outbrain.com
widgets.outbrain.com
amplify.outbrain.com
tr.outbrain.com
widget-pixels.outbrain.com
odb.outbrain.com
mcdp-chidc2.outbrain.com
91 KB
9 googletagservices.com
www.googletagservices.com
329 KB
8 adform.net
adx.adform.net
c1.adform.net
4 KB
8 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads-eu.v.ssp.yahoo.com
4 KB
7 crazyegg.com
script.crazyegg.com
pagestates-tracking.crazyegg.com
assets-tracking.crazyegg.com
tracking.crazyegg.com
28 KB
7 netcoresmartech.com
osjs.netcoresmartech.com
twa.netcoresmartech.com
cdndc.netcoresmartech.com
cdnt.netcoresmartech.com
psegment.netcoresmartech.com
67 KB
7 facebook.com
www.facebook.com
312 B
6 facebook.net
connect.facebook.net
369 KB
5 google-analytics.com
www.google-analytics.com
75 KB
5 bidswitch.net
x.bidswitch.net
3 KB
5 teads.tv
a.teads.tv
s8t.teads.tv
t.teads.tv
133 KB
5 google.co.uk
adservice.google.co.uk
www.google.co.uk
2 KB
5 addthis.com
s7.addthis.com
m.addthis.com
217 KB
5 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
62 KB
4 adsrvr.org
match.adsrvr.org
2 KB
4 tremorhub.com
4cywq-eqnre.ads.tremorhub.com
2 KB
4 vidoomy.com
ads.vidoomy.com
a.vidoomy.com
stg.vidoomy.com
6 KB
4 adbro.me
tag.adbro.me
cdn.adbro.me
apis.adbro.me
34 KB
4 cloudflare.com
cdnjs.cloudflare.com
39 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 everesttech.net
sync-tm.everesttech.net
860 B
3 springserve.com
vpaid.springserve.com
vid-io-cle.springserve.com
175 KB
3 amazon-adsystem.com
c.amazon-adsystem.com
39 KB
3 stickyadstv.com
ads.stickyadstv.com
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 twitter.com
platform.twitter.com
syndication.twitter.com
133 KB
3 jsdelivr.net
cdn.jsdelivr.net
44 KB
2 handyfireman.com
handyfireman.com
651 B
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 exelator.com
loada.exelator.com
2 KB
2 onaudience.com
pixel.onaudience.com
733 B
2 mathtag.com
sync.mathtag.com
1 KB
2 de17a.com
d5p.de17a.com
634 B
2 geoedge.be
wrappers.geoedge.be
rumcdn.geoedge.be
76 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 ubembed.com
52a360d4000447a08efd7617080680a9.js.ubembed.com
assets.ubembed.com
49 KB
2 sitescout.com
pixel-sync.sitescout.com
600 B
2 googletagmanager.com
www.googletagmanager.com
111 KB
2 dmcdn.net
api.dmcdn.net
20 KB
1 gumgum.com
rtb.gumgum.com
238 B
1 bidtheatre.com
match.adsby.bidtheatre.com
534 B
1 iprom.net
core.iprom.net
1 ad4m.at
ad4m.at
915 B
1 erne.co
green.erne.co
325 B
1 loopme.me
csync.loopme.me
217 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 turn.com
ad.turn.com
518 B
1 clientgear.com
event.clientgear.com
261 B
1 zeotap.com
mwzeom.zeotap.com
455 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 quantserve.com
pixel.quantserve.com
542 B
1 simpli.fi
um.simpli.fi
616 B
1 criteo.com
dis.criteo.com
334 B
1 andbeyond.media
rtbpass-us.andbeyond.media
155 KB
1 adlooxtracking.com
p.adlooxtracking.com
8 KB
1 netacuity.com
global.cloud.netacuity.com
444 B
1 adsafeprotected.com
static.adsafeprotected.com
482 B
1 boxx.ai
js.boxx.ai
615 B
1 j93557g.com
j93557g.com
30 KB
1 dailymotion.com
api.pxl.dailymotion.com
1 KB
1 dm-event.net
pebed.dm-event.net
363 B
1 addthisedge.com
v1.addthisedge.com
955 B
1 survicate.com
survey.survicate.com
1 KB
1 netcore.co.in
tw.netcore.co.in
1 KB
1 moatads.com
z.moatads.com
1 KB
0 weborama.fr Failed
idsync.frontend.weborama.fr Failed
0 taboola.com Failed
match.taboola.com Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 audrte.com Failed
a.audrte.com Failed
0 hicloud.com Failed
dtm-drcn.platform.hicloud.com Failed
545 86
Domain Requested by
93 cdn.thestar.com.my www.thestar.com.my
cdn.thestar.com.my
sites.thestar.com.my
ajax.googleapis.com
30 securepubads.g.doubleclick.net www.thestar.com.my
securepubads.g.doubleclick.net
www.googletagservices.com
29 apicms.thestar.com.my www.thestar.com.my
27 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.thestar.com.my
c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
tpc.googlesyndication.com
17 t.lkqd.net ad.lkqd.net
15 s3-ap-southeast-1.amazonaws.com www.thestar.com.my
ajax.googleapis.com
10 simage2.pubmatic.com ads.pubmatic.com
10 ib.adnxs.com 1 redirects www.thestar.com.my
vpaid.springserve.com
9 www.googletagservices.com securepubads.g.doubleclick.net
c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
8 images.outbrainimg.com www.thestar.com.my
8 ad.lkqd.net www.thestar.com.my
ad.lkqd.net
8 www.google.com 3 redirects www.thestar.com.my
www.gstatic.com
c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
www.google.com
8 www.thestar.com.my www.thestar.com.my
7 image2.pubmatic.com ads.pubmatic.com
7 ads.pubmatic.com vpaid.pubmatic.com
ads.pubmatic.com
7 v.lkqd.net ad.lkqd.net
7 www.facebook.com www.thestar.com.my
7 fonts.gstatic.com fonts.googleapis.com
www.google.com
6 vpaid.pubmatic.com vpaid.springserve.com
blank
6 ads.adaptv.advertising.com 1 redirects ad.lkqd.net
vpaid.springserve.com
6 googleads.g.doubleclick.net c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
6 connect.facebook.net www.thestar.com.my
connect.facebook.net
5 cm.g.doubleclick.net 5 redirects
5 ups.analytics.yahoo.com 2 redirects www.thestar.com.my
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.thestar.com.my
5 x.bidswitch.net 5 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 match.adsrvr.org 4 redirects
4 pixel.advertising.com 4 redirects
4 adx.adform.net ad.lkqd.net
4 4cywq-eqnre.ads.tremorhub.com ad.lkqd.net
4 script.crazyegg.com www.thestar.com.my
script.crazyegg.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 s7.addthis.com www.thestar.com.my
s7.addthis.com
4 cdnjs.cloudflare.com www.thestar.com.my
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 aktrack.pubmatic.com www.thestar.com.my
3 image6.pubmatic.com ads.pubmatic.com
3 sync-tm.everesttech.net 3 redirects
3 c.amazon-adsystem.com www.thestar.com.my
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.thestar.com.my
3 ads.stickyadstv.com www.thestar.com.my
ad.lkqd.net
3 sb.scorecardresearch.com 1 redirects www.thestar.com.my
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.co.uk securepubads.g.doubleclick.net
3 api.cxense.com cdn.cxense.com
www.thestar.com.my
3 tr.outbrain.com amplify.outbrain.com
www.thestar.com.my
3 widgets.outbrain.com www.thestar.com.my
3 cdn.cxense.com scdn.cxense.com
cdn.cxense.com
3 cdn.jsdelivr.net www.thestar.com.my
ajax.googleapis.com
3 fonts.googleapis.com www.thestar.com.my
tpc.googlesyndication.com
2 handyfireman.com www.thestar.com.my
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 sync.1rx.io 2 redirects
2 vid.pubmatic.com vpaid.pubmatic.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 d5p.de17a.com 2 redirects
2 vpaid.springserve.com ad.lkqd.net
2 encrypted-tbn3.gstatic.com c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
www.thestar.com.my
2 encrypted-tbn0.gstatic.com c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
www.thestar.com.my
2 t.teads.tv www.thestar.com.my
2 www.google.co.uk www.thestar.com.my
2 analytics.google.com www.googletagmanager.com
2 cdndc.netcoresmartech.com osjs.netcoresmartech.com
2 twa.netcoresmartech.com www.thestar.com.my
2 sync.search.spotxchange.com 1 redirects www.thestar.com.my
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 a.vidoomy.com www.thestar.com.my
2 pixel-sync.sitescout.com 2 redirects
2 a.teads.tv securepubads.g.doubleclick.net
www.thestar.com.my
2 www.googletagmanager.com www.thestar.com.my
www.googletagmanager.com
2 tag.adbro.me 1 redirects www.thestar.com.my
2 api.dmcdn.net www.thestar.com.my
api.dmcdn.net
2 platform.twitter.com www.thestar.com.my
platform.twitter.com
2 ajax.googleapis.com www.thestar.com.my
securepubads.g.doubleclick.net
2 scdn.cxense.com www.thestar.com.my
1 rtb.gumgum.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ad4m.at ads.pubmatic.com
1 green.erne.co 1 redirects
1 csync.loopme.me 1 redirects
1 ads-eu.v.ssp.yahoo.com www.thestar.com.my
1 vid-io-cle.springserve.com vpaid.springserve.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 event.clientgear.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 rumcdn.geoedge.be rtbpass-us.andbeyond.media
1 wrappers.geoedge.be www.thestar.com.my
1 rtbpass-us.andbeyond.media www.thestar.com.my
1 p.adlooxtracking.com www.thestar.com.my
1 global.cloud.netacuity.com www.thestar.com.my
1 tracking.crazyegg.com script.crazyegg.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 static.adsafeprotected.com www.thestar.com.my
1 s8t.teads.tv a.teads.tv
1 assets.ubembed.com 52a360d4000447a08efd7617080680a9.js.ubembed.com
1 psegment.netcoresmartech.com www.thestar.com.my
1 js.boxx.ai osjs.netcoresmartech.com
1 cdnt.netcoresmartech.com www.thestar.com.my
1 p1cluster.cxense.com cdn.cxense.com
1 syndication.twitter.com platform.twitter.com
1 j93557g.com www.thestar.com.my
1 52a360d4000447a08efd7617080680a9.js.ubembed.com www.googletagmanager.com
1 api.pxl.dailymotion.com www.thestar.com.my
1 pebed.dm-event.net www.thestar.com.my
1 mcdp-chidc2.outbrain.com www.thestar.com.my
1 stg.vidoomy.com www.thestar.com.my
1 e66e4ff9650e16c05403fc85f0686c39.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 apis.adbro.me www.thestar.com.my
1 odb.outbrain.com widgets.outbrain.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 osjs.netcoresmartech.com tw.netcore.co.in
1 log.outbrainimg.com www.thestar.com.my
1 ads.vidoomy.com securepubads.g.doubleclick.net
1 sites.thestar.com.my www.thestar.com.my
1 widget-pixels.outbrain.com www.thestar.com.my
1 tcheck.outbrainimg.com www.thestar.com.my
1 cdn.adbro.me www.thestar.com.my
1 survey.survicate.com www.thestar.com.my
1 tw.netcore.co.in www.thestar.com.my
1 amplify.outbrain.com www.thestar.com.my
1 z.moatads.com s7.addthis.com
1 s3.ap-southeast-1.amazonaws.com www.thestar.com.my
0 secure.adnxs.com Failed ads.pubmatic.com
0 idsync.frontend.weborama.fr Failed ads.pubmatic.com
0 match.taboola.com Failed ads.pubmatic.com
0 cm.adgrx.com Failed ads.pubmatic.com
0 sync.srv.stackadapt.com Failed ads.pubmatic.com
0 a.audrte.com Failed ads.pubmatic.com
0 cs.lkqd.net Failed ad.lkqd.net
0 dtm-drcn.platform.hicloud.com Failed www.thestar.com.my
545 149
Subject Issuer Validity Valid
*.thestar.com.my
Amazon		 2021-08-16 -
2022-09-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.cxense.com
DigiCert SHA2 Secure Server CA		 2021-05-21 -
2022-05-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-14 -
2021-12-13		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.s3-ap-southeast-1.amazonaws.com
Amazon		 2021-03-26 -
2022-03-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.netcore.co.in
GlobalSign RSA OV SSL CA 2018		 2021-03-18 -
2022-02-28		 a year crt.sh
*.dmcdn.net
ZeroSSL RSA Domain Secure Site CA		 2021-11-10 -
2022-02-08		 3 months crt.sh
*.survicate.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-01 -
2022-10-02		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.google.co.uk
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2021-05-04 -
2022-05-09		 a year crt.sh
sites.thestar.com.my
R3		 2021-10-30 -
2022-01-28		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
cdnt.netcoresmartech.com
DigiCert SHA2 Secure Server CA		 2021-09-20 -
2022-06-08		 9 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
teads.tv
R3		 2021-11-03 -
2022-02-01		 3 months crt.sh
ad.lkqd.net
R3		 2021-12-02 -
2022-03-02		 3 months crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.dm-event.net
ZeroSSL RSA Domain Secure Site CA		 2021-10-15 -
2022-01-13		 3 months crt.sh
api.pxl.dailymotion.com
ZeroSSL RSA Domain Secure Site CA		 2021-10-30 -
2022-01-28		 3 months crt.sh
*.js.ubembed.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
j93557g.com
R3		 2021-10-31 -
2022-01-29		 3 months crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-14		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-31 -
2022-10-30		 a year crt.sh
*.netcoresmartech.com
AlphaSSL CA - SHA256 - G2		 2021-01-13 -
2022-02-14		 a year crt.sh
*.boxx.ai
AlphaSSL CA - SHA256 - G2		 2020-08-04 -
2022-08-05		 2 years crt.sh
www.google.co.uk
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
assets.ubembed.com
Amazon		 2021-03-06 -
2022-04-04		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.crazyegg.com
DigiCert SHA2 Secure Server CA		 2020-07-26 -
2022-07-23		 2 years crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.cloud.netacuity.com
Amazon		 2021-04-11 -
2022-05-10		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2021-10-22 -
2022-01-20		 3 months crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2021-02-22 -
2022-03-26		 a year crt.sh
*.tremorhub.com
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
gw.geoedge.be
Amazon		 2021-10-13 -
2022-11-10		 a year crt.sh
*.springserve.com
Amazon		 2021-04-30 -
2022-05-29		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
handyfireman.com
R3		 2021-11-11 -
2022-02-09		 3 months crt.sh
*.iprom.net
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh

This page contains 63 frames:

Primary Page: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Frame ID: DF0D9BC029255C76ED063A7F1A5E6F00
Requests: 289 HTTP requests in this frame

Frame: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CEE0FB894683587E888B62E26B5FF6F6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: D11C21A090D016F5FED678BA5A19B2E0
Requests: 12 HTTP requests in this frame

Frame: https://sites.thestar.com.my/tsolnewsletter/subscription_footer.aspx
Frame ID: B692F20448CA55774694E3EE43393DA9
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssa8IGW2qgF0IpEeC6q5-11tnEhI1uLKH1ZSN0vY-pOALVJHWW0xkJl27EQuvKXPDGnR0YXRAYLKcVe_V6fwuD1GVOhc95NlPFubcpkGQ4uJThLeyVHB5PqFIoC9PR2KDzj3kidl85CaX4hREV1khaC2oPpXFOMsieybj-4CtX8m9uki6uHNgzbwlQhBo-kUExU_S8t1SHrnaWsAYpTpUKLL0SLBHDro-dH6DibEzuFq9gj6Wf_CVBZ87sjOnbBp9t6f92yhPWRydQBa4a-IQxusL6E8vVUUIOvQwhH1-SMKDDpznvOeBpPlgPUW2NVRRSA7MO7gV_FF19kNWb5v7M_sBgQ4yOQje9p1xaYTDy3wUxWAptm7n22aBHqYLwhj94IvWgqVE_5TaH39rOflK6zuoOKNj4Gj9zdRKI8Pdkzbuqdmp0&sai=AMfl-YTwQKzN27hzt0Q3MRAF13mPhFlpqjR12svFICopMEsDUIwRY-EbD6wb-m2Faci15eDcE0w4SBIPvEu3eZWY60FDB6PiBAOwuJdku7lM1KTs54UryOMKSr1SSa1iFBwJ&sig=Cg0ArKJSzCFjY4vwM_KrEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0B99AB923EA225CB355BE47B32D0A2AE
Requests: 19 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: FA2138A6834C47BAF7DEF1878FF01305
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B0ACB02AC7347781D6EA16FA69460B97
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.thestar.com.my
Frame ID: BA2B06570DA9826EBF7E8BE8B8E8A33A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=y7mkqjsdmy37
Frame ID: 4D3AD3BB73E5C3DCC8ADDDA15A79AE96
Requests: 7 HTTP requests in this frame

Frame: https://e66e4ff9650e16c05403fc85f0686c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DB69879E5E06568F30504517A99D0B6E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 57E092E09F75A12CDDE77263F182A1B5
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdmtJxoByFKVds-IzWxxE2Nxx0NS17UL32jUQzCdVTcVZpcUV0Kb1tD26j7n4G6Q59xQc_Nc6CmojhLcurNjSYgvZbd0lggAk8zj6w3L55RJJEdoD7-MrcD3yBt6l2uKIdIeW00tC7oG7TKO1UNKRMHWDALKIV8r0ySC13kWxccalObizuThUlulK9K36ohAzXE9wkg3S-jeoag3OU_xRPPzL2O04FtaGnBjJRqpcu4gU-Tn8l3Bs7D7MTw2Dv9qw3zNXo0fASGblq9TykYellEi3u6jJlaIVks7LUXVevYZxq1t73i8VKd5s9hcxeV6tTBJRpYLfUYeF2p74I-UUFO0KiCR3oSFC6I7ZbA1hQaTBc2GDqIG66NWniWLq0Syytk3sDj5GegHTaLIbzgNcYglJZZ0ipw6pwjESzGOPy&sig=Cg0ArKJSzAiqmOvKj5JMEAE&uach_m=[UACH]&adurl=
Frame ID: 190A245ADB8FFD9591E10FF843A2ED75
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbGuOJqLD3Gac5HA7kQ821ARddEKw2bXH51xIY_JLJR95KpBHomy8KeYph7RDcGSaxMM-E36zxTOtNVXsgVA7lwI7iv-cSckcouSmgh7mreFaTxbR8Hr4U0EDnRFlgek4s1HB4R9h7nIHqySy9lj7PkUA5h5uLGl5o71by6SUnRyDyx5DmvQg2ufvhxALAXL5FhZMG4HMBlk-ooG6auYvJVcZASQDwyNiTYrS0vt6870KC2g9JighN8g_-E4WC59zlNFtzbWrRGGJfUUXX7fj2p4qbuecEln-2M6JQ1o4AAT9OYTBzwXUp4SsyoQgvgjQR-SM4FPZej8gQYIZ-Xl9VbibmScbvtwVrgSuZLng2MwzRWc5YMGOOhCEIjHWZdlxgCLs3YBCiPV43KcEW1ZZTrbzEiSRRprP6cwr1ti3K_9G53vNawu2uve1aZH4gpFIX&sig=Cg0ArKJSzP8p4UD0XJ1wEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2C61492A1E4067361560F10618E8496A
Requests: 5 HTTP requests in this frame

Frame: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 51DD29122F283999E3917671C6F61252
Requests: 6 HTTP requests in this frame

Frame: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3A4449EEAB281855C622A35F49ECAA7B
Requests: 7 HTTP requests in this frame

Frame: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EAFE8ACB7164107A84D87D94E93A8D22
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutermpZD78F4U0etoo0zy6b2e5PnK0A7tzyrMHqBZmzxT5anr2uBrBeax7OQa21Fy6ymZ0cVCEyd0C3ZRbZ2UukKh8SUZd71wQhZnX3bUEGdV_XfYqnt0AXex94PFRmyXWqnWrOK-t5KnU7JBOep28A0GYKIy59XbJxOc0KIn2XY3E0PT44vHNt0RE0tO9zp6ZsdejxNg0X6YJbSr2w4Rufn7Mvt3rXzdXN-kgmog4b9K67F1pgxCIWvQAJVaT3jvmj5oeV7deMXv9F4o1n6enhc5sBcU68c1mjYxL1nvRcA2mosEetSph1M8lUwzRKck1kGHLFTTMWI7cNPH5p1QdeU3kwLPBQzvCxVF6EMaUUypPnF0T5lQ9Wu2CJPFySjKtVO1_JVPlDp3ZK4QzTLpVdJPqGnKDOPIaZ9Ka-_ip78om8yUqq-x9QtX5Ru6xBw&sig=Cg0ArKJSzLFl7yAYjbYhEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 13EB3D5421A0900F923B6F198C810C87
Requests: 5 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 78A644797DEE86C8B6D6E220EE3D4C91
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 944529CDD72710D3E9B3230FF67AB0AF
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: 4B02E4A7BCE07559910D1FC0433F3696
Requests: 1 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0012/7021.json?t=1
Frame ID: 7924B95BE116558F53E676EE01CAEB71
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuw-DDPuB3RAZ0NNzQFJ2jeim-VOcQhqvcxTwG-ow9lHeB-x957d0EGqGO39FU_dq2h6ptYAdvLOF9vGob8TxoJcWMheLRN5CaaOSilduwRsgKT7x2h-PX0wQHYZAKd0O1JNppCyze_zdpZvxv8F8pgUw6yxvYYMy4r3ObQzp4ww7MCoc_yhMF-s48XamRvWLxI4Kb4EzZxt2ntFf20TpSSzf6o-vHxATdGMp11-Tsstrmc38EXVqVumX72JxIk3aL0DTxUGe7ue7K7efnZE2ZDzra6nDBZLMSJzc0mLvAANxm9vvyNkBC7vSe29B4hhc25VLxK3kw&sig=Cg0ArKJSzIpjvTvhU4LpEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5EDADA24ED22A6F858577C35FAD0FAD2
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7762759255349788672/index.html
Frame ID: 2846FFF6AE047CAEF85A20CD94CFB458
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 73E76601960B82EAD7631E752FC55CAE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8041232346273284096/index.html
Frame ID: FA2017CC03D4A55BE19AF72AC0503C39
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E341D99409534641CFC9D26AF727C6DA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/261053816168775680/index.html
Frame ID: 3DD7519A37C0C71E1DA58241E51890DC
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 80C01832AE165C4F469ACF2BDBA5E399
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 2FD9C4FF150C8AE87A2C5FEFB4722612
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 0024BC9F9CDA7DA5148FECA1CBBD39FD
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: A6C95F844C434CA48404E6C062342F7A
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 04C2E833DC6EFDC908A3E1C161FB70F8
Requests: 2 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 91D88EE84FC516FE3FC33F6000A6784E
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 425D6A0177D029AA341919ACA68C6B3C
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 38DCE8015CFBFA2739D558BAA840A020
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F6C8B77E8A79D9F2AD1855BD901A7B1E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B8242E6B2EB7878899B2C26CA82DF59C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E478378D13E45D5FC8277C16F428968F
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_25214542.js
Frame ID: 4030DA13CD378D0D3B0BEE81E8957ECE
Requests: 12 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771118805,,
Frame ID: BADA3AD10B13B0F90CE8D94D231A9B50
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6BF95D05F1949427D047893864A112FB
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E
Frame ID: F75608F991FCAB5B8530DE065F672F24
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=840177843997574231
Frame ID: 049169D2B407596EB2895E2B73AAC9FE
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: A043EE17F797094B172DA3B78256C2BA
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771118805,,
Frame ID: A8F17A4A08789B6759D777EFDD7713B8
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 61560CF7577A7076C6FCBFDCA53DCE32
Requests: 12 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7038468370331793563
Frame ID: 42417003F0ECDFCAC70F3C35F3DDA6C7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ya2psAAJ8VHN5gBG&gdpr=0&gdpr_consent=
Frame ID: 1FE200A5FD6777DFD43C4A65E82A82B2
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 43662AB23BDB19B326BA0BA1EFFDD57A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0e81ab6f-b500-4832-a367-d889d89eb94e-003
Frame ID: 5BD55F4754A83B39767D516EB5796525
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: C296785AA38A32E3877A1166E4906F84
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 600DF48E44A7637722A659ADE70BA9BF
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 68210D710D2ED23C735B57D414E811EE
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_25214542.js
Frame ID: 465A6702284F32214A0B67624E6A7C39
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771123169,,
Frame ID: E55010591BBD29E3DA8EA3B9E14FFDA4
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3ECCC08BC8BAE5C9D561C0FC646535B9
Requests: 6 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: B9CBA9719B2EFAF095C9CFBC89BFB540
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11
Frame ID: 3403AAD63996B7CAB0EE57928CEF1B43
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=AsUOdrFD46YtLr4JN57cX72U
Frame ID: 26B46E96434266DD4EB605FADC98ECD7
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: DF014745E9B78335ADD99100AA77CDF6
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: C58855F1843303AF2E04E0F49DEA952F
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: FD13C48FF60C38A249D23EFABB0F3F46
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=37e80a71-60c0-4926-9e53-eee83481a070-tuct8a72f34&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 784BCB4335DE8B4E6662BE603039B378
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AP source: NSO Group spyware used to hack US State Department employees | The StarFacebookTwitterWhatsAppTelegramLinkedInRedditPrintEmailFacebookTwitterWhatsAppTelegramLinkedInRedditPrintEmailFacebookTwitterWhatsAppTelegramLinkedInRedditPrintEmail

Page Statistics

545
Requests

87 %
HTTPS

35 %
IPv6

86
Domains

149
Subdomains

107
IPs

12
Countries

6250 kB
Transfer

17478 kB
Size

95
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 117
  • https://tag.adbro.me/tags/ptag.js HTTP 302
  • https://cdn.adbro.me/ptag.js
Request Chain 228
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035691&ns__t=1638771117100&ns_c=UTF-8&cv=3.5&c8=AP%20source%3A%20NSO%20Group%20spyware%20used%20to%20hack%20US%20State%20Department%20employees%20%7C%20The%20Star&c7=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035691&ns__t=1638771117100&ns_c=UTF-8&cv=3.5&c8=AP%20source%3A%20NSO%20Group%20spyware%20used%20to%20hack%20US%20State%20Department%20employees%20%7C%20The%20Star&c7=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&c9=
Request Chain 233
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Request Chain 234
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=212998082.82339261619899167.58978 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=212998082.82339261619899167.58978 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=19cf3904-7da7-4e6a-9c07-027de25f2f9d HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171316262&expires=5&ssp=vidoomy HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=19cf3904-7da7-4e6a-9c07-027de25f2f9d
Request Chain 252
  • https://sync.search.spotxchange.com/partner?source=217759&sync_limit=7 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=217759&sync_limit=7&__user_check__=1&sync_id=6ab9acc7-565b-11ec-ac5a-19bfd3920506
Request Chain 349
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8091528906864552486
Request Chain 359
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8307701688978336294
Request Chain 366
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 368
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 369
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 389
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8091528906864552486
Request Chain 437
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP6c5cb458-565b-11ec-84d2-0634bd7286aa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA2YzVjYjQ1OC01NjViLTExZWMtODRkMi0wNjM0YmQ3Mjg2YWE%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEFogK7CbAo308WSYV7zreDE&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFogK7CbAo308WSYV7zreDE&google_cver=1&apid=UP6c5cb458-565b-11ec-84d2-0634bd7286aa
Request Chain 438
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=Ya2psAAJ8VHN5gBG HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=Ya2psAAJ8VHN5gBG&_origin=0&gdpr=0&gdpr_consent=&_test=Ya2psAAJ8VHN5gBG HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=Ya2psAAJ8VHN5gBG&_origin=0&gdpr=0&gdpr_consent=&_test=Ya2psAAJ8VHN5gBG&apid=UP6c5cb458-565b-11ec-84d2-0634bd7286aa
Request Chain 439
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=e285ef8b-5e81-4a7f-870d-b84e8a25eed6&_origin=1&gdpr=1&gdpr_consent=
Request Chain 444
  • https://c1.adform.net/serving/cookie/match?party=14&cid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E
Request Chain 445
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=840177843997574231
Request Chain 447
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6nkI3F3OQWSQ4uDkX41vHg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 448
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b79461ad-a9b0-4300-aab3-5ca03af527c9
Request Chain 449
  • https://pixel.onaudience.com/?partner=214&mapped=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=4c9710421393ae29e44292a43225ce3d
Request Chain 450
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUE3OTA4REMtNURDRS00MTY0LTkwRTItRTBFNDVGOEQ2RjFF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 451
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAnYXlLffKYajWQVTldrXSc&google_cver=1
Request Chain 453
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:4bb461ad-a9b0-4000-bc07-3ef084bfca61&gdpr=0&gdpr_consent=
Request Chain 454
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6172238121245427292
Request Chain 455
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e285ef8b-5e81-4a7f-870d-b84e8a25eed6
Request Chain 456
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5730653417264827476&gdpr=0&gdpr_consent=
Request Chain 457
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7mfPC7lvzF_1b5kM7zSDV7xvnVb1NJZYuW-3mTQE
Request Chain 468
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7038468370331793563
Request Chain 469
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ya2psAAJ8VHN5gBG&gdpr=0&gdpr_consent=
Request Chain 470
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFmZ2FVN0RXMU1BQUItdjZEQ1BMUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 471
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=33672461 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e285ef8b-5e81-4a7f-870d-b84e8a25eed6 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0e81ab6f-b500-4832-a367-d889d89eb94e-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-0e81ab6f-b500-4832-a367-d889d89eb94e-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0e81ab6f-b500-4832-a367-d889d89eb94e-003
Request Chain 472
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E&addseg=11,34,40
Request Chain 473
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 475
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E HTTP 302
  • https://a.audrte.com/p
Request Chain 476
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-enpmg8NE2uXIUf6PabVEJVj3d2C9GUs-~A&gdpr=0&gdpr_consent=
Request Chain 478
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=19cf3904-7da7-4e6a-9c07-027de25f2f9d HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mkb9995cf5-30b2-4ee5-a9ef-72dad1ca4b52&expires=7&user_group=5&ssp=pubmatic&bsw_param=19cf3904-7da7-4e6a-9c07-027de25f2f9d HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=19cf3904-7da7-4e6a-9c07-027de25f2f9d&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 479
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8091528906864552486&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 481
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 503
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8091528906864552486
Request Chain 513
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=913190829&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=913190829&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=4375da3c-44ea-4d1e-903c-a11f231c48ae&a.is_yahoo=3&redirect_y=dHM9MTYzODc3MTEyMzM4Mi42ODQ4MTQ6YXBpZD1VUDZjNWNiNDU4LTU2NWItMTFlYy04NGQyLTA2MzRiZDcyODZhYTpyZXF1ZXN0X2lkPTQzNzVkYTNjLTQ0ZWEtNGQxZS05MDNjLWExMWYyMzFjNDhhZQ==
Request Chain 531
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 533
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=AsUOdrFD46YtLr4JN57cX72U
Request Chain 537
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=37e80a71-60c0-4926-9e53-eee83481a070-tuct8a72f34&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 538
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2152235026 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E
Request Chain 539
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e26dcc68-62b0-4c2f-b377-3b1eec83131c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 540
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

545 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
www.thestar.com.my/tech/tech-news/2021/12/06/ 		614 KB
172 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-115.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
8536bfd44d07e09e4ecc22ed8d9702397a7531cc791fc4016341fd062874681f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 06 Dec 2021 06:11:54 GMT
server
nginx
cache-control
no-cache, private
referrer-policy
no-referrer-when-downgrade
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Content-Type
access-control-allow-origin
https://dev-smebizhub.starmediagroup.my
content-encoding
gzip
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
CILeCwVfRGZGLQ168tmXC3uKYVfRZN1Fqx9dqjg7nln2YxCSFOLXLw==
TSOL640x100.png
www.thestar.com.my/theme_metro/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com.my/theme_metro/images/TSOL640x100.png
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-115.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
2c6d547393eef26e0d42f8dfede54cfc7b634de58b2259291927aad6b48ecfd6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Dec 2021 06:11:54 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
last-modified
Mon, 02 Dec 2019 10:07:51 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
etag
"5de4e277-1f94"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
8084
x-amz-cf-id
KIYan8bYjhAj5V58M9560S-w1y4NmzyDKOERwXNNnWS7fokrF4xaDg==
expires
Wed, 05 Jan 2022 06:11:54 GMT
bootstrap.min.css
cdn.thestar.com.my/Themes/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/bootstrap.min.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf6286ab735948b1b8687b6b442c55e262bc1d6ba79f781b8d7d23586f0606bf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
Ud66jYeCteNVhUEoIGU_tSliJ0c5oW8O
content-encoding
gzip
etag
W/"67d856a36edacea9564bd92310f7d792"
last-modified
Thu, 01 Oct 2020 02:17:09 GMT
server
AmazonS3
age
2765
x-amz-meta-cb-modifiedtime
Thu, 12 Oct 2017 02:23:22 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:26:21 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
VOO1S5udazjP6PwRL08-3JUNVncCpMFnMtb1267jk-ks5gaxpMTOlw==
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8f3638a07274186824d584038c798c850e3f3229223e79346461b1595db501c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 05:29:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 06:11:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 06:11:54 GMT
tsol2019_pw.css
cdn.thestar.com.my/Themes/css/ 		95 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/tsol2019_pw.css?v=20210907
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
047b2010d498213bc9246a93ba819dda53a216bf764ad9b5ee2e5ae471bff3df

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
JLP6p4mvBqhuPwiBudp0Ky45oyObPENs
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 11:35:06 GMT
server
AmazonS3
age
2038
etag
W/"51aa1d9f719d49263320ddc699f4d473"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
date
Mon, 06 Dec 2021 06:00:28 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
UgyiEhAFNOjEcuVqptz8Zsvu7qfM5eX0dL5olEO9U7SXQvsBja48_g==
story2017.min.css
cdn.thestar.com.my/Themes/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/story2017.min.css?v=20211012
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
249491720598f893eed99f05872f325bf73976054034f2ef607a6456f8b00e0a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
RINYdiUFqx5RbBXLoy9MUCt0LzLzu8vl
content-encoding
gzip
last-modified
Tue, 12 Oct 2021 07:47:15 GMT
server
AmazonS3
age
1078
etag
W/"52c0c23ec3dcca702452b20101925ff1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
date
Mon, 06 Dec 2021 06:00:28 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
9kM6UDEz1G-b1AM4aKXyf2qSz27Kcz4x80WTeRe3cqdS3VUjJGcqWw==
info.css
cdn.thestar.com.my/Themes/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/info.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
581e25592a67045516265f84c02caa0310999ac85b8330fdcdc79f363b33611f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
1.51bKGEb0PTv3hSOCmiJ.243PQ3nZx3
content-encoding
gzip
etag
W/"1aa5bc290203717673262f578a590dd3"
last-modified
Thu, 01 Oct 2020 02:17:10 GMT
server
AmazonS3
age
1633
x-amz-meta-cb-modifiedtime
Fri, 16 Aug 2013 10:10:13 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:46:21 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
PFh7IPlFHGUxWLQXt60N0MmTVAb5wgisIuY1UgX6_GbUdI0qMnDFYg==
bookmark.min.css
cdn.thestar.com.my/Themes/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/bookmark.min.css?v=20201123
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b698821cb8ad51c19ae43cdc91d3fa37b0d1edc1c12a7ba1d0b940b5986c778

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
42ZCDGB1EwVQij9jOKaY5QxStJiy4Bw_
content-encoding
gzip
last-modified
Mon, 23 Nov 2020 02:09:17 GMT
server
AmazonS3
age
732
etag
W/"ca09feb941c19c5454a23f3542209d12"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
604800
date
Mon, 06 Dec 2021 06:00:28 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
uKPRabV7W1V3UVeNlDGeprzTE3kEWPHtRvlRcxGC7nL7y1gLzaBbSw==
main.css
cdn.thestar.com.my/Themes/css/ 		61 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c81a984679125929df25a98e701bf11c4ef91204ea576737cd08bb0bdb34ade8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
ambd9ixojLX0vun.8w8P1WOxP1mfDE_V
content-encoding
gzip
etag
W/"017af7f222148aee2a23e518f87d8d6e"
last-modified
Sat, 20 Nov 2021 05:42:33 GMT
server
AmazonS3
age
1317
x-amz-meta-cb-modifiedtime
Sat, 20 Nov 2021 05:42:29 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
604800
date
Mon, 06 Dec 2021 05:52:55 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
rocsaMDEZu0hJ-aasDT7lPMxgcb9JdFZDb66g5yTs6TGeYWLKU8FMw==
promo.css
cdn.thestar.com.my/Themes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/promo.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
316344e85419e921d1f7f7f5e846f8081e17b2da631e24ee1a9dba4d544fddb1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
cTpHpLtDfO6oDRjJlvCAo1Uuwxd5Mw7d
content-encoding
gzip
last-modified
Tue, 17 Aug 2021 04:47:39 GMT
server
AmazonS3
age
1078
etag
W/"36f8ccb7da7a85cd553bd68d3b27eccf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
date
Mon, 06 Dec 2021 06:00:28 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
eUFlsQjh2KXu_qJTEd2s573MlQ--aWsXEFBmx_oimGJ_PL2FCcbq3w==
stock.search.min.css
cdn.thestar.com.my/Themes/css/ 		577 B
1000 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/stock.search.min.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8fd2a2d3ba29a9c4df14f66b1bd33e9a5db41f9e43527d8e2341fdecf4ed7bc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
DYuyOSWJKpUHMg69YtSIuMPMhqtqRHMW
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
etag
"abd4fa5dfda7656031ff9bc791e31ebb"
last-modified
Thu, 01 Oct 2020 02:17:10 GMT
server
AmazonS3
age
3484
x-amz-meta-cb-modifiedtime
Fri, 25 Aug 2017 08:10:23 GMT
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:14:13 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
577
x-amz-cf-id
o9MXaBzEVSQdK7_1YcTOYdogsYA7f6QBa_rPM8K61MIndFk_C3MMwQ==
font-awesome.min.css
cdn.thestar.com.my/Themes/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/font-awesome.min.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6de5f10ccef7544ae2724a6baaf888e54031959cd40e133126d64fc913a005fa

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
2vubh.PhxEhgJpFKBG0pP31KYJZnb.Rf
content-encoding
gzip
etag
W/"79f8083e69a38052ae8392709b1610c8"
last-modified
Thu, 01 Oct 2020 02:17:10 GMT
server
AmazonS3
age
2367
x-amz-meta-cb-modifiedtime
Mon, 20 Jan 2020 03:30:42 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:33:50 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
YFz0pLu_mbj0qapTz-A4XwsoHtnA_qg_qZeexXgYKyUsZVCdPPRg6w==
global-bar.min.css
cdn.thestar.com.my/GlobalBar/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/GlobalBar/css/global-bar.min.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efa875fbc07e6790f68ce847dfdeed6f81ca93a301b27b7440682b20f688023b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
2rSoaAo0F0M_gC.wHNQEHLISGuYe8kUJ
content-encoding
gzip
etag
W/"2352a7924ab6600445060ce8da2f9e61"
last-modified
Thu, 01 Oct 2020 02:31:14 GMT
server
AmazonS3
age
216367
x-amz-meta-cb-modifiedtime
Wed, 01 Jul 2020 07:40:54 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Fri, 03 Dec 2021 18:05:48 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
fxABG2SkvFIL0EXyr_5rLm8JVuRZMQS5_hjcUVqN5RUzPXSWF4T9ug==
audio.css
cdn.thestar.com.my/Components/Audio/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/Audio/audio.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4bf4a9bd526fe56f0c1f728a46defffe19897d8fc49ed811d10ac3f208007c2c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
4fEQPXNNtWhcIBa_DYlOd_C68bas6KnV
content-encoding
gzip
etag
W/"6b621e92f808f4c887d5eb54d7b5bf18"
last-modified
Thu, 01 Oct 2020 04:47:53 GMT
server
AmazonS3
age
725
x-amz-meta-cb-modifiedtime
Wed, 09 Jan 2019 02:04:14 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 06:00:28 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
MrZYTMJKLr5q06G4Oy8E8BbQ8tXkP34599E7Gfql2cK1wYA_h7tWfw==
owl.carousel.min.css
cdn.thestar.com.my/Themes/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/owl.carousel.min.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
122e0de24633a9fa3d0668b02f8ff785df8f58990d3d263b955d967a9542c682

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
jBZo_fxdrmNQeQ0zDiLYp2wHUQrzyzsK
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:17:09 GMT
server
AmazonS3
age
1562
etag
W/"1189f89df639b70679aa1be29335a613"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:46:21 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
HazDbRZRqE8mhCzSXCtGPIP9_BhUlvb3djNF4PVHOSNgGvRnYBkh4Q==
style.min.css
cdn.thestar.com.my/Themes/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/style.min.css?v=20201123
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c540a9231b20ee699d027d00ff6e0ff728eb955d7a54ebc6498fb75125f92c12

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
M_PjCpdDSoC2zNKkgGTFEIcv_E5IWxic
content-encoding
gzip
last-modified
Wed, 23 Dec 2020 04:32:43 GMT
server
AmazonS3
age
2879
etag
W/"b4247f523472dd6ecb8dc9f88b2590bb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
604800
date
Mon, 06 Dec 2021 05:44:15 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
Us7j2kLvKlZe3BiI067FRJSoCc_mv5ZfUrMS1f-HwrUNBJ8ky1PphQ==
cx.cce.js
scdn.cxense.com/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scdn.cxense.com/cx.cce.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 06:11:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Jul 2021 14:49:19 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5864
Expires
Mon, 06 Dec 2021 07:11:54 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 13:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404515
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Dec 2022 13:49:59 GMT
parsely-onload.min.js
cdn.thestar.com.my/Themes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/parsely-onload.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9de09574b3b0c74b29652aa2b38db155ce59c20c765b4a515429c6934f2c3a36

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
1DWUB0MLRA9Gin_ixr7MS2Yy_RpKtHx_
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
age
470
etag
W/"cf0b5aed788300bcd41cf265d84655dd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 06:06:13 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
cpBvxw0M8AVJv6stwsezL1lB5gnbkHh1hlcun1TNcGAhz4NJgc3p-A==
URI.min.js
cdnjs.cloudflare.com/ajax/libs/URI.js/1.18.10/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/URI.js/1.18.10/URI.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39259f689de4a4b42fe99ce88884ca2d525ccca82c0c7d99e7ab8f900bd24196
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2367835
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13131
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf3-b370"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4G%2BshmwpRVhtjF2%2BSlz%2Fr1ghrfvVyzMlPdF59FNFTrxyrzymGe2pQCulTsjDlIZbEe2oatlLzzpl4Y%2BqTN0vrrmTZBrcx%2FWAqYupvY21S753ke5d3X8LPaItZHT7KDHxa9LutQ2wqdjyBg5delH2RP%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b935c0b7953d61c-MXP
expires
Sat, 26 Nov 2022 06:11:54 GMT
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/moment.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3329814
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15476
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-c909"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4nuN1osF75whhrqp0xnA3l31BvpGrkV92bIYLv20MR%2BxURJ4qzfg08U79odcDqJdVNAAmTnqKFSeD4bsiQFHS5xyvD%2F8lVBut63g6o845jZeZjUqyDFLjSDudGFACiikbOugKTOUL6l6kmuZ1ZQ%2F41Q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b935c0b7954d61c-MXP
expires
Sat, 26 Nov 2022 06:11:54 GMT
postscribe.min.js
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5148364
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5117
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-45f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmzXwm5%2BBM5d%2F2tlIzDEXViwwfdXjMjkrYVWxvrVHmqANcWeMJyxSKJG3EwvR1Eho54jTlWqP7zZma9lV8XrGYtpvsfBxouhwJZeR1VEVzEV1srMoq4b2%2FRzpwOxMC1exUR8VXngTlecly9a4VteOhn4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b935c0b7955d61c-MXP
expires
Sat, 26 Nov 2022 06:11:54 GMT
js.cookie.js
cdn.thestar.com.my/Themes/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/js.cookie.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
9uuOoJhuZtR5PqudHFYxAz77EF7flIiw
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
W/"6e9eb1f53afb135aedaf90739c867738"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 06:11:54 GMT
x-amz-cf-id
iLXqB-cf0pDtEIu7mPR2gWNXv4iojFUSyV-WLu6hKDL1E1RIzMc6KQ==
jquery.dotdotdot.min.js
cdn.thestar.com.my/Themes/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/jquery.dotdotdot.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb2631a273e438a2a4eecf22f4272d4abf5b4cd2564506c0597ccacdc318ea3d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
hAkLNIGL3rohYqiNd1Iog0CmHxxih5th
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
age
1561
etag
W/"e7489c03aaea168ba084298955d7fb9a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:46:21 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
9yAdMONaAIrkFrI2mbUgAGxA52rgtrKm8nZKG0oqhFoh_4CvbWT6YQ==
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.12/dist/ 		85 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.12/dist/vue.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8117e9e4039e48e73dddefb54e3e5cf0bd2509688a8f64ed0f3c03845029cea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3576068
x-jsd-version
2.5.12
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19156-FRA, cache-mxp6967-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1532d-b7N+P+qNjCY0IJSHys6z84RECdI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6b935c0b9f9559dd-MXP
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2795407
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4224
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d6a-3580"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8uixTkl8YHDU%2FY6enotakEEp%2BtwNwDcTZgmdjJSBkO6MIoJmS%2FrAl9chvaD332YqLu6QMXsZDx03pC86gJcKwGRBcQLBTX4O1ZorwEii1z7SnzUl7qIRjnSYuHMdKfAPhpK5AzQCY5Yhuog8r64FfXU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b935c0b7958d61c-MXP
expires
Sat, 26 Nov 2022 06:11:54 GMT
Main.min.js
cdn.thestar.com.my/Themes/js/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/Main.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e78e48d0030ee8f1bb143e6bed1e23831aa407edc7f1f5def849ebce11a3b7c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
U3PZu35WxYgH9GSSGClLY_x.o0Yt34Ii
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
age
1547
etag
W/"5a6ec816592fcb73b4e4596a8b65b8a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:46:21 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
zokVPXJ81bH7q8qJs-6nKqCh6llvhMloEggm3C1ikF7R7Hwun_u-0w==
widget_mixin.js
cdn.thestar.com.my/Themes/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/widget_mixin.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd1448fcedd66fd634ecd7509d683798a1832b029b85735ed1deef908f1390ff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
y9PpVJXd2Oxkkq3Zw.83CUlh1k4ay25d
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
age
2486
etag
W/"548632554aa77d76e34e3dc08ab3671c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:33:50 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
W4_ImkueTABR62a_TLBbjswHoNmitZeWPtph19c6bQX0PVmsOARUMg==
slick.min.js
cdn.thestar.com.my/Themes/js/ 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/slick.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
oBAIRKEGoB7KIU6Csj.8nhVNzUkorXJ.
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
age
1621
etag
W/"b53bdfc29e18f4d493d775a8023fbdc8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:46:21 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
-9MEXdd8i4pc23kKBwuRN6JO0RrTQoH9d6gcgepGXSZZJ7JkIXEhPw==
jquery.unveil.js
cdn.thestar.com.my/Themes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/jquery.unveil.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b957ea6cdda4e5509beca77d581506f6fedd9167de1a5c7494e89a405ca764

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
1Fhcx_qG5J0whBMLGKTITGVNVu.uQj3f
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
age
451
etag
W/"4f4ed40e89655177903ad7eafdec4b05"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 06:06:13 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
ua0BE5P5fYG6wtokeQiVfZHA0rgRZOWKs91EXyEKx_shJNmGtuuZfw==
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
953e3226dbc68321a97a1706e9c13c0fb59dc08b25a6471ea3b98e4f7a40025e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
vI0BluMkvm53H0JGBGlZBQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 06 Dec 2021 06:11:55 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1688
x-fb-rlafr
0
x-fb-debug
ms7NS2NqpEgZBBZcfP4xFJfC/Azn7Zixd9gKg+r78tcKzqn8P7ETAFTv6nzoeOYF7LYysqxk4MRC14LDfK5f4w==
x-fb-trip-id
686109401
x-fb-content-md5
9d45949839b815f3224d306d734210c3
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 06 Dec 2021 06:11:54 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"d7be31c275752d8294947c62f136b1a5"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
owl.carousel.min.js
cdn.thestar.com.my/Themes/js/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/owl.carousel.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64e2027cfa89bd33663a465bbae111e5a4cb253ba68406ce689d3307f25f79c5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
91xkUJd7Bp9Lc31.TzW9M055eNZW.MwS
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
age
1621
etag
W/"d93af4022365dfda42a48dd0ce25f2a8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:46:21 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
FgEeVjEeHwv_OEmsVMeoAMwMWRDj-s3Z1pEL306nAVhOOga90ApbGw==
mediatag.min.js
cdn.thestar.com.my/Themes/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/mediatag.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57b4a8736adf73f8686e12a5dc8b5b446c57168d97d0fd8f1ef1c840542d3d43

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
b0vOp9rRVixzOzR4Bf0NM4XxBsi8pwbX
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
age
1579
etag
W/"bb66382c1748b25c891b9dda58d4f49e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:46:21 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
osQjvybAvdhC9LP3w9h7Qhm9mEWQx5NOAjegfBhD8TwVeIzQ3qJ7Hw==
mediahelper.min.js
cdn.thestar.com.my/Themes/js/ 		1 KB
908 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/mediahelper.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b99d7da83110b09c1b9d952a13835c84318995ba10b61d5c18a9b70d96c5cf5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
HUI8bjkjkMsvDB1fosoXf3g0O_f3RwT_
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
age
1681
etag
W/"fe91adf3dfdcbd82bfc8d88e948a9356"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:44:16 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
DA9r_vh3hz90Vefkcca5aqW-BzWTybvEw16ZxyZyeKRMizZJ_7u9Zw==
widgettop.min.css
cdn.thestar.com.my/Themes/css/ 		355 B
743 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/widgettop.min.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7801e6d6dfe4bb0739f38b4a875eedd3caeb86fd83907d6e8a9f840ea1253d9f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
6LdMa_qUjKDTJSqTM9TkvNfEg3XGMDcu
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Thu, 01 Oct 2020 02:17:10 GMT
server
AmazonS3
age
2315
etag
"d4d7dfa253b7eb381717d2d49bef8b6c"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:33:50 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
355
x-amz-cf-id
Jfw6cf1Kla9SqY9w2tIcG8ZvEC3X5voTA6_KKtrsrllf9qDz6fyH4w==
widgettop.min.js
cdn.thestar.com.my/Themes/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/widgettop.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
871ff658d9767aa340756d6c5fa46759091ca65abc2071c3f3381cd0b09954de

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
AkiyUjdvcgUq1yi0xs0KA79p__MQh0HQ
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
age
470
etag
W/"ab52bf3882cd9e5f3a5ba5d6a12f30a6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 06:06:13 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
pr0HRUFqnv51hrj77oRpETGc7Fcx9hvrswL2f1bO1BE7UADiI3Qndw==
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Mon, 06 Dec 2021 06:11:54 GMT
x-host
s7.addthis.com
content-length
116382
article-details.css
www.thestar.com.my/theme_metro/widgets/article-details/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com.my/theme_metro/widgets/article-details/article-details.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-115.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
362a427be5650fe06b6226baa3a95bacf5288caaccf9bb64922babb96b363c85

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Dec 2021 06:11:54 GMT
content-encoding
gzip
last-modified
Fri, 30 Aug 2019 03:42:44 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
etag
W/"5d689b34-7df"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-id
iM1o5G3wf4OryXAocKOihJYMUEBp0w6cuvdB1gnbZvCrbbcOkqWFdw==
expires
Wed, 05 Jan 2022 06:11:54 GMT
print_v2.css
cdn.thestar.com.my/Themes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/print_v2.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7df08ea48bfba8931db949e335892074fbb5c5f947c4b9d7a2cf84174ca78019

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
KwC9Uxlv1PIHTSeuo2BppqPQG0_eQLJT
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:17:09 GMT
server
AmazonS3
age
2182
etag
W/"a0dc4bc68d133c730c0c5840dcd1dcb4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:37:07 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
lg3Salk4Q46eiI5a9VmC7ewSguIoYFdI_hAAYP_kIMF7lC8CvmqQRA==
story.min.js
cdn.thestar.com.my/Themes/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/story.min.js?v=20210825
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76a1a95498b18eb98ae2b90d764cce5e025f185f9d5b42b89b8428c4fa59010f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
iU6193HTX0_tLhlH7akkO_w8CiRcZx1o
content-encoding
gzip
etag
W/"eef71540d6dcfbb1cb67fbfe0680b4a2"
last-modified
Wed, 25 Aug 2021 04:55:42 GMT
server
AmazonS3
age
632
x-amz-meta-cb-modifiedtime
Wed, 25 Aug 2021 04:38:56 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
date
Mon, 06 Dec 2021 06:05:25 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
snLH_8p47n62FQZCvwk659tJZTsP0L8jUijCv743LnsUSIqUjMmweg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4b8ada87f6e9500e167b6afbc808f611d85788ae0b1119f75c5e2a3939480b04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1064 / 312 of 1000 / last-modified: 1638572771"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26977
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 06 Dec 2021 06:11:54 GMT
prebid.js
cdn.thestar.com.my/Themes/js/ 		164 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/prebid.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b3188194dd55d8784117eb05af34e23ba99afdc63d9cd4d50ed6a590f6f979c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
67.sgCE89AV.n1xtsN0drtyH7BPwq.Ko
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
age
309
etag
W/"6a5a380e94250c137e88f922a29ee5e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 06:07:10 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
jzXSwatRwqFvXs3C7ooTf-2cKZJhzCxXnTw8h-ne0n5vEKRqhXmMMg==
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D63) /
Resource Hash
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 06:11:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Dec 2021 21:35:27 GMT
Server
ECS (lcy/1D63)
Age
417
Etag
"50ec7e701ed018305368886c39cac301+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29126
trendingParsely.js
www.thestar.com.my/theme_metro/js/ 		3 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com.my/theme_metro/js/trendingParsely.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-115.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
839891fc3b87451fb81530b4e017cc54e7c87ec5cfc60808ab178e040856419e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Dec 2021 06:11:54 GMT
content-encoding
gzip
last-modified
Fri, 13 Sep 2019 03:18:43 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
etag
W/"5d7b0a93-aac"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-id
WCqD30oUEmWF4jhuCcToC7oRqxYJ7QCr-Xw2BrfV7zIRuToRgADn4w==
expires
Wed, 05 Jan 2022 06:11:54 GMT
close.png
cdn.thestar.com.my/Themes/img/ 		563 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/close.png
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
081d444de733f8f3e5a1fa79b128371245ed03613029cba549a07bbac5c07ecf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
oh5atXrQlnGzmYKMe0FMd8_aHZ3eX2lz
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Thu, 01 Oct 2020 02:15:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"3f435ca1cfc6bdb9cd5fa80a4bbf782f"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
date
Mon, 06 Dec 2021 06:11:54 GMT
accept-ranges
bytes
content-length
563
x-amz-cf-id
a4VYmaPHmxxIwWJrkQxNky5BhsUmOR98B5G7QfVssJCDCtGgLqofZA==
navi-selection-revamp.js
cdn.thestar.com.my/Themes/js/navigation/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/navigation/navi-selection-revamp.js?v=20191107
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72885c7b721704e236e38ed9af84078e146c7156c2ff91bceac0b47ee77f71a0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
Xgkepuq2ZP4xhniY2q2qEC2fXiNjsxtR
content-encoding
gzip
last-modified
Fri, 02 Oct 2020 03:25:40 GMT
server
AmazonS3
age
280
etag
W/"05a862eb21f9c8caf895696ef1f910bd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 06:08:58 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
kTo4If04C5cWv-bt2cTH3wIpDzmvcVpLFETJK-_pGp-Z3U3gg0_Nqw==
jquery.mockjax.min.js
cdn.thestar.com.my/Themes/js/auto.complete/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/auto.complete/jquery.mockjax.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8a3e2c87ff151b415ee2a65965a6c6459431d1430730c9a8a204ab0705b4938

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
yML40Dwy7cpBkYZgqvzVNYbVA60KAgRX
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:21:22 GMT
server
AmazonS3
age
2095
etag
W/"9ece6212dc680985754b05aa60c8e93f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:37:07 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
iVlCAqp4brWJuGTKROGemYW3XKMx_Z_1yueCTutuZDDbH9VoWAaN_g==
jquery.autocomplete.min.js
cdn.thestar.com.my/Themes/js/auto.complete/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/auto.complete/jquery.autocomplete.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
69b39b769a35b7575db31a2a73151c20a3fc7df2eca7ed00d719e47e41531bbf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
mQkM_q5GT_pIjmvvnEcIoZj9O0dEgdVs
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:21:22 GMT
server
AmazonS3
age
1621
etag
W/"bbeb164fb98847e6aa277d13acc0b845"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:46:21 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
gn_-62r5TmeikWx8LkBPOKD2NmKk30PvazxCujN_GGzoldPvpL_S8A==
stocklookup.js
s3.ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/ 		146 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/stocklookup.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.128.62 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
909a359f2b9645b7bbc478fb7ee65b55debacc6d65d3652460a89f61da4f3da1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 06:11:56 GMT
Last-Modified
Mon, 06 Dec 2021 01:06:56 GMT
Server
AmazonS3
x-amz-request-id
5MWNQJ7XAKNTK8KJ
ETag
"e08cda9ea911134bc1bff8d1b499210e"
x-amz-version-id
9BK6.SN.0D9MhP.OIx65AlZiIZf6GBYp
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Type
application/js
Content-Length
149535
x-amz-id-2
DVt7+veGMt3ilUGSmKzjx8kloDgLOSuNkFbr1ll7QKsn1RC0d4ficXsrSMBZWgGpAFiDLc2TZvw=
search-menu-1.1.min.js
cdn.thestar.com.my/Themes/js/auto.complete/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/auto.complete/search-menu-1.1.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37ded0b4eb56a3a29160e59249c93bc9a73e47f5dc62678b2c696fbda31b35c8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
ADs_LRbMGQrRKgf_H0FFRDpMK5UzUvHm
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:21:22 GMT
server
AmazonS3
age
470
etag
W/"93c40729a04be6e873673e3df9485ae2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 06:06:13 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
K4hcTkPGftaVuoshVY8mGyDICHBCTeePThHekjRiBB0t2tL7rsh4tA==
responsive.min.css
cdn.thestar.com.my/Themes/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/responsive.min.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a1ac7ba856a43cf71b7cc3657ec9766bf8779d370f2f36b140aa0d3eff755af

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
S_B3oJBTQs9EQLENGudTdjShAznEKos3
content-encoding
gzip
etag
W/"6d5c03350c2ef1690958ba685903187f"
last-modified
Thu, 01 Oct 2020 02:17:10 GMT
server
AmazonS3
age
2765
x-amz-meta-cb-modifiedtime
Sun, 03 Nov 2019 20:31:38 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:26:21 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
ndEIJ_TikAX9g2Up7sbcvhdXswUB8ki_xC0p3rOJ73tuVEHW0Cmpfw==
gsc-widget.min.css
cdn.thestar.com.my/Themes/css/ 		1 KB
982 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/gsc-widget.min.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
451fd516e30a2c9f8540ea8147bf0562674750839aa967147189fa7d3cae22c0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
kGC.90mrgmWnDOcE6kUKtpr6rVwh368x
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:17:10 GMT
server
AmazonS3
age
1465
etag
W/"5a9c2439e593f7d47afd523effc0e939"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:50:14 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
liAjaIHzXg7uuhHSPi9nulu_aHD4-AP4akmX8a5Z-mFxfb47wxk-Bg==
1394257.jpg
apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/1394257.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7dc797fac05f08e013f8297cf74c5c6f44d5f18547a73bb72e558b342f373fbf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 19:18:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"c5302bc46ebae1e07ff82e05f732695d"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 06:11:56 GMT
accept-ranges
bytes
content-length
9590
x-amz-cf-id
Y878B_S6o92oGRSXTWgEz18vQIeD2Lnr0OB7qNE_ReB4vKQb2qPQrA==
api.js
www.google.com/recaptcha/ 		884 B
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c18491705449cbdae97140faac4dcc785348651585e1f1cb3560c9a5fab1ab70
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
585
x-xss-protection
1; mode=block
expires
Mon, 06 Dec 2021 06:11:54 GMT
1394063.jpg
apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/1394063.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afef52ff47e49036406cb4cd0c8ab14c8fbd68bcebef8269c1442413cebef502

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 02:29:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"4dc42fa2ea8733f913a6bfbd0c1913f1"
x-cache
Miss from cloudfront
x-amz-version-id
null
cache-control
max-age = 31536000
accept-ranges
bytes
content-type
image/jpeg
content-length
10700
x-amz-cf-id
IupFonAmRzGopIbYzfeGlxR1xnMP4W4J3fZANvFS6k42oGks2cCIMA==
1389232.jpg
apicms.thestar.com.my/uploads/images/2021/12/02/thumbs/small/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/02/thumbs/small/1389232.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a50093685096b42c151027bf72fe769a2655bef6d24024d165900fb53ca5bd86

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Wed, 01 Dec 2021 16:41:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"bf940fcbed8ae59f8ec419a4d3e5fb39"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 06:11:56 GMT
accept-ranges
bytes
content-length
8491
x-amz-cf-id
a5CT6fHnyYV7BMHFBQB6-WQmEs4NEIgMLmIcqmrabx4XC23qu4r3-A==
cx.js
cdn.cxense.com/ 		118 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
61a9a4924579af06533a09ad0072612a6bcc4e69e54349a53fdb2d081cc8d81d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 06:11:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Dec 2021 15:30:08 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28194
Expires
Mon, 06 Dec 2021 07:11:55 GMT
slick.js
cdn.thestar.com.my/Themes/js/ 		85 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/slick.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61d0e86849b6dabf198e30c022f56b838137807ac8429f6caf0a9bd844cfa126

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
M1UUCXgbifGYen3fSN4gPuaUneQd11UO
content-encoding
gzip
etag
W/"0069cd26e05883ce7beecc9dde8a8dd1"
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
age
852
x-amz-meta-cb-modifiedtime
Fri, 25 Aug 2017 08:37:13 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 06:00:29 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
1ow3-OVNcJeybuaMc1Xv9HROwJnwamWLKBbLp1Wn_XjXt7Vplz2Kfw==
trendingsection.min.js
cdn.thestar.com.my/Themes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/trendingsection.min.js?v=20201123
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97e01e9c8f9a09704caddeccf0ed2e5bd2df7992ebd7c6b62b6b8860e97176d1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
MYn9O0SuasXAsZ0Cx6J0.uO9mQ.cp9vw
content-encoding
gzip
last-modified
Mon, 23 Nov 2020 03:26:57 GMT
server
AmazonS3
age
840
etag
W/"ec6d4619fe5f27ef47b8d256fa5bed1e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
604800
date
Mon, 06 Dec 2021 06:05:25 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
t3MyWO9idcrz2_Oz3QiSCau6DfE5oQ_zSNUMZifdQYyB9kp_nLE3AQ==
outbrain.js
widgets.outbrain.com/ 		188 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c066970a333942bac84a0a666ec95b65f9aa1c66f8dda2b9463d3cc7ef8ffa53

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:55 GMT
content-encoding
gzip
etag
W/"2ef28-zLnz6qpp3zmtCHwyOzaFcffYeuU"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
b9885dd774a4fe5ebbff19ad76b633c7
timing-allow-origin
*, *
expires
Mon, 06 Dec 2021 10:11:55 GMT
all.js
connect.facebook.net/en_US/ 		281 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=4494d4d796cf8442d89515a755e3d6a0
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c41d9fe7df9f000a26c0b5c1c65863aff7880496e1ca9e669136c55390424265
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Origin
https://www.thestar.com.my
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
G57wmzYoB97FI9DIaAMunQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 06 Dec 2022 05:32:17 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
81361
x-fb-rlafr
0
x-fb-debug
zuRU7ixZKXy5m6kqUCTwzEQ4pLrhwU0BrxPbEW2LpBcvRWiMGrVT9TZ7DstoCFXpCBUxjZCprWUOIl6WtuRscQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
09e323e94baf078e529e5e0ccd92f77e
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 06:11:54 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"2d7ff0dbb91f01886aaaf9a3193f582b"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thestar.com.my
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 21:26:28 GMT
x-content-type-options
nosniff
age
549927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 29 Nov 2022 21:26:28 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:55 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=26369
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
obtp.js
amplify.outbrain.com/cp/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:54 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:12:10 GMT
server
AkamaiNetStorage
etag
"973e2603f46b719eecf8139c22b897a0:1633349530.816673"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1200
accept-ranges
bytes
content-length
3150
expires
Mon, 06 Dec 2021 06:31:54 GMT
TechStory.js
cdn.thestar.com.my/Themes/js/gpt/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/gpt/TechStory.js?v=20211001
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c5d613b8ef978ba3ebfe0679c291d1ea29c24849b6ad544b6524e60e964bcbb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
p5ryH41mOayewFBtJu0_tfqU1rEUGJIf
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 03:37:33 GMT
server
AmazonS3
age
2682
etag
W/"b9dd9f15c1f28b31ebf3d67d1ef4dc14"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
date
Mon, 06 Dec 2021 05:51:36 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
yFoNYZWM5HGa7n2VDh_EfFzchrAqyqWc597qTUhKypIdiBHQNc0ryw==
pubads_impl_2021113001.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
465b31f84196ddfdd21c859a1460c95d70093d91e3ae5ce5c688c398b9dc20f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119680
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 13:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 06 Dec 2021 06:11:55 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		401 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thestar.com.my
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
38d6fd28cc1afe32bbc91d8612db70dc990616fc78e1c8e09653169547534085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
180
x-xss-protection
0
expires
Mon, 06 Dec 2021 06:11:55 GMT
recommendedreadingarticle.min.js
cdn.thestar.com.my/Themes/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/recommendedreadingarticle.min.js?v=20201130
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
179852524d78ae73e90fa8355d8a993306eae0d7a82ead38154e69e96cc26037

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
jrpyf.arhDRb1zBqh0Q4SLP30eRmgVCD
content-encoding
gzip
last-modified
Tue, 05 Oct 2021 04:39:19 GMT
server
AmazonS3
age
1773
etag
W/"df2e445d8697fd08443bf9dd824948a6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
date
Mon, 06 Dec 2021 06:05:25 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
iSEmVVl2x2XNkGyv15STmbjVbAPawJMYuIGBzHX6HO0_N8AM9luzlA==
chartdatetime.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/ 		972 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/chartdatetime.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.133.34 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
07f7e650aef8a01dccceb4a6d976e651b6b7d9b97303d27d79a0d59bf97c0804

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 06:11:56 GMT
Last-Modified
Mon, 06 Dec 2021 05:06:23 GMT
Server
AmazonS3
x-amz-request-id
5MWT7DR3TNRDSTEB
ETag
"2dfc20086735c6b969a91f4904841fe7"
x-amz-version-id
.DMEwl09fqB763D2WKeZ2jjlL9IoyGyd
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Type
application/js
Content-Length
972
x-amz-id-2
PfLnk4DUs2lTXGNLYqemRV8epH4X8vQwrtUbiCH+A2q4LYMQIs/GR4pYppHT4/d01vH+0zAUWU4=
jquery.jqplot.min.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/ 		168 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/jquery.jqplot.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.133.34 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6f2d79e83c8e873bf5c9ca48819c3bf85ac03659ab34764ca0857c60e0b23e27

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Mon, 12 Jan 2015 04:28:16 GMT
Date
Mon, 06 Dec 2021 06:11:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Aug 2017 08:04:31 GMT
Server
AmazonS3
x-amz-request-id
5MWN7F7FGT8SFXSY
ETag
"34a02ba47f73853b0abee59bcde46861"
x-amz-version-id
GBBRuvPJ6axKW25UnMQZIZI8IL_ZXtAe
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
40802
x-amz-id-2
5WxAxYcpJ0L/xg1GcB7K8Tw/m68+5u7Kt4X9gBnsu2qRC8CGMmev87ZX1b5HBRk8N7DlOIpSwxk=
jqplot.canvasTextRenderer.min.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/jqplot.canvasTextRenderer.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.133.34 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8cc16df9139267030b4faab035b18687532f0534b2bd244357cdc92ade62c7d8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Mon, 12 Jan 2015 04:28:52 GMT
Date
Mon, 06 Dec 2021 06:11:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Aug 2017 08:04:32 GMT
Server
AmazonS3
x-amz-request-id
5MWH3HAT5Q3VQFYX
ETag
"40ccd46d588ec5f2bdcab810ccc560ea"
x-amz-version-id
bXOySgiYGt4ExqDTFuO3yLV3VSjlMmj9
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
3624
x-amz-id-2
9YkCXK/BwmpwBX/wc1SIvnXvBEPLCuTs4BKMfknm8bl+oMUmyKNt2EC0aWqVJ7LQGhfs3QD5H8M=
jqplot.canvasAxisTickRenderer.min.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/jqplot.canvasAxisTickRenderer.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.133.34 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
73eaef684ed4118dad4828f6c72ab096d28e9f4629540ef0f0695e0bed57c854

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Mon, 12 Jan 2015 04:29:09 GMT
Date
Mon, 06 Dec 2021 06:11:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Aug 2017 08:04:32 GMT
Server
AmazonS3
x-amz-request-id
5MWYYTFYFBV82HEG
ETag
"58707dba2234ad48407ecf8be547a8a8"
x-amz-version-id
DDqNr4cor1Y0wowm0KNS0YVT8vPUCmOm
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
1088
x-amz-id-2
OPHNDaGA8RzIyqdLLksSCWQOv4LI69s9wyw5n2RBhYSPvADpwsvbxoBY8t31018YujTL2e3NTwg=
jqplot.dateAxisRenderer.min.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/jqplot.dateAxisRenderer.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.133.34 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8221ceca59482880db172a9978526d9dd2a894a8c918232d4ddfe8989892495b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Mon, 12 Jan 2015 04:28:44 GMT
Date
Mon, 06 Dec 2021 06:11:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Aug 2017 08:04:31 GMT
Server
AmazonS3
x-amz-request-id
5MWH2MAV7W3SSF4K
ETag
"100bebdc1dd34da0492542ab2c0afd10"
x-amz-version-id
TNtxhcaCLEGA3wzUEK.W9f5OpdVpr.XP
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
2762
x-amz-id-2
KzXbau5kqAsgjglipmPDwVNB6XC4KIFBHT67Z+b2fA7epmFjnxfXMaLcdKEvCJs4Ud23pNbI320=
jqplot.canvasOverlay.min.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/jqplot.canvasOverlay.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.133.34 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e4a89d9588799e0cf2c929823609717c593964608447f3307144505d530342a0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Mon, 12 Jan 2015 04:29:01 GMT
Date
Mon, 06 Dec 2021 06:11:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Aug 2017 08:04:31 GMT
Server
AmazonS3
x-amz-request-id
5MWJ1A4BDESWJX27
ETag
"3b7c16ee47e08089c254d2dcc177be70"
x-amz-version-id
VADRCRedFvW6IHYOBIg5ulkEoqq3.Ls7
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
3003
x-amz-id-2
+I7i/tR4yabaUo22ytcQJkIEbtRIv8ySJyxemOWvr2DK9q3BXS3NhmmMNiFyojfP3e9LaB1yU20=
klciside.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout_v2/marketsummary/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout_v2/marketsummary/klciside.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.133.34 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
79c97d4c0c9a85281c12061d93149696a76eeffdcc1de3475c5c1bfdffb7beb9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 06:11:56 GMT
Last-Modified
Mon, 23 Nov 2020 05:07:39 GMT
Server
AmazonS3
x-amz-request-id
5MWWD87H7HN25EWR
ETag
"2f73ec58eb2e005dbbe9fead55e75479"
Content-Type
application/javascript
x-amz-version-id
J0lhCdsuzL7N_0K032ZhADQt13sU8bQO
Accept-Ranges
bytes
Content-Length
3876
x-amz-id-2
VsRA0arIpKJbCK/dGnfAG+bYIjAv3wTL0YNNjAv6DsCWy40k8za1295Tjp8MEr0tobRdsmMClKA=
plotchart.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout/marketsummary/ 		1011 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout/marketsummary/plotchart.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.133.34 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
312ccabde69942b8c1f22893e7a20c9fa6e7af20a95903a8034f19e7b4dddea6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Tue, 01 Dec 2015 00:02:11 GMT
Date
Mon, 06 Dec 2021 06:11:56 GMT
Last-Modified
Mon, 09 Dec 2019 02:07:32 GMT
Server
AmazonS3
x-amz-request-id
5MWXAERKG2H4CRBC
ETag
"aa287ab2f08a033baff8af19ae083248"
x-amz-version-id
Sasi7caBnHUkVipIaB1Yqe8zKqfENV26
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
1011
x-amz-id-2
zLkmCKFEkzQXWoxkHlJC+bthNwGx5p7efYylidyrHYXVIOciM7vS5UbeYFFi9up2KP22XgkbUk8=
top15active.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/top15active.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.133.34 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
baa015b36b513c09ba52f87c9d8e7ea0490885c7a6e7328f349dbf1c8a5d1c3c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 06:11:56 GMT
Last-Modified
Mon, 06 Dec 2021 05:07:43 GMT
Server
AmazonS3
x-amz-request-id
5MWJFBVHY0BTBBQH
ETag
"41e72ee23be9206bcae5585ba02bdcbc"
x-amz-version-id
vgaQhdgov_6uanjCWhfD6l4Duno1RZLb
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Type
application/js
Content-Length
3564
x-amz-id-2
xCjtxoQxtD8LvD40T73oIq8wQdmAX0ui1M7PkwYtryHZQpmbVpahzYoUQspQJh7BIe2GGToIK20=
sidemarketmovers_v2.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout_v2/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout_v2/sidemarketmovers_v2.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.133.34 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
76ad0e3d81d44aad912b8dd9a1aa81a76e1c5c501ca3a6aba6d7bc520f42240c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Thu, 16 Nov 2017 01:53:03 GMT
Date
Mon, 06 Dec 2021 06:11:56 GMT
Last-Modified
Thu, 16 Nov 2017 01:54:12 GMT
Server
AmazonS3
x-amz-request-id
5MWT3JSE464SJE06
ETag
"ba9fde07be1f5a2596d0ee536ce41ea7"
x-amz-version-id
tOC78Iou.fgjI1wwRMVtqhJGMVx.oicW
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
2101
x-amz-id-2
lUFM1/023eIFR5/25w98YCQBACEwFIX9TtT7RMmA6+t9QdJlzLMk++H62tx114lglXbbG/gXMx4=
interestNewsletter.js
cdn.thestar.com.my/Widgets/newsletter/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Widgets/newsletter/interestNewsletter.js?v=20200902
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
baa0892fb63bfb0affd093b3b974ef7f32ff1a8cafee6cae315170577c801b32

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
OJhzSb36lv_e2e_eLt.R5ULyfPyIIEoO
content-encoding
gzip
etag
W/"61ac8b26c984038e9df9929cb5c676c4"
last-modified
Mon, 11 Jan 2021 07:11:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-amz-meta-cb-modifiedtime
Mon, 11 Jan 2021 07:11:09 GMT
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/x-javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
date
Mon, 06 Dec 2021 06:11:56 GMT
x-amz-cf-id
AO2diYi5cTeKz9N0SnWr0MrpWAWCQHyeSepUEeHtArYsOQ6wzUvadQ==
iprice.min.js
cdn.thestar.com.my/Themes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/iprice.min.js?v=20210224
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
740e76e642e714e163854ee71b809f2d48c201af9dd60b48793c467bae1d3f30

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
wqpXp8YGHVaoYdu_rqir8.eZSJTud4zQ
content-encoding
gzip
etag
W/"62162acb2bacfd3939d4c89013792850"
last-modified
Wed, 24 Feb 2021 08:05:53 GMT
server
AmazonS3
age
1354
x-amz-meta-cb-modifiedtime
Wed, 24 Feb 2021 08:05:02 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
date
Mon, 06 Dec 2021 06:05:25 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
DGIjGNCPO25jiU0moMY1ezH7QQgdpOhNU18l5DoWWr9r1iFYRcaroQ==
adframe.js
cdn.thestar.com.my/Themes/js/cXense/ 		20 B
370 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/cXense/adframe.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef549d4f64eff079682d21179b21640f4f902f34489c385e544f7f64b8a87c6e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Tue, 31 Mar 2020 03:00:46 GMT
server
AmazonS3
age
2402
etag
"4b63ac77cdfef7177c6491be489b65af"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 06 Dec 2021 05:52:02 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
20
x-amz-cf-id
TjsMea154B7AiBHW_LXpb-Tpt7yfPy5xEmQUSqA7aWft3t-rddV3NA==
PaywallBypassBlocker.min.js
cdn.thestar.com.my/Themes/js/cXense/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/cXense/PaywallBypassBlocker.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c34be4417f25834d203def539d55dbbafa3c5228ea573f75f5ed732d0882a4ce

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Thu, 02 Apr 2020 09:12:54 GMT
server
AmazonS3
age
1548
etag
W/"3c634545d455f0caf2404ad403ad5b43"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
date
Mon, 06 Dec 2021 05:52:55 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
HmwEIhcCb9CKdIwbhVYv9epFKTp1svGpaDBYayikqmvxhjtzGd17Cg==
global-bar.min.js
cdn.thestar.com.my/GlobalBar/ 		2 KB
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/GlobalBar/global-bar.min.js?v=20210824
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96594a5870fb25c08fae392cc11b5efef3748685e976288ad9eaf519342ec33f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
8O0CMBQeHqW8XChYcX855mARkjFxavBp
content-encoding
gzip
last-modified
Tue, 24 Aug 2021 03:08:02 GMT
server
AmazonS3
age
13135
etag
W/"1f887f9550cb7ddb935f32ac10b498d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
604800
date
Mon, 06 Dec 2021 02:33:01 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
dacVW0rxhtqMTimbtflNPtogsaqbYXIXTMW-ELQEjxaKl1NXbNA-yQ==
bootstrap.min.js
cdn.thestar.com.my/Themes/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/bootstrap.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
t4hMdTiZici9FqL_hKTCNOgWrk2xRcD2
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
age
2411
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:33:50 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
DTNzLbtLpqIACLjb52gyk8LYzBvGs7yKHdwOZ7EVGn_-eU3mdBKKoQ==
bookmark.min.js
cdn.thestar.com.my/Themes/js/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/bookmark.min.js?v=20210708
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b000baee5b2289f2dd58d1e39e06d15c97b5b7b6b3cb6e17a5c536cfd975e8a4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
Z0fkRI3Qs7.ptV8xrur4Rr40uEsd1AYG
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 02:27:41 GMT
server
AmazonS3
age
1764
etag
W/"f00c102b1c696ad88642b9298ccfd57c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
604800
date
Mon, 06 Dec 2021 05:43:19 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
Hw4CINg9yaOWzf_w3u9mNvujAe5pbqFBOsDvLDS3aE4-3iV_dTayTg==
loginstatusV2.js
cdn.thestar.com.my/Themes/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/loginstatusV2.js?v=20200420
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b61c2c4b07a9ff596ac8fb4ced20988a9de454225943dad54ec3016e4928003d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
S_5Wy2QtS9yESUg_t_Txig1hXajjOehE
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
age
3489
etag
W/"bd6868868331c99696757c9430bba64b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:14:14 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
yUIP7sgYBhFZzeGvfO_-3FyKLOgdmezMWfJ9s2jZJm4AqY8yoGAYYQ==
rangetouch.js
cdn.thestar.com.my/Components/Audio/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/Audio/rangetouch.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc7f6e3a40dff7ac871bb5572dc316cffd3a872d5d9142c19f50ef8c2843797a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
SncXBizfzGgqFTTIKV4OY0WbJjbfBIUK
content-encoding
gzip
last-modified
Fri, 02 Oct 2020 03:23:27 GMT
server
AmazonS3
age
699
etag
W/"3d0c65f1a02e9c37f8151823305fac49"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 06:00:29 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
9QTzy_vyvasYUfGqIHmA9RbWGvKevVftfNA6HE4UDq98mQ6WVIN80A==
audiov11.js
cdn.thestar.com.my/Components/Audio/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/Audio/audiov11.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
452401583c42f3b8f6992ed4d1a1c21b8c34d9b1d3475e2f7bfe09009c5e482c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
MyE0S7wRqEofYd4m5t_f9MFpkuZ1q._c
content-encoding
gzip
last-modified
Tue, 23 Mar 2021 07:31:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
W/"9e21be23ac165d96439e5fa5b53ebbc7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
date
Mon, 06 Dec 2021 06:11:55 GMT
x-amz-cf-id
Qs8lOBXHd4mvoan11bT7RktIyVWaIcpfTVH5nqz3-J52Q6lPvu0eow==
lazysizes.min.js
cdn.thestar.com.my/Themes/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/lazysizes.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98fd6d37a4d49e1651aedf49857bb021f6c61058c262aa01ed2444d3f81c5f39

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
ecK.TIVb9okgvRXhj4mOs9F095sYYP3F
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:19:23 GMT
server
AmazonS3
age
471
etag
W/"3150bf538edc0788afd7c673a0c5dfee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 06:06:13 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
PRgx4HIX3ETqWYJSdmOE3bgWVlfUmAxX1WRLKYLYpxVxrMU5wkN-7A==
script.js
www.thestar.com.my/theme_metro/js/ 		41 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com.my/theme_metro/js/script.js?v=20210315
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-115.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
8b419e3880844b388be6e5741bfba63db8a32da77ebf64237a86e1dcdbb86fa2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Dec 2021 06:11:55 GMT
content-encoding
gzip
last-modified
Thu, 15 Jul 2021 01:47:32 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
etag
W/"60ef93b4-a292"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-id
_8SfqSOW7idS2i0esqwFfazvjk1McxtERR8TbisLBStkxX5HFS8DhA==
expires
Wed, 05 Jan 2022 06:11:55 GMT
anno.js
cdn.thestar.com.my/Themes/js/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/anno.js?v=20201130
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa6226cb013c006ba243f8c4161a9b2954024a784c0c665fafa50ddd2b72d56d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
OuDkpiwuPGW_Q4zrNCpISbqT1sd95PIt
content-encoding
gzip
last-modified
Mon, 30 Nov 2020 06:39:37 GMT
server
AmazonS3
age
1140
etag
W/"b879d81b10441b73e051d05ff6f260ee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
604800
date
Mon, 06 Dec 2021 05:52:56 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
gZILYUVkfPXR5_0UzWdhI8akKosGWDE-zJGoZATYWtaY9t2heL2d4w==
anno.css
cdn.thestar.com.my/Themes/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/anno.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a684a7fead41f8763e01290db33ff62ce49ea93e849c65a8e1bb0260b91f991a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
IYdciccd_JNS28aqgJlMBoSXxrU06r2A
content-encoding
gzip
last-modified
Wed, 18 Nov 2020 03:20:26 GMT
server
AmazonS3
age
2873
etag
W/"1729e7e979d354b09b68b9ee92c30ed5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
604800
date
Mon, 06 Dec 2021 05:44:16 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
hmnXtva6e2h4PC1IdwEc9IJrSKo1MErJ9jG_kxezNHHF3agKQbiH0w==
userTour.min.js
cdn.thestar.com.my/Themes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/js/userTour.min.js?v=20201123
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
091bffc74d80325dfeda3fd6d7cfa7345e4c05475683bba43288e71b976b9097

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
pkk7sT48scecda5qmWoyb0i.tvcRLuw2
content-encoding
gzip
last-modified
Mon, 23 Nov 2020 05:03:43 GMT
server
AmazonS3
age
1062
etag
W/"eb2cabf0b74693fdc24dedaf1fd53c9a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
604800
date
Mon, 06 Dec 2021 06:00:29 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
pDFeGrshKZlVFHQrMjOnfvZRDBoNgFO8DhprsRHGsJ5BPnMHhNUhMg==
flyin.css
cdn.thestar.com.my/Components/Flyin/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/Flyin/flyin.css
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90767ecb25166ad6de23d6c3c47369b320bc0800c2c52cd814cc49043eb9ecf7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
evw7KHSrtiPtOJ_cB9Mj.lS9SfYJ4IAS
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 03:33:00 GMT
server
AmazonS3
age
321
etag
W/"cacb78daa8eabcadd3288b939abb913b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
date
Mon, 06 Dec 2021 06:07:01 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
Fu85uNjoZLcWJJ2rWSfM1ajNdQpEMMTfblBhUrdcRFI8mZVVbf_zqA==
css
fonts.googleapis.com/ 		1 KB
395 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,900
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89c9421ac39490aa9d49852dea53fd6bae0f07639ed1d50b3879b4299e64ca43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 05:51:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 06:11:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 06:11:55 GMT
times-solid.png
cdn.thestar.com.my/Themes/img/ 		195 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/times-solid.png
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1a4b5737534ed3628e1cfac272c9ffb0d3cb070c186b7dc93698f2ad671ac6c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
kAFO.STgsqhnKgaHPEgDJWsM6I..4uJG
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Thu, 01 Oct 2020 02:15:05 GMT
server
AmazonS3
age
1354
etag
"1e6a99b6d4f0f30e2275083e00cc8aad"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:52:02 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
195
x-amz-cf-id
hNeRaWtUSvfZ5jG7jQkYTMEHmYM5CiA1q72Am0DjKFmnSg20My0UvQ==
Flyin_20210318_1.js
cdn.thestar.com.my/Components/Flyin/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/Flyin/Flyin_20210318_1.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
978b1153b68636a7a174eebaf2eaa694b324794c24b125504d4fe66925d6e453

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
paStmdHs3y5LBSsYHwMQRhv8w6RM2Zxk
content-encoding
gzip
etag
W/"4f184793a238c26f0e6b3b3af6f1a686"
last-modified
Thu, 18 Mar 2021 01:25:27 GMT
server
AmazonS3
age
299
x-amz-meta-cb-modifiedtime
Thu, 18 Mar 2021 01:24:11 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
date
Mon, 06 Dec 2021 06:07:01 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
l_b92l1uWM9tbXpm5ZP9E-2wjBHb1b8BQRlgr16VsXg1A42j8cRHrA==
smartechclient.js
tw.netcore.co.in/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tw.netcore.co.in/smartechclient.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e00:1c:47d:4bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
402f77a98964e0b600f97d53bb43a7fcf72d6b32d6efbe3f64704fa2fa25044c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 17:47:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Nov 2021 11:29:33 GMT
Server
AmazonS3
Age
44640
ETag
W/"7ac4c322ccc8a3c082d933a3bdf4d263"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 aff6ac5c98fa897349204752e5877c81.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-C2
X-Amz-Cf-Id
YfLdZsAU7qhP4awTbxxw4rbjni7FPBxu1EG4vl_UcpY57_-kJGJOtQ==
article-details.min.js
www.thestar.com.my/theme_metro/widgets/article-details/ 		620 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com.my/theme_metro/widgets/article-details/article-details.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-115.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
6df2b3acd9ea4840aae415eff31d7504ffd5cd1735b8cbc0cd7ffc3b3429bbda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Dec 2021 06:11:55 GMT
content-encoding
gzip
last-modified
Thu, 18 Jul 2019 06:35:12 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
etag
W/"5d301320-26c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-id
XvxzZ-l9wxCTY3loYIzfM7AXIrr1C-1F7kEgqH5a5_fcyAz7zG_Rzw==
expires
Wed, 05 Jan 2022 06:11:55 GMT
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00a149fe9401c432f57edaa96ee66b065d
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
gzip
X-TraceId
ab3b09eca95c88c50001df936cd74db2
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00a149fe9401c432f57edaa96ee66b065d&obApiVersion=1.1&obtpVersion=1.5.2&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&optOut=false&bust=010857698370142632
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 06:11:56 GMT
Cache-Control
no-cache
X-TraceId
c67579fc683b2cbeeb84e83adc9906c6
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
client.min.js
api.dmcdn.net/pxl/cpe/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dmcdn.net/pxl/cpe/client.min.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
f6328097b88e89b824f66b7327ac9625e7fdb720231b031c89171303dd5c2fff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:55 GMT
content-encoding
gzip
age
84625
server-timing
total;dur=17, dc;desc="dc3"
x-amz-request-id
MB8Q2KHMTG3VTP65
x-amz-id-2
qeWo7PQ2Yw5bL7VRUPMA82OY5lzPN+Z6I03nNlhNFUV23RHEl29QWBDzSUJ+46lKBu/hxRbZDro=
last-modified
Wed, 24 Nov 2021 09:47:44 GMT
server
DMS/1.0.42
etag
"ef9fd4ac3739dcc0cf8dcd8e9f0beeeb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
content-length
736
timing-allow-origin
*
x-llid
e2e4f06adabead81e41ceb06668bebcf
expires
Mon, 06 Dec 2021 06:41:30 GMT
web_surveys.js
survey.survicate.com/workspaces/40636b6a623c41a574580c19efa630b6/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.survicate.com/workspaces/40636b6a623c41a574580c19efa630b6/web_surveys.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:1::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
23e11f5b0c3750f8e72b2fb7ff40dbf55c054bf90d4c8d60a55501f602b5eddc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 16:54:34 GMT
server
keycdn-engine
x-amz-request-id
12GEEDMKG94AGJ6V
x-edge-location
uklo
etag
W/"715c2627ae5a41fbfd413bc4a9b2dd95"
x-cache
REVALIDATED
x-amz-version-id
vwg1Rcoaxgt4ERalDAk09cbDRtM1qpGR
access-control-allow-origin
*
cache-control
max-age=10
content-type
text/javascript
x-amz-id-2
qOPyn+0HoFh69Tl1AktxWOox/bMUgPV65rLiShyH0YFT27ATtUuM8+45OD+UOseIQjHq0I7OwPA=
logo-tsol-full.svg
cdn.thestar.com.my/Themes/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/logo-tsol-full.svg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc24e970a499fa71fd78aab5a09370b1021809f75b223ff73cdbc5ccb7366a4d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
ZB2.WLCHfckzpHruIV3tbVJ5i5eMVE7d
content-encoding
gzip
etag
W/"983d389524dd1f83d822a74af679d9fe"
last-modified
Thu, 01 Oct 2020 02:15:05 GMT
server
AmazonS3
age
1542
x-amz-meta-cb-modifiedtime
Tue, 04 Feb 2020 07:50:39 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:52:02 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
vqIT8N4RI8gfKI9qPJKw_IbuBGDEcb9rrW2Jq8tiNMRPKDAxs3XGCQ==
tsol-sprites.svg
cdn.thestar.com.my/Themes/img/ 		95 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/tsol-sprites.svg
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/tsol2019_pw.css?v=20210907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eae04d2bcf8165655a2d164bfaf44ed72b38bef84aefa1f477c273ee3cefced

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdn.thestar.com.my/Themes/css/tsol2019_pw.css?v=20210907
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
nepKuIFWZLQ.0Tc7GuCPXpFr_VLZlyTX
content-encoding
gzip
etag
W/"f72aac0fbcfab1977790a9027f2fda83"
last-modified
Wed, 02 Jun 2021 06:30:46 GMT
server
AmazonS3
age
653
x-amz-meta-cb-modifiedtime
Mon, 31 May 2021 07:35:08 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 06:07:08 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
XAgws88XzulokItvKVvry6pIo22H6ut4LDekYFXmTYW2uIe71ymB-Q==
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thestar.com.my
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 04:27:49 GMT
x-content-type-options
nosniff
age
265446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 03 Dec 2022 04:27:49 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=388467334571811&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&sdk=joey&wants_cookie_data=true
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
VcbRvv5nriZ5/1NHpN6BjYp4TP5kyhSQOSG10J1WbvgHmDMhX6mcf1nzM++QE+BxKQBcx2X1WVEc3LA5UaCVAg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Mon, 06 Dec 2021 06:11:55 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
segment
api.cxense.com/profile/user/ 		77 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/profile/user/segment?callback=cXJsonpCBkwua0d67v72s23hc&persisted=ec30973424ff3948df3ac1b786e3d43d71aa5a89&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22kwua0d65tcvc6khu%22%2C%22type%22%3A%22cx%22%7D%5D%7D
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4558e3a35886ed9f6e0d9242230ffbe9f795276478c9580daeed4124373ac823
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:11:55 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript;charset=utf-8
content-length
77
expires
Mon, 26 Jul 1997 05:00:00 GMT
Topicbar-v2.txt
cdn.thestar.com.my/Components/TopicBar/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/TopicBar/Topicbar-v2.txt?v=1638771115983
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d23794fa9865f81e47215bfd906f6f5cc3851623992a34352e76ca3905e4fce

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
V8hCgdxP5.L3vumOZuV_yNVYgYaQZX00
content-encoding
gzip
etag
W/"a23f7351b718ce487e10795819a9a16a"
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Tue, 30 Nov 2021 07:31:32 GMT
server
AmazonS3
date
Mon, 06 Dec 2021 06:11:56 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
text/plain
via
1.1 0c0a9358491c37c184a221ad07b92016.cloudfront.net (CloudFront)
cache-control
max-age=180
x-amz-cf-id
4DB6s0eIggJs_X9qWvxcPQBAvP7CqXFMdnMTic-IMar-3auBr_wMNA==
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thestar.com.my
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 08:02:57 GMT
x-content-type-options
nosniff
age
511739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22572
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:56 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 08:02:57 GMT
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7492227263c88aed04de04ba81b411844b8301ced1bec61a2c273886ea20ad9b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 06:11:56 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
3044b064-b421-4fe9-938a-20b35d6c2de0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thestar.com.my
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fontawesome-webfont.woff2
cdn.thestar.com.my/Themes/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://cdn.thestar.com.my/Themes/css/font-awesome.min.css
Origin
https://www.thestar.com.my
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
ZzJSZtVVrlqTf6sRJI1XVNyPPupEdB22
via
1.1 0c0a9358491c37c184a221ad07b92016.cloudfront.net (CloudFront)
etag
"af7ae505a9eed503f8b8e6982036873e"
age
2741
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
77160
last-modified
Thu, 01 Oct 2020 02:18:02 GMT
server
AmazonS3
date
Mon, 06 Dec 2021 05:27:07 GMT
vary
Origin
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=606000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
xSQcRTdWKNklW6Yir-tY0i0uVEJty63qJ05fuLoZSP5NitjCq8Psdg==
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.thestar.com.my
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com.my
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		505 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1236917832489792&correlator=4325082168681013&output=ldjh&impl=fifs&eid=31063377%2C31063756&vrg=2021113001&ptt=17&sc=1&sfv=1-0-38&ecs=20211206&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_Tech%2CDesktop_TSOL_Tech_SP_Mid%2CDesktop_TSOL_Tech_SP_Mid_STO&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ists=1&eri=1&cust_params=CxSegments%3D%26smg-keywords%3DCybersecurity%252CSmartphones%252CiOS%252CTechnology%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D698637%26smg-category%3Dtech%252Ftech%2520news&cookie_enabled=1&bc=31&abxe=1&lmt=1638771116&dt=1638771116026&dlt=1638771114484&idt=690&frm=20&biw=1600&bih=1200&oid=2&adxs=278&adys=447&adks=3331052271&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x25&msz=0x0&ga_vid=960081315.1638771116&ga_sid=1638771116&ga_hid=664786571&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3a1a5eab94a09501c2ad8e7927a34690cdbb6c56c181a3e28c54f60643b73a1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1236917832489792&correlator=3547102570009167&output=ldjh&impl=fifs&eid=31063377%2C31063756&vrg=2021113001&ptt=17&sc=1&sfv=1-0-38&ecs=20211206&iu_parts=21764785206%2CResponsive%2CResponsive_TSOL%2CResponsive_TSOL_AdRefresh&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&eri=1&cust_params=CxSegments%3D%26smg-keywords%3DCybersecurity%252CSmartphones%252CiOS%252CTechnology%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D698637%26smg-category%3Dtech%252Ftech%2520news&cookie_enabled=1&bc=31&abxe=1&lmt=1638771116&dt=1638771116030&dlt=1638771114484&idt=690&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=172&adks=1690029205&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1&msz=1x-1&ga_vid=960081315.1638771116&ga_sid=1638771116&ga_hid=664786571&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3c080360ae620ced973c2d0da05a920661d78b5dd5aaac6e0eb7a1f1e0b579b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8654
x-xss-protection
0
google-lineitem-id
5621370612
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374153998
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CEE0 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 06 Dec 2021 06:11:56 GMT
expires
Tue, 06 Dec 2022 06:11:56 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1394586.jpg
apicms.thestar.com.my/uploads/images/2021/12/06/ 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/06/1394586.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
663ab3f00bf72950de2d95107b96498fdf6e00b040e3749155996fdce8790c17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 05:31:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"fc1d307ca047dc77f43fadf203416879"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public
date
Mon, 06 Dec 2021 06:11:56 GMT
accept-ranges
bytes
content-length
123499
x-amz-cf-id
eaHDiy8fi7lv3NRT3CBoj9WLl6KSGvBPS-5Qj8-Ipx6lMVM-3v1ksQ==
expires
Thu, 26 Dec 2030 16:00:00 GMT
ptag.js
cdn.adbro.me/
Redirect Chain
  • https://tag.adbro.me/tags/ptag.js
  • https://cdn.adbro.me/ptag.js
108 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adbro.me/ptag.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Server
2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d41cc785e9d0a923e48b68893f44b38ce41495f60b6c920335a0699630d6e0ae

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
gzip
cf-cache-status
HIT
age
11045
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 02 Dec 2021 14:39:05 GMT
server
cloudflare
etag
W/"80a105b8ae7d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-polished
origSize=141356
cf-ray
6b935c1518245a25-MXP
cf-bgj
minify

Redirect headers

date
Mon, 06 Dec 2021 06:11:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://cdn.adbro.me/ptag.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6b935c143f495a25-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
yxqjjgye.js
tag.adbro.me/configs/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/configs/yxqjjgye.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5679829f522dc480fb97c0936ebf61581c20795cad12c388c6928e43e21066db

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1414
cf-polished
origSize=3067
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Tue, 01 Jun 2021 08:57:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
3b0f2e2c-001e-0005-0bc4-56cae9000000
cache-control
max-age=7200
x-ms-version
2009-09-19
cf-ray
6b935c143f4b5a25-MXP
cf-bgj
minify
recaptcha__en.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 		343 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Origin
https://www.thestar.com.my
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 11:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137335
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Mon, 05 Dec 2022 11:31:32 GMT
1394599.jpeg
apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/1394599.jpeg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9868fb532b076c8c0ccd10e76ca31cd0baf006b9abf0580d8c40cc08c5d4af20

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:02:39 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 05:47:45 GMT
server
AmazonS3
age
558
etag
"3dcbc05d9966231d5fcbf47913a88e63"
x-cache
Hit from cloudfront
x-amz-version-id
null
cache-control
max-age = 31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
7980
x-amz-cf-id
qGrdlraaWmqugUnd6HBIFtCqqbnmul_iujhRXNpSc8YU62Txjz1vig==
1394555.jpg
apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/1394555.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5f651c373eb4e965f1231f92b984fb7ff11233c8f2148b36116fc2bf95f32e3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:50:32 GMT
server
AmazonS3
age
1193
etag
"e783d5ee3d1b4fd4aba97c8a1191608e"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 05:56:57 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
8835
x-amz-cf-id
zIRNnYKdNLgpl20tYUw7jUG3LL4kQ4alPaesxY7R4UuTSGT2E6bzFQ==
1394519.jpg
apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/1394519.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
acc7aa7159635dd9eab73254844a50eaa96dc1e212d84b8467c4369a265d3b81

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:21:50 GMT
server
AmazonS3
age
1193
etag
"70077c53ebda90a6e8b4b84a4f652523"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 05:56:57 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
9590
x-amz-cf-id
cw8I0TF9yGVplW2yuqtASsJ8ptnwK6EeMbUHARL141T9Ej6h24kc2Q==
1394510.jpg
apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/1394510.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68af7f7aee4d567b6795b63bd542fb1db8dbc0159b72d406c0586fc1b950804d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:20:08 GMT
server
AmazonS3
age
1557
etag
"0026e7c01bd7404b800d5462e170b62c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 05:56:57 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
8869
x-amz-cf-id
QyqBe_JfeP4PPUpqpEPtTSXBPuj3JXkr_saeSkk54lv9zrlYagMUww==
1394242.jpeg
apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/1394242.jpeg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
528c628dbd031227f5c18079f4a56caffb9ff2b9308fe64d7464d0211f5374f6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 17:57:32 GMT
server
AmazonS3
age
1340
etag
"5bf6c89184dbe024f5e734b9fbcb9de7"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 05:56:57 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
7066
x-amz-cf-id
1w4REZfIOe0b95tGkzWU_NCnDYHU1PYd_Yw6NBqJXLwOcyoGulP0CQ==
1394235.jpg
apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/1394235.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5b08e6c2a6d110648a9c41b88b373b187f8565ebccb7a785d1f8aaffe49e9e19

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 17:19:50 GMT
server
AmazonS3
age
898
etag
"001c02e165c79fcb4979d66c43508048"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 05:56:59 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
6483
x-amz-cf-id
hIOCtH4JW8RnuYt4sJANE2Z3fVsMd1EGMexN4D2N1HEQGeXefIbEzg==
1392159.jpeg
apicms.thestar.com.my/uploads/images/2021/12/04/thumbs/small/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/04/thumbs/small/1392159.jpeg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a39337477e6517ba860468256878100735c32f2c10023e05ec547e00b5a3fa6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Fri, 03 Dec 2021 22:34:43 GMT
server
AmazonS3
age
898
etag
"4a29f4b7efc4ccd971882ed298ef6aad"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 05:56:59 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
4062
x-amz-cf-id
WEYdj0dxIhGpHWsv7gPHf0_-LBHOz3BZVahC3_WawQi827WMFKLfnw==
1394104.jpg
apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/1394104.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a8d9deb2f6c627e8dcdebfe454788b84c8b80d2fc6f8d1c5c6d3145921956ca

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 16:10:13 GMT
server
AmazonS3
age
898
etag
"792500df358e80868f557b3084806d71"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 05:56:59 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
7788
x-amz-cf-id
j98CR5EDJQsCBhEmWhz8HYvnkEBUpeOgA5njIBigGrNlN4zjR61RTQ==
1394350.jpg
apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/1394350.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74059d8123198fcfc5ca7622fcd47d6077d1dff573b36bd37bd92bc57298f828

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 00:39:21 GMT
server
AmazonS3
age
1193
etag
"33f242365d27918845a30548007b305a"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 05:56:57 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
8078
x-amz-cf-id
FdJTCac24uiO3D70TOgTrYTP7hSCTZKueocTw8DneD1qdhnwZZ8iRA==
1393937.jpg
apicms.thestar.com.my/uploads/images/2021/12/05/thumbs/small/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/05/thumbs/small/1393937.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a81534ccf81d8b26a26b07b3a7335dc583d7a0fdde639ef2dc768a1aa1799d25

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 15:15:52 GMT
server
AmazonS3
age
898
etag
"47520d1474f697d396b13601517b53a6"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 05:56:59 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
5138
x-amz-cf-id
vGv79lfVYuFsGUw13efiI1FxCc8z9OI0WSHzkIyJwV6nT0AQoHI6cw==
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v20/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thestar.com.my
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 09:35:45 GMT
x-content-type-options
nosniff
age
419771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 01 Dec 2022 09:35:45 GMT
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
739055135bbf490ef9967201e81e84a8917bfa8dbdac6c7022fff950bfb47917
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 06:11:56 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
20acba68-62c7-4d56-9726-2d1af16b8906
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thestar.com.my
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1236917832489792&correlator=1399129971490686&output=ldjh&impl=fifs&eid=31063377%2C31063756&vrg=2021113001&ptt=17&sc=1&sfv=1-0-38&ecs=20211206&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_Tech%2CDesktop_TSOL_Tech_SP_Mid%2CDesktop_TSOL_Tech_SP_Mid_Slider&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&eri=1&cust_params=CxSegments%3D%26smg-keywords%3DCybersecurity%252CSmartphones%252CiOS%252CTechnology%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D698637%26smg-category%3Dtech%252Ftech%2520news&cookie_enabled=1&bc=31&abxe=1&lmt=1638771116&dt=1638771116075&dlt=1638771114484&idt=690&frm=20&biw=1600&bih=1200&oid=2&adxs=180&adys=3871&adks=3605845109&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&vis=1&dmc=8&scr_x=0&scr_y=0&psz=820x0&msz=820x0&ga_vid=960081315.1638771116&ga_sid=1638771116&ga_hid=664786571&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3117a7ba625ae0dd6868ae3b835180238def98ec3386d8ea7ef152245b55e742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8969
x-xss-protection
0
google-lineitem-id
5529441009
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138345474143
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1389882.jpg
apicms.thestar.com.my/uploads/images/2021/12/02/thumbs/small/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/02/thumbs/small/1389882.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a73b7af07e739f75e57f3b3a8925f73c8ea24e7c0cb92bae0f38408229e5f39c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Thu, 02 Dec 2021 08:33:28 GMT
server
AmazonS3
age
387
etag
"ec09f834ba0825eca16da254084cfad5"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 06:08:02 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
9012
x-amz-cf-id
ds6-xOLsXJQ83Do65stoEL5-5LG1NuQHhiiFYiKJ6zuFpr5uFGP0nQ==
1392101.jpg
apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/1392101.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e904f4815baada34656973f1043e230bb0f363ed65fb919cf2120a034875560

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 16:54:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"1a3863c1d1cd1ba31ec83a2ad0728916"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 06:11:56 GMT
accept-ranges
bytes
content-length
5760
x-amz-cf-id
kcBehKy_zzHhD20OvSIS0-AnJukMiLp733RG8eFRGDV5OOCJBOhLcw==
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7c4ea21aa9230e2365c82ceb7f2bbb00d18f0ebb1412a6bc66a8c71323e1c8b0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 06:11:56 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
65876ead-4454-427e-a860-ff6b8c9730ec
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thestar.com.my
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
326f46040295b7bed5241d373bdb5f58d097ca13fac9f6337964357a082c2a35
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 06:11:56 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
abe23fe3-11fb-4196-b844-12a67a926855
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thestar.com.my
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d3d3LnRoZXN0YXIuY29tLm15
tcheck.outbrainimg.com/tcheck/check/ 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LnRoZXN0YXIuY29tLm15
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 06:11:56 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=19241
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
3f818d3618a88d5b420a6d9438c54f6f
Content-Length
16
Expires
Mon, 06 Dec 2021 11:32:37 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=5.754927315527935
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Wed, 05 Jan 2022 06:11:56 GMT
1394434.jpg
apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/1394434.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da22428a5b5d2666e5071afdf138ed28badcfc4e2454a8a4dde2f19fd8cadada

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 02:55:46 GMT
server
AmazonS3
age
709
etag
"17bcd2f0cb8fd72af7e2a9638172f5a3"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 06:08:02 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
5969
x-amz-cf-id
ESnWn-ZA83ezbu-UDvoCI_mDwOF_BrFXW8NXL8O088oQt0YtyUU6ig==
play-icon.png
www.thestar.com.my/theme_metro/images/ 		835 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com.my/theme_metro/images/play-icon.png
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-115.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
42ba00577dd09005be874a620fec2c0c9bef0a72ccf4ae82337f8fbb1de0a7ac

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Dec 2021 06:11:56 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
last-modified
Thu, 18 Jul 2019 06:35:12 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
etag
"5d301320-343"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
835
x-amz-cf-id
yOg3le32h7k5s00pTUAkxGYYvQtGN-goWFo2R_eQ2MOvvnaFVAJKxA==
expires
Wed, 05 Jan 2022 06:11:56 GMT
1386898.jpg
apicms.thestar.com.my/uploads/images/2021/11/30/thumbs/small/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/11/30/thumbs/small/1386898.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e96bdc1023e254eb8df1614b1e60f49da6c3569c146505d2de7c10fa8359bede

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Tue, 30 Nov 2021 04:07:30 GMT
server
AmazonS3
age
390
etag
"e8f1925e2a9057318804fe23e470386e"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 06:05:36 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
8784
x-amz-cf-id
Fk5s9vBRmXMSGMA8E3HVdqS4PgS5G3FAW7mThzV3CXYAL2w7A_XNAA==
1393685.jpg
apicms.thestar.com.my/uploads/images/2021/12/05/thumbs/small/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/05/thumbs/small/1393685.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc7ddb48baeb09e5268d9ddbb27b5cfea676e41bb8b20d7430162595a2f7e762

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 09:20:11 GMT
server
AmazonS3
age
1713
etag
"b0e1a4d4087cde95b21eca6f21de5f64"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 05:56:57 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
5824
x-amz-cf-id
w4lQ0WcN8_Y3v7epbeuHhWC1NhdJmLgjHsnOkLMBTF8HOUIyHTbRHg==
1393864.jpg
apicms.thestar.com.my/uploads/images/2021/12/05/thumbs/small/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/05/thumbs/small/1393864.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5150dc4a5f7d50db58294826f36cb09c1c049415fb8a217b5179c0906efbf48c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 12:05:32 GMT
server
AmazonS3
age
961
etag
"1e4bcb4ac60b8d73abf3744748e037ab"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 06:08:02 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
11140
x-amz-cf-id
g35PeWjD2IxnjAqMimsrOe-SPPIPPnMDmZRLR-jSK0F4DmJUIqs6tw==
1394578.jpg
apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/1394578.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9efee46369fbd12a860cb46e422648e616c076cd46f37f2afc3829426269a7d8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 05:17:39 GMT
server
AmazonS3
age
1193
etag
"10ae5e7bc5f258a6611c9b7e408f89ba"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 05:56:57 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
10062
x-amz-cf-id
Elm6PbLLRAoHQXP4DhfMDI2__EyPC9RaMjcDcFReFGK_SMzL3xJzuQ==
1394086.jpg
apicms.thestar.com.my/uploads/images/2021/12/05/thumbs/small/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/05/thumbs/small/1394086.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a27cf029356c4c26244522c419c54964a8c99be53c901ac04ae7d55ce3576ce7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 15:29:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"ce49908fd124c3da5a91132aa49747f0"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 06:11:56 GMT
accept-ranges
bytes
content-length
4879
x-amz-cf-id
H9HsLXw-H-GFPSrt8zgz8PvYt1tPgcASGwRFK5sEQY8G4DO-Q_hCjw==
1394477.jpg
apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/1394477.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3927ded96fc064b744009d5f1d0cbb5e64e7279b972428967a0f0038f558bde8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 03:36:42 GMT
server
AmazonS3
age
1681
etag
"0ef9e4323bcaef35ea750a24510ef400"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 05:56:57 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
6907
x-amz-cf-id
Fwtruc5oPswjPI4huDVIcOdUyKQvmDL6y0BaeWn14RO4aRRb7Jre8A==
1393812.jpg
apicms.thestar.com.my/uploads/images/2021/12/05/thumbs/small/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/05/thumbs/small/1393812.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b337ee06c0e848fe74da72c0315aeb97849bf74282d08763fb5e59a7f2b8202

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 10:44:14 GMT
server
AmazonS3
age
950
etag
"4d909972e5047bb5439047d3f1ef93d1"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 05:56:58 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
7970
x-amz-cf-id
ITqvm7tmzEFRRDFylsA5ZCVZ1dGG9w_4NNmStg8E5Vxe-1yuovVqZw==
1394304.jpg
apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/1394304.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e001c17fec4c77216fcec0b2dc56828c2dbc46711a4a082c7c047249f9bcaced

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 23:50:38 GMT
server
AmazonS3
age
387
etag
"419bbaf730b4d41d9c4a5cdadf95d764"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 06:08:11 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
11430
x-amz-cf-id
BM2IauhXIKGkyBSpcJ_jw2cYNCcqb7GldTiPMX1f51MjoOQiWvfKPA==
1394174.jpg
apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/small/1394174.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95c99406ed917af33a051c1dfb42b552dc255d1e1a84db2c63911aae9ed8dfee

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 16:08:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"8f45b4dc4989e333ca6e71b823ffc868"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 06:11:56 GMT
accept-ranges
bytes
content-length
10009
x-amz-cf-id
BYSFAeKd6DMYc8dmq5fbZH089Ou_HwNK4IH07At8lQ_IZY16UgUFGQ==
1393722.jpg
apicms.thestar.com.my/uploads/images/2021/12/05/thumbs/small/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/05/thumbs/small/1393722.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
520b16a4f232dc9ba5cdf6f4cdf27cb8f79e912c01ec5c04bdfa30a1f71b289c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 09:42:39 GMT
server
AmazonS3
age
224
etag
"acacc64138459172a877578778088ca3"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 06:08:13 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
7952
x-amz-cf-id
a3EScHxdb-eQQohRnDXpiOKG1t6CIFXsU3XsQ0ztld4OCL6G0vqing==
Branded.txt
cdn.thestar.com.my/Components/Branded/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/Branded/Branded.txt?v=1638771116126
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b09cf331a7fe109687ce1477d0a3a62540207f298748676cefe505b1bd6977e3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
u_tisdAxxoL.G1PHcNwaufIEEDbrpzl7
content-encoding
gzip
etag
W/"a0bd932299c3f20b04bbe6b78051cfa1"
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Mon, 06 Dec 2021 05:59:06 GMT
server
AmazonS3
date
Mon, 06 Dec 2021 06:11:56 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
text/plain
via
1.1 0c0a9358491c37c184a221ad07b92016.cloudfront.net (CloudFront)
cache-control
max-age=180
x-amz-cf-id
lVVPZze48RcwQplQXrBcEUeuRuQofuDQT1TvdFUa9D6f0kzVB7lNUw==
loading.gif
cdn.thestar.com.my/Themes/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/loading.gif
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eba3a9df23af26c6d75b298846b3f2163d63b1df3d611976bb7e122a52a3148f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
xRJEYV6_wc4C_AlOpixHYaiHp1QK2B60
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
etag
"67eb63b57910a3c89f76495f47a45f9f"
last-modified
Thu, 01 Oct 2020 02:15:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-amz-meta-cb-modifiedtime
Tue, 01 Mar 2016 08:40:05 GMT
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=604800
date
Mon, 06 Dec 2021 06:11:56 GMT
accept-ranges
bytes
content-length
2536
x-amz-cf-id
GJ9FudcDR0Vmr5tv0WV2JXIDWPGuWKcC5_deRJZsbmw0TKz0evwWKQ==
ads
securepubads.g.doubleclick.net/gampad/ 		78 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1236917832489792&correlator=3349132554338444&output=ldjh&impl=fifs&eid=31063377%2C31063756&vrg=2021113001&ptt=17&sc=1&sfv=1-0-38&ecs=20211206&iu_parts=21764785206%2CResponsive%2CResponsive_TSOL%2CResponsive_TSOL_Tech%2CResponsive_TSOL_Tech_SP%2CResponsive_TSOL_Tech_SP_ATF%2CResponsive_TSOL_Tech_SP_ATF_MiniRect&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2F6&prev_iu_szs=300x250%7C300x100&eri=1&cust_params=CxSegments%3D%26smg-keywords%3DCybersecurity%252CSmartphones%252CiOS%252CTechnology%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D698637%26smg-category%3Dtech%252Ftech%2520news&cookie_enabled=1&bc=31&abxe=1&lmt=1638771116&dt=1638771116132&dlt=1638771114484&idt=690&frm=20&biw=1600&bih=1200&oid=2&adxs=1035&adys=4323&adks=3995825057&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&vis=1&dmc=8&scr_x=0&scr_y=0&psz=370x0&msz=370x0&ga_vid=960081315.1638771116&ga_sid=1638771116&ga_hid=664786571&ga_fc=false&fws=4&ohw=420&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c7178acd38cffa906122dc6628f92ad892ba8fafbd11c23806226417e294ba50
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/261053816168775680/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/261053816168775680/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COvh_pHCzvQCFb-FgwcdwlYGsg&gqi=&layout=/sadbundle/%24csp%253Der3%24/261053816168775680/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/261053816168775680/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/261053816168775680/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COvh_pHCzvQCFb-FgwcdwlYGsg&gqi=&layout=/sadbundle/%24csp%253Der3%24/261053816168775680/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26878
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Mon, 06 Dec 2021 06:11:56 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D11C 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4b8ada87f6e9500e167b6afbc808f611d85788ae0b1119f75c5e2a3939480b04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1064 / 973 of 1000 / last-modified: 1638572771"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26977
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 06 Dec 2021 06:11:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D11C 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Dec 2021 06:11:56 GMT
subscription_footer.aspx
sites.thestar.com.my/tsolnewsletter/ Frame B692 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sites.thestar.com.my/tsolnewsletter/subscription_footer.aspx
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.228.188.75 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-188-75.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/8.0 /
Resource Hash
dbc856f89aa2ee82e83af6db3313a50c73303578d3d66dccbe06b619be0500bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees

Response headers

Cache-Control
private
Content-Length
3062
Content-Type
text/html; charset=utf-8
Server
Microsoft-IIS/8.0
X-AspNet-Version
4.0.30319
Date
Mon, 06 Dec 2021 06:12:55 GMT
slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
273926
x-jsd-version
1.8.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19182-FRA, cache-mxp6956-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6b935c14f9075a07-MXP
slick.min.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3576302
x-jsd-version
1.8.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19147-FRA, cache-mxp6927-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6b935c14f9035a07-MXP
view
securepubads.g.doubleclick.net/pcs/ Frame 0B99 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssa8IGW2qgF0IpEeC6q5-11tnEhI1uLKH1ZSN0vY-pOALVJHWW0xkJl27EQuvKXPDGnR0YXRAYLKcVe_V6fwuD1GVOhc95NlPFubcpkGQ4uJThLeyVHB5PqFIoC9PR2KDzj3kidl85CaX4hREV1khaC2oPpXFOMsieybj-4CtX8m9uki6uHNgzbwlQhBo-kUExU_S8t1SHrnaWsAYpTpUKLL0SLBHDro-dH6DibEzuFq9gj6Wf_CVBZ87sjOnbBp9t6f92yhPWRydQBa4a-IQxusL6E8vVUUIOvQwhH1-SMKDDpznvOeBpPlgPUW2NVRRSA7MO7gV_FF19kNWb5v7M_sBgQ4yOQje9p1xaYTDy3wUxWAptm7n22aBHqYLwhj94IvWgqVE_5TaH39rOflK6zuoOKNj4Gj9zdRKI8Pdkzbuqdmp0&sai=AMfl-YTwQKzN27hzt0Q3MRAF13mPhFlpqjR12svFICopMEsDUIwRY-EbD6wb-m2Faci15eDcE0w4SBIPvEu3eZWY60FDB6PiBAOwuJdku7lM1KTs54UryOMKSr1SSa1iFBwJ&sig=Cg0ArKJSzCFjY4vwM_KrEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 06 Dec 2021 06:11:56 GMT
thestar_11272.js
ads.vidoomy.com/ Frame 0B99 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/thestar_11272.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
2ea3631e4df491b93c574d3863a4b2ba9728392c7f1b702e28bd4eee5abb2aae

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 06:11:56 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
5391
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0B99 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Dec 2021 06:11:56 GMT
1394321.jpg
apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/large/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/12/06/thumbs/large/1394321.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c192c4ae04c34ef69988daef84fb7daa3a8a427c68a7bea5bc001d7c8d24f05

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 00:24:19 GMT
server
AmazonS3
age
613
etag
"8c90cd556aa11d5f8305f26b9e8f47e1"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 06:06:55 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
42515
x-amz-cf-id
L5lTzIX0RUM2GKxI3_XHibDYLD_k0GBqnIQ9pTuWnI4f6vSljEstOQ==
1386898.jpg
apicms.thestar.com.my/uploads/images/2021/11/30/thumbs/large/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apicms.thestar.com.my/uploads/images/2021/11/30/thumbs/large/1386898.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6730e2dc065ea4a645d075baee29915d96a90c17a8f72e6764b9641c8e166f21

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified
Tue, 30 Nov 2021 04:07:31 GMT
server
AmazonS3
age
501
etag
"af5b4cd0f3a6088074ab815b42221b72"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age = 31536000
date
Mon, 06 Dec 2021 06:08:11 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
45386
x-amz-cf-id
hg7isxSbSJdGPZ_RmBico5w5vv5pSxMhGI8eonzVGwzOpGYoxRMTxQ==
view
securepubads.g.doubleclick.net/pcs/ Frame D11C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEXds2KoSdU5tFQLmeN_9_UMvoeHCALDuKUGUp001VITBK9aIfZVc1t0Ch3WNwyVR5h58cxS78cDeWXOpaMgoltm9oMqp9Glhg7dyD2oA4Ry9YTJtEQ7yFygnhCs1W-k2R5Kp1S0NJUxCTdv2cvnT_DDEkkOOVFCGXMVzKjci6M76wO-h3BD7XB9BTH5xUze1OYRvi4W9ZeezXGhjfKMrUJSUcWXkLVQ4dBMhRHqOy5YecvmbVLmnosLCjzVd74wnrvFBCbKwwQJwpB7Q9lmbXh-IYw1OMsgPQFTEn7F1izwJxflU3MwWMW3F_vyKn_1I3L2OFVw2GQtHUHErgttbFOJu5bBoVMdXrwzkpYVxzcqE56EXyWw&sai=AMfl-YStkiHiv3JDCOZS-Gt1HAo2_kT8AedkniC0jfws0pCYI6HMq8TeX2UwEDeiftf6w3ShdC3TeAduVtE6cmlq6ghVHmh0mfIjhR-bWX-nplmBkG1NoguPWqu30EITf75L&sig=Cg0ArKJSzEv4FF3Eq6bGEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 06 Dec 2021 06:11:56 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
eb4bc33283e00e578d8f8d8244f12a504c5473252c6280a17e76ba157000354b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 06:11:56 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
387fe1df-1eda-4db9-9e7f-57c7e460dd80
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thestar.com.my
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
home-grey.svg
cdn.thestar.com.my/Themes/img/ 		1 KB
947 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/home-grey.svg
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
270c56cdecd7bd45eb74a011b460b48fb1b068cc527fa8dc8581cd03b8fb3e7e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
iKT.5yejZvc4POdV8Tabe7aj6JXaFYKH
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:15:05 GMT
server
AmazonS3
age
2936
etag
W/"2f089abb1a815b7573aee61676ce494a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:23:01 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
Dqf9h2XWg9if0o53AOFpMrZzfZVFj-46U9b34kWTolYIZ4fDOVHNEQ==
for-you-grey.svg
cdn.thestar.com.my/Themes/img/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/for-you-grey.svg
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7de862c78c063457dd1efecec6a0e18a101a1f1c6004ab1ee5e4a47fb30ad70d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
w7MOlogLTHynNMKz5HAzX7B5N2iAIrp0
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:15:05 GMT
server
AmazonS3
age
1569
etag
W/"022db165b3c8a0fd90abf412efca1e65"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:52:03 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
z7sNVIGHyIm8x2ZhoTx0UszsPlixBix-b7OwH24MCGv1EY0mB1hNbg==
bookmark-grey.svg
cdn.thestar.com.my/Themes/img/ 		430 B
821 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/bookmark-grey.svg
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
824108d6942edfd5d4eb473c8fb180227e21f6c8c6e9590579d2e6371091eaa2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
pAG2hmmE51fnq5Xp99Cla7Tf29NT6Exq
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Thu, 01 Oct 2020 02:15:05 GMT
server
AmazonS3
age
2416
etag
"bce4e380fa2100c507926b4c875ef156"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:33:53 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
430
x-amz-cf-id
55Zs5PJWVK1wkGOMRtfqWzjzlbks9wSyCfcP_kLmC_xJWwYOnek__Q==
podcast-icon-grey.svg
cdn.thestar.com.my/Themes/img/ 		1 KB
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/podcast-icon-grey.svg
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83fdcf272f1b3595e9fb6ff516c1d97f525ba9bdb405f1d1396111ea21f2fa20

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
lRDIEQegUr9xjkZKhFx9S7_qrf4WmSsn
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:15:06 GMT
server
AmazonS3
age
613
etag
W/"cc05c46b7da9dbf62a65266a55f0476a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 06:07:11 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
z_hxnTTB60J8meLvz71Ituxg0rl9bYkFL1bI24AH8IZTknGSti2h9A==
search-grey.svg
cdn.thestar.com.my/Themes/img/ 		882 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/search-grey.svg
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8fe0a5fd8c54e4deed0515142cc5269fc5709e07974a99399a0cb5d53477004

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
AuwJ7QRx8vivVMdQpCg5ZY2WKboXLadY
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Thu, 01 Oct 2020 02:15:06 GMT
server
AmazonS3
age
3350
etag
"471e3523d499fc268cdd78c32c7b4cf9"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:20:26 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
882
x-amz-cf-id
wmyGs4pagL3lLfl056cULY8f73MwnhZV0jsrjbDxEL31DRJE8itjsg==
ads
securepubads.g.doubleclick.net/gampad/ 		91 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1236917832489792&correlator=3079293437499364&output=ldjh&impl=fifs&eid=31063377%2C31063756&vrg=2021113001&ptt=17&sc=1&sfv=1-0-38&ecs=20211206&iu_parts=21764785206%2CResponsive%2CResponsive_TSOL%2CResponsive_TSOL_Tech%2CResponsive_TSOL_Tech_SP_ATF%2CResponsive_TSOL_Tech_SP_ATF_Rect&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x600&eri=1&cust_params=CxSegments%3D%26smg-keywords%3DCybersecurity%252CSmartphones%252CiOS%252CTechnology%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D698637%26smg-category%3Dtech%252Ftech%2520news&cookie=ID%3D4b2b8571e11bbc64-22796dc645cc00a4%3AT%3D1638771116%3AS%3DALNI_MYSCTbLDZ-QvjR7PGBkIHTneKvKuQ&bc=31&abxe=1&lmt=1638771116&dt=1638771116284&dlt=1638771114484&idt=690&frm=20&biw=1600&bih=1200&oid=2&adxs=1070&adys=241&adks=3194759617&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_PH8bLDJn5GNdkPg2aYyw12GQ86EF_SyisWs3G4E8ljjeSbc9l4-LRP1UFal1PsAqohMTkH_Ynd1Flnu8l9l3qLmKbV2DAWqh-rHazx8-KiA%2CAGkb-H9mnEPkQKVABl-tJUNAUqhWEVxJqcAsBJBNSC_oh0NGqqVmb2XYYv5VJqePAAFXyZwr9DpVSRipSwDOmfZ9rviQXRt7ye81iOj4KIX0exRe&ga_vid=960081315.1638771116&ga_sid=1638771116&ga_hid=664786571&ga_fc=false&fws=4&ohw=420&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3d0183bdacfc8e0bfba4b0c8150db35953bfc1b94c14d2946e075b9ae1e0626a
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7762759255349788672/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7762759255349788672/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPCNiJLCzvQCFRqodwod1VAJHw&gqi=&layout=/sadbundle/%24csp%253Der3%24/7762759255349788672/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7762759255349788672/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7762759255349788672/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPCNiJLCzvQCFRqodwod1VAJHw&gqi=&layout=/sadbundle/%24csp%253Der3%24/7762759255349788672/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29446
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Mon, 06 Dec 2021 06:11:56 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		78 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1236917832489792&correlator=3328900710521253&output=ldjh&impl=fifs&eid=31063377%2C31063756&vrg=2021113001&ptt=17&sc=1&sfv=1-0-38&ecs=20211206&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_Tech%2CDesktop_TSOL_Tech_SP_ATF%2CDesktop_TSOL_Tech_SP_ATF_Megalead&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=970x90%7C970x250&eri=1&cust_params=CxSegments%3D%26smg-keywords%3DCybersecurity%252CSmartphones%252CiOS%252CTechnology%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D698637%26smg-category%3Dtech%252Ftech%2520news&cookie=ID%3D4b2b8571e11bbc64-22796dc645cc00a4%3AT%3D1638771116%3AS%3DALNI_MYSCTbLDZ-QvjR7PGBkIHTneKvKuQ&bc=31&abxe=1&lmt=1638771116&dt=1638771116286&dlt=1638771114484&idt=690&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=167&adks=383088598&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x0&msz=970x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_PH8bLDJn5GNdkPg2aYyw12GQ86EF_SyisWs3G4E8ljjeSbc9l4-LRP1UFal1PsAqohMTkH_Ynd1Flnu8l9l3qLmKbV2DAWqh-rHazx8-KiA%2CAGkb-H9mnEPkQKVABl-tJUNAUqhWEVxJqcAsBJBNSC_oh0NGqqVmb2XYYv5VJqePAAFXyZwr9DpVSRipSwDOmfZ9rviQXRt7ye81iOj4KIX0exRe&ga_vid=960081315.1638771116&ga_sid=1638771116&ga_hid=664786571&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
0c679e0b86729bc2dcab3c8a082733241b3b9247944a9818db66eab3b3a35e60
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8041232346273284096/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8041232346273284096/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CODzh5LCzvQCFaQQiwodxOgOgg&gqi=&layout=/sadbundle/%24csp%253Der3%24/8041232346273284096/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8041232346273284096/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8041232346273284096/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CODzh5LCzvQCFaQQiwodxOgOgg&gqi=&layout=/sadbundle/%24csp%253Der3%24/8041232346273284096/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26816
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Mon, 06 Dec 2021 06:11:56 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1638771116299&sessionId=b6ff5ea4-0ab6-2a9d-0b97-a6aae5530822&url=www.thestar.com.my&cheqSource=1&cheqEvent=0&exitReason=2
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 06:11:56 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
8d8bac461637f5846d1c92a042cb7052
Content-Length
4
Expires
0
cx.cce.js
scdn.cxense.com/ 		22 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://scdn.cxense.com/cx.cce.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 06:11:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Jul 2021 14:49:19 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5864
Expires
Mon, 06 Dec 2021 07:11:56 GMT
config.min.js
cdn.thestar.com.my/GlobalBar/ 		13 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/GlobalBar/config.min.js?v=20210824
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/GlobalBar/global-bar.min.js?v=20210824
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c6f45467304d598dd713c1f2efae51dec6b7a5cf1b0a4c1dd7fb19f91a1a9b0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
Bfkbu5QR.J4Ukzo4Nyc_ohF_n4VKMPWZ
content-encoding
gzip
last-modified
Tue, 24 Aug 2021 03:08:03 GMT
server
AmazonS3
age
79737
etag
W/"0b2fd302f4aa64810a6329e06300d884"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
604800
date
Sun, 05 Dec 2021 08:03:00 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
rz3SCJk41qGFweOqApiFrZeHGWUZLGy1b9CgPTRh0unL3lIcn4AXzQ==
bar.min.js
cdn.thestar.com.my/GlobalBar/ 		18 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/GlobalBar/bar.min.js?v=20200703
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/GlobalBar/global-bar.min.js?v=20210824
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47269f8f454fbfd295cbae0bc19f51ba58c6a1511f4f7265f273b2fd912484f3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
fb003RZ_zGqi_3Iz5DBNjpr3fqYvMiS4
content-encoding
gzip
etag
W/"6df4e7b47257b431d12ae501b0983903"
last-modified
Thu, 01 Oct 2020 02:32:16 GMT
server
AmazonS3
age
474418
x-amz-meta-cb-modifiedtime
Wed, 04 Mar 2020 09:39:04 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Tue, 30 Nov 2021 18:24:59 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
Xeg7iTd9UHiJ8PjnyD7LjFsfdgbvU7dZz241AhkFGykCqcM0GigI_A==
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1236917832489792&correlator=1560722284278969&output=ldjh&impl=fifs&eid=31063377%2C31063756&vrg=2021113001&ptt=17&sc=1&sfv=1-0-38&ecs=20211206&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_Tech%2CDesktop_TSOL_Tech_SP_BTF%2CDesktop_TSOL_Tech_SP_BTF_Lead&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90&eri=1&cust_params=CxSegments%3D%26smg-keywords%3DCybersecurity%252CSmartphones%252CiOS%252CTechnology%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D698637%26smg-category%3Dtech%252Ftech%2520news&cookie=ID%3D4b2b8571e11bbc64-22796dc645cc00a4%3AT%3D1638771116%3AS%3DALNI_MYSCTbLDZ-QvjR7PGBkIHTneKvKuQ&bc=31&abxe=1&lmt=1638771116&dt=1638771116310&dlt=1638771114484&idt=690&frm=20&biw=1600&bih=1200&oid=2&adxs=226&adys=4309&adks=2620042198&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0&msz=728x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_PH8bLDJn5GNdkPg2aYyw12GQ86EF_SyisWs3G4E8ljjeSbc9l4-LRP1UFal1PsAqohMTkH_Ynd1Flnu8l9l3qLmKbV2DAWqh-rHazx8-KiA%2CAGkb-H9mnEPkQKVABl-tJUNAUqhWEVxJqcAsBJBNSC_oh0NGqqVmb2XYYv5VJqePAAFXyZwr9DpVSRipSwDOmfZ9rviQXRt7ye81iOj4KIX0exRe&ga_vid=960081315.1638771116&ga_sid=1638771116&ga_hid=664786571&ga_fc=false&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
fe7e190183a9ec401b584644379982b748ee0f5f771a8e4b3be9f1a6257735db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19431
x-xss-protection
0
google-lineitem-id
5622290324
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138347159734
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021113001.js
securepubads.g.doubleclick.net/gpt/ Frame D11C 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
465b31f84196ddfdd21c859a1460c95d70093d91e3ae5ce5c688c398b9dc20f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119680
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 13:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 06 Dec 2021 06:11:56 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.thestar.com.my
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com.my
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1236917832489792&correlator=2851856865139533&output=ldjh&impl=fifs&eid=31063377%2C31063756&vrg=2021113001&ptt=17&sc=1&sfv=1-0-38&ecs=20211206&iu_parts=21764785206%2CResponsive%2CResponsive_TSOL%2CResponsive_TSOL_Tech%2CResponsive_TSOL_Tech_SP_BTF%2CResponsive_TSOL_Tech_SP_BTF_Rect&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&eri=1&cust_params=CxSegments%3D%26smg-keywords%3DCybersecurity%252CSmartphones%252CiOS%252CTechnology%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D698637%26smg-category%3Dtech%252Ftech%2520news&cookie=ID%3D4b2b8571e11bbc64-22796dc645cc00a4%3AT%3D1638771116%3AS%3DALNI_MYSCTbLDZ-QvjR7PGBkIHTneKvKuQ&bc=31&abxe=1&lmt=1638771116&dt=1638771116342&dlt=1638771114484&idt=690&frm=20&biw=1600&bih=1200&oid=2&adxs=1035&adys=1462&adks=1683362303&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&vis=1&dmc=8&scr_x=0&scr_y=0&psz=370x0&msz=370x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_PH8bLDJn5GNdkPg2aYyw12GQ86EF_SyisWs3G4E8ljjeSbc9l4-LRP1UFal1PsAqohMTkH_Ynd1Flnu8l9l3qLmKbV2DAWqh-rHazx8-KiA%2CAGkb-H9mnEPkQKVABl-tJUNAUqhWEVxJqcAsBJBNSC_oh0NGqqVmb2XYYv5VJqePAAFXyZwr9DpVSRipSwDOmfZ9rviQXRt7ye81iOj4KIX0exRe&ga_vid=960081315.1638771116&ga_sid=1638771116&ga_hid=664786571&ga_fc=false&fws=4&ohw=420&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f6fc4aaef7df4e92be26cdbfdc377700ffc5d82d80c63ec74b2b82e00bd6040c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9014
x-xss-protection
0
google-lineitem-id
5401583275
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138316820235
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
home-red.svg
cdn.thestar.com.my/Themes/img/ 		1 KB
950 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/home-red.svg
Requested by
Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c88db5fef86344acc9f5a2df7e9c9b882fdea254e01b7a7ca6e0659f5895a21c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
KZWSU2EI3njfvx4j1TIh_Mn4THsKY6Uo
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 02:15:05 GMT
server
AmazonS3
age
1154
etag
W/"3ec8ad3cbc1fc0de9ce3d5ac429dfb77"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:52:57 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
meN-9BrGUvN96KIflZc-LMA-KFS9UWhWuoMDwoNP6gA5c3knd1nWwQ==
gtm.js
www.googletagmanager.com/ 		174 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PVM4TH
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9fc10a0177174d74db7bda54fb15df5935ec60190569404b117540893591b1cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51598
x-xss-protection
0
expires
Mon, 06 Dec 2021 06:11:56 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-28.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 07:34:23 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
96012
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
DpsuNwxxnILw4ZfocrQ_henTfbrs1aUwlYsKSTwAhoqXV4cyntuP4Q==
js-versioning
osjs.netcoresmartech.com/v1/ 		239 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&rc=s
Requested by
Host: tw.netcore.co.in
URL: https://tw.netcore.co.in/smartechclient.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
443c99709775a9adc404bab4873ab8dc0cc51fcec7427c36b1981f596345a0de

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 10:03:27 GMT
x-amzn-requestid
58283280-2559-4be0-b224-a3fb7aeb4ef5
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=273146
x-amzn-trace-id
Root=1-61a899ef-5406c35434109e4759c41dbf;Sampled=0
content-disposition
inline; filename=smartech-sdk.js
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-amz-apigw-id
Jtz9aGPjhcwFqEA=
content-length
64804
app.min.js
api.dmcdn.net/pxl/cpe/ 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dmcdn.net/pxl/cpe/app.min.js
Requested by
Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/client.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
8fb6a3fed795d18c97e59795ac6fe8f7d4ad804e2844b9129d562d94b06f04fe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
gzip
age
84625
server-timing
total;dur=20, dc;desc="dc3"
x-amz-request-id
TY5GXVD47N8ZPHDV
x-amz-id-2
aa3BQF9S9z9jKJ4yIpy9Wju5NmxnsxVLyZ2aRxmzalQXEKHQnZLoTIJPUzxRIukG99pbUakjBy0=
last-modified
Wed, 24 Nov 2021 09:47:44 GMT
server
DMS/1.0.42
etag
"71ea3dac5743ec86f436a091fcfc3deb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
content-length
18563
timing-allow-origin
*
x-llid
e2144b8b3f297b70fa1bd96a3ba3755b
expires
Mon, 06 Dec 2021 06:41:31 GMT
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5dfaeb0face4ad17/ 		4 KB
955 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-5dfaeb0face4ad17/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f4d194bc24a9585caa944053add27041d47a22913f8891aa843488e9369cdee9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
gzip
etag
248765760--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=13, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
780
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=61ada9aa5aed0ee8&bkl=0&bl=1&pdt=2767&sid=61ada9aa5aed0ee8&pub=ra-5dfaeb0face4ad17&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.thestar.com.my&fp=tech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Cybersecurity%2CSmartphones%2CiOS%2CTechnology&colc=1638771116472&jsl=8321&uvs=61ada9aa97d3d559000&skipb=1&callback=addthis.cbs.jsonp__92960231054460540
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
478474c1dae8dda2ab356c2ad6acc7dbf5dd8fc4f6d0ff749f30d02ebe2c828c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:11:56 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame FA21 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame B0AC 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
etag
W/"5f971164-11adc"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
26421
date
Mon, 06 Dec 2021 06:11:56 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
widget_iframe.21f942bb866c2823339b839747a0c50c.html
platform.twitter.com/widgets/ Frame BA2B 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.thestar.com.my
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D22) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
290057
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 06 Dec 2021 06:11:56 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Thu, 02 Dec 2021 21:34:18 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (lcy/1D22)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
anchor
www.google.com/recaptcha/api2/ Frame 4D3A 		39 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=y7mkqjsdmy37
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
08fac54032735fe70e378a797b3136a392ee3634926ea4de66e6615ece695f03
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9GbwoK0+EeBm3+QtXUgYUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 06 Dec 2021 06:11:56 GMT
content-security-policy
script-src 'report-sample' 'nonce-9GbwoK0+EeBm3+QtXUgYUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20262
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
get
odb.outbrain.com/utils/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&idx=0&rand=18236&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=180&py=3930&vpd=2730&cw=820&activeTab=true&settings=true&recs=true&version=2000531&sig=5EJ3UsaV&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fa1bf0a305255e52d5153e94fd298cbecc48453e99bda085672a4918639c3834

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
CHIDC2, MDW, HHN, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.75.48
x-cache-hits
0, 0
x-traceid
8b4cbf36daac2dcd050f49638ef372f5
content-encoding
gzip
content-length
15362
x-served-by
cache-mdw17348-MDW, cache-hhn4057-HHN
x-timer
S1638771117.614360,VS0,VE301
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
7021.js
script.crazyegg.com/pages/scripts/0012/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0012/7021.js?455214
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
073871c472b0faf53307aa60ce6020d7f82a4a695d2caee068f606baa7951be8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
gzip
cf-cache-status
HIT
age
319379
cf-polished
origSize=4899
cf-ray
6b935c17286b59d7-MXP
ce-version
11.1.361
last-modified
Thu, 02 Dec 2021 13:28:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-bgj
minify
truncated
/ Frame D11C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7358b5fe7bd97a7191a07be7385c7943dc30f44bf27df724c0d556cae25fb53

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0B99 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a931addb76b88ba9180fc266b4656eea02090c1f642c4b3081c5c833775848e6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1236917832489792&correlator=54848005885019&output=ldjh&impl=fifs&eid=31063377%2C31063756&vrg=2021113001&ptt=17&sc=1&sfv=1-0-38&ecs=20211206&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_Tech%2CDesktop_TSOL_Tech_SP_Mid%2CDesktop_TSOL_Tech_SP_Mid_OSV&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1%7C640x480&eri=1&cust_params=CxSegments%3D%26smg-keywords%3DCybersecurity%252CSmartphones%252CiOS%252CTechnology%26smg-gsentiment%3DNA%26smg-gsentiment-magnitude%3DNA%26smg-page%3D698637%26smg-category%3Dtech%252Ftech%2520news&cookie=ID%3D4b2b8571e11bbc64-22796dc645cc00a4%3AT%3D1638771116%3AS%3DALNI_MYSCTbLDZ-QvjR7PGBkIHTneKvKuQ&bc=31&abxe=1&lmt=1638771116&dt=1638771116547&dlt=1638771114484&idt=690&frm=20&biw=1600&bih=1200&oid=2&adxs=390&adys=1236&adks=1074547806&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&vis=1&dmc=8&scr_x=0&scr_y=0&psz=610x0&msz=610x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_PH8bLDJn5GNdkPg2aYyw12GQ86EF_SyisWs3G4E8ljjeSbc9l4-LRP1UFal1PsAqohMTkH_Ynd1Flnu8l9l3qLmKbV2DAWqh-rHazx8-KiA%2CAGkb-H9mnEPkQKVABl-tJUNAUqhWEVxJqcAsBJBNSC_oh0NGqqVmb2XYYv5VJqePAAFXyZwr9DpVSRipSwDOmfZ9rviQXRt7ye81iOj4KIX0exRe&ga_vid=960081315.1638771116&ga_sid=1638771116&ga_hid=664786571&ga_fc=false&fws=4&ohw=820&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
fcb48567c9630e566e15ba74ac5d7ff9411b4969a87370335ebc3660aeb3ad17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8429
x-xss-protection
0
google-lineitem-id
5526331360
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138329226118
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
data
api.cxense.com/public/widget/ 		125 B
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/public/widget/data?json=%7B%22widgetId%22%3A%2254aaff126eb002491eaa07aecde1d51cee28be16%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22%22%7D%7D%2C%22prnd%22%3A%22kwua0b2g9hchdwt3khju%22%7D
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4ac09a266fc228ccfeda054bc051dba4c85b49194143bf231e618d0a3f977f1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:11:56 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
125
expires
Mon, 26 Jul 1997 05:00:00 GMT
getUserEngagementConfigs
www.thestar.com.my/ 		178 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com.my/getUserEngagementConfigs
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-115.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
6bcc613069b43acb016f817d716e9df3a3ca6b4f93dbeec17c4729b708805207
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
X-NewRelic-ID
VgIEVF9QChADU1hQAAUGUFc=
X-Requested-With
XMLHttpRequest
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 06 Dec 2021 06:11:56 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-C1
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-newrelic-app-data
PxQFVVVWAQACR1JVDgMAUlUHBRFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZHVYUh16Dl8VQQ0IWlITJgRdR2UXBBByX1AHA1RbVgwSIA1eBFEFSxoYAh1VCVEBUR9SSgYGWVFVFB4BSENbBlVWBAAIDlIAA1BXCVNbQBReVV5AAGQ=
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://dev-smebizhub.starmediagroup.my
cache-control
no-cache, private
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Content-Type
x-amz-cf-id
4gBS-0Zf6pZKL3HtO5bJXNc7UpPO-U2MDOkLCBmdJFuW3NRD7xLEww==
jquery.jqplot.min.css
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/js/plugins/jquery.jqplot.min.css
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.133.34 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2eb3b837a4e3ecb73de5a872cdc5cf0516b47aa991519e92acebe6c178b23316

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Mon, 12 Jan 2015 04:28:32 GMT
Date
Mon, 06 Dec 2021 06:11:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Aug 2017 08:04:32 GMT
Server
AmazonS3
x-amz-request-id
G9V3TECFCT7X3GQM
ETag
"ef129c8b8213aec2b24294b9dadf0a5f"
x-amz-version-id
cWifd0oQ7MIedMAfT87eVJq6aFVX7NfX
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
952
x-amz-id-2
AJN6A3FHyGob9+DvFEf6hV2BE7H41PaLdiu+Hb8ICw0r4xsgtk/UdvEuoPRjLB5JCSiI+H98c/0=
marketsummary.css
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout/marketsummary/ 		261 B
758 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout/marketsummary/marketsummary.css
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.133.34 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
682dba44c5ce490546c57b50fd2946e1128db030c6500e12fe02f188d39f4ada

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Mon, 12 Jan 2015 06:29:41 GMT
Date
Mon, 06 Dec 2021 06:11:58 GMT
Last-Modified
Wed, 09 Aug 2017 08:11:49 GMT
Server
AmazonS3
x-amz-request-id
G9VEFGCWSS890V9G
ETag
"84d888e4f9d0ce8e130822125f07491e"
x-amz-version-id
chpdOUEQZJ.MyaqfUhMXC5GIx3GBEoNS
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
261
x-amz-id-2
bwrCwyOCCeCLB0XjTWFIHoJSKrk4XeGLcja/YKTFgyV2AUJIWRKkcKn+Z9fSMy8qTs/D6XP4a2M=
top15gainers.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/top15gainers.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.133.34 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6277bfdfd016fc40380bbccc4c0235c68a3308db77593fbfd9ede1736cb8f456

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 06:11:58 GMT
Last-Modified
Mon, 06 Dec 2021 05:07:43 GMT
Server
AmazonS3
x-amz-request-id
G9V45D088BW6SYB7
ETag
"d86e4fe6eb7fffe7403e21b7faf688b0"
x-amz-version-id
4Am3V47boUEO69tNU6yqWReAsS.62bBk
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Type
application/js
Content-Length
3524
x-amz-id-2
OaK0Jf4AHm2RxgoieyVp5Z+9BT30biIC7TQ0bSKozBoTKPybSkPDZkGm1CMHpjspAhxptpIbgEY=
top15losers.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/top15losers.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.133.34 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
002426618e1fdc3faa18dcf7a2ac38acbde5120e5b36d4c7d6e881bb81d89d16

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 06:11:58 GMT
Last-Modified
Mon, 06 Dec 2021 05:07:43 GMT
Server
AmazonS3
x-amz-request-id
G9V47NFKCF4H3VS6
ETag
"4733a76010daa63180ae0498a73bd1c3"
x-amz-version-id
90Wuuvm6Bas2M_nl6Y0dcgpXWA0jptwt
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Type
application/js
Content-Length
3557
x-amz-id-2
RVCSXRR4d9M/NHUaYqgc0/6iFWOycVIh2epRmr+xDnJg7P1OUgIBfeSLlwDHE8hgAR94F/Btdxw=
ressecdata.js
s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/biz.thestar.com.my/layout/ressecdata.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.133.34 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d998e83d193b8718681967d5165c3abf8e0f17a0c79373857b0128c740414bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Tue, 28 Oct 2014 08:02:53 GMT
Date
Mon, 06 Dec 2021 06:11:58 GMT
Last-Modified
Wed, 09 Aug 2017 08:11:49 GMT
Server
AmazonS3
x-amz-request-id
G9V8C5MWSYD41YYA
ETag
"e4dbf47e731c34691e0aa212611bb6f4"
Content-Language
application/js
Cache-Control
max-age=604800
Content-Length
4626
Accept-Ranges
bytes
Content-Type
application/x-javascript
x-amz-version-id
h.vMYdWszAQQe_JyPCkE3IqIYSDmKQvp
x-amz-id-2
mnGmJ5iJe2Du306Wz01op4VSfhG1zvo9ZYBUWexlL213DwX9vutnd57Dv4E5hul6Bk/Twf0bEwY=
electronics.json
cdn.thestar.com.my/Components/iPrice/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/iPrice/electronics.json?1638771116955
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e153152a3f654df7d36456a16f373b5994c53dbe923800f4cd0af6cd04643e55

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
PtA8Z2kJOPIUeBtB_HGiN5_Od1KMFSZe
via
1.1 0c0a9358491c37c184a221ad07b92016.cloudfront.net (CloudFront)
etag
"7c5ea3351544afc37d0654fb51a67cde"
x-amz-cf-pop
FRA56-C2
x-cache
RefreshHit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
access-control-max-age
3000
content-length
2166
last-modified
Thu, 02 Dec 2021 11:59:18 GMT
server
AmazonS3
date
Mon, 06 Dec 2021 06:11:58 GMT
vary
Origin
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
.json
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
ig6nvQtZcPaC8eP08HHeEjhxudK6VGdyIGQIcopKkDFMJwQt1lCPaQ==
Flyin.json
cdn.thestar.com.my/Components/Flyin/ 		719 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Components/Flyin/Flyin.json?1638771116968
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e29d2f1a858534d9899baeb23a4f178e98bbd3e70481af59229dfe7d5c05f06e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
SusYX.3ZqXusHeVP2jxUX4IrgKgEzT.S
via
1.1 0c0a9358491c37c184a221ad07b92016.cloudfront.net (CloudFront)
etag
"1690d62ea6739c0320854367b9a90a07"
x-amz-cf-pop
FRA56-C2
x-amz-meta-cb-modifiedtime
Wed, 24 Nov 2021 20:01:43 G11T
x-cache
RefreshHit from cloudfront
access-control-max-age
3000
content-length
719
last-modified
Wed, 24 Nov 2021 12:01:43 GMT
server
AmazonS3
date
Mon, 06 Dec 2021 06:11:58 GMT
vary
Origin
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
5eEj18-Zkv3vrz1kP-WnY77suqOEhzpBOSpq-J8nBoT7jOk4soCpHg==
/
apis.adbro.me/api/v2/advertising/slot/1aabaafa-a583-4b14-9e96-9fa0261924ed/advertisement/ 		13 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.adbro.me/api/v2/advertising/slot/1aabaafa-a583-4b14-9e96-9fa0261924ed/advertisement/?pageUrl=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&pageTitle=AP%20source%3A%20NSO%20Group%20spyware%20used%20to%20hack%20US%20State%20Department%20employees&imageUrl=https%3A%2F%2Fapicms.thestar.com.my%2Fuploads%2Fimages%2F2021%2F12%2F06%2F1394586.jpg&imageSize=610x406&pageTags=CYBERSECURITY&r=ri0hl
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-adbro-uid
51f11b87-2564-4ece-8d79-5161e1520e0f
date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-adbro-page
5527862748764192611
x-adbro-ip
IAEKyAAhACMC2gAAAAAAAQ==
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
access-control-allow-origin
https://www.thestar.com.my
access-control-expose-headers
X-ADBRO-uid,X-ADBRO-ip,X-ADBRO-page,X-ADBRO-assessor,X-ADBRO-preview
access-control-allow-credentials
true
cf-ray
6b935c195dba5a25-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
integrator.js
adservice.google.co.uk/adsid/ Frame D11C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.thestar.com.my
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D11C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com.my
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D11C 		255 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=155438545836067&correlator=2504883673528388&output=ldjh&impl=fif&eid=31062930&vrg=2021113001&ptt=17&sc=1&sfv=1-0-38&ecs=20211206&iu_parts=21927187246%2C358804_thestar_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3D4b2b8571e11bbc64-22796dc645cc00a4%3AT%3D1638771116%3AS%3DALNI_MYSCTbLDZ-QvjR7PGBkIHTneKvKuQ&cdm=www.thestar.com.my&bc=31&abxe=1&lmt=1638771116&dt=1638771116997&dlt=1638771116191&idt=799&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=2&adxs=0&adys=191&adks=2034016349&ucis=lf0s2i6f0dm&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&top=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=1x0&ga_vid=1081955180.1638771117&ga_sid=1638771117&ga_hid=1374088403&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e311588888d321b6dc507dbaf7cbdd58fef865edf6ef9511a6cc27ca8ee59fcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25926
x-xss-protection
0
google-lineitem-id
5848899787
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373737852
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e66e4ff9650e16c05403fc85f0686c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DB69 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e66e4ff9650e16c05403fc85f0686c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 06 Dec 2021 06:11:57 GMT
expires
Tue, 06 Dec 2022 06:11:57 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sp1.html
cdn.cxense.com/ Frame 57E0 		1 KB
888 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a739cc97a54df824e12fc75392160360e56e55f623a445f99fa26108fa84e6fb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees

Response headers

Accept-Ranges
bytes
Last-Modified
Mon, 29 Nov 2021 08:03:18 GMT
Server
AkamaiNetStorage
Content-Length
518
Cache-Control
max-age=864000
Expires
Thu, 16 Dec 2021 06:11:57 GMT
Date
Mon, 06 Dec 2021 06:11:57 GMT
Connection
keep-alive
Content-Type
text/html
Content-Encoding
gzip
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 190A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdmtJxoByFKVds-IzWxxE2Nxx0NS17UL32jUQzCdVTcVZpcUV0Kb1tD26j7n4G6Q59xQc_Nc6CmojhLcurNjSYgvZbd0lggAk8zj6w3L55RJJEdoD7-MrcD3yBt6l2uKIdIeW00tC7oG7TKO1UNKRMHWDALKIV8r0ySC13kWxccalObizuThUlulK9K36ohAzXE9wkg3S-jeoag3OU_xRPPzL2O04FtaGnBjJRqpcu4gU-Tn8l3Bs7D7MTw2Dv9qw3zNXo0fASGblq9TykYellEi3u6jJlaIVks7LUXVevYZxq1t73i8VKd5s9hcxeV6tTBJRpYLfUYeF2p74I-UUFO0KiCR3oSFC6I7ZbA1hQaTBc2GDqIG66NWniWLq0Syytk3sDj5GegHTaLIbzgNcYglJZZ0ipw6pwjESzGOPy&sig=Cg0ArKJSzAiqmOvKj5JMEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame 190A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7857
x-xss-protection
0
server
cafe
etag
2255741555227857113
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Dec 2021 06:07:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 190A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:01:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
606
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Dec 2021 06:01:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 190A 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Dec 2021 06:11:57 GMT
6260270550951027216
tpc.googlesyndication.com/simgad/ Frame 190A 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6260270550951027216
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b58a38a6581a36e413eb512789da1b593c86970dd74c4607062604b18899e6c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 20:24:13 GMT
x-content-type-options
nosniff
age
467264
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48579
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 03:05:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 30 Nov 2022 20:24:13 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2C61 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbGuOJqLD3Gac5HA7kQ821ARddEKw2bXH51xIY_JLJR95KpBHomy8KeYph7RDcGSaxMM-E36zxTOtNVXsgVA7lwI7iv-cSckcouSmgh7mreFaTxbR8Hr4U0EDnRFlgek4s1HB4R9h7nIHqySy9lj7PkUA5h5uLGl5o71by6SUnRyDyx5DmvQg2ufvhxALAXL5FhZMG4HMBlk-ooG6auYvJVcZASQDwyNiTYrS0vt6870KC2g9JighN8g_-E4WC59zlNFtzbWrRGGJfUUXX7fj2p4qbuecEln-2M6JQ1o4AAT9OYTBzwXUp4SsyoQgvgjQR-SM4FPZej8gQYIZ-Xl9VbibmScbvtwVrgSuZLng2MwzRWc5YMGOOhCEIjHWZdlxgCLs3YBCiPV43KcEW1ZZTrbzEiSRRprP6cwr1ti3K_9G53vNawu2uve1aZH4gpFIX&sig=Cg0ArKJSzP8p4UD0XJ1wEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2C61 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Dec 2021 06:11:57 GMT
11118955825784156441
tpc.googlesyndication.com/simgad/ Frame 2C61 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11118955825784156441?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21e36ae794cf514a7c6485939b9a4cfadee4583035f104952be19f6bde15b84a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 13:12:35 GMT
x-content-type-options
nosniff
age
147562
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101442
x-xss-protection
0
last-modified
Mon, 13 Jul 2020 06:37:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 04 Dec 2022 13:12:35 GMT
container.html
c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 51DD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 06 Dec 2021 06:11:56 GMT
expires
Tue, 06 Dec 2022 06:11:56 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3A44 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 06 Dec 2021 06:11:56 GMT
expires
Tue, 06 Dec 2022 06:11:56 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EAFE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 06 Dec 2021 06:11:56 GMT
expires
Tue, 06 Dec 2022 06:11:56 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
PoweredbySMG.png
cdn.thestar.com.my/Themes/img/ 		969 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Themes/img/PoweredbySMG.png
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1b1771d4d20dc6c84d8528e89c9bc735839e33083196c95cdc94fe6accb9cdc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
6D_linq7xzrHnQ6OvqY3z5jUwx0KJN0e
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
etag
"3c0f549d7db345b0b035ec2d7fa24807"
last-modified
Thu, 01 Oct 2020 02:15:06 GMT
server
AmazonS3
age
1499
x-amz-meta-cb-modifiedtime
Fri, 24 Jan 2020 03:30:24 GMT
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:52:04 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
969
x-amz-cf-id
LnJdqDFq-wNzgxBH_2NhKBC1Hb4wY9LMTjmyIt7FKaOIFT8_MoSTTQ==
view
securepubads.g.doubleclick.net/pcs/ Frame 13EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutermpZD78F4U0etoo0zy6b2e5PnK0A7tzyrMHqBZmzxT5anr2uBrBeax7OQa21Fy6ymZ0cVCEyd0C3ZRbZ2UukKh8SUZd71wQhZnX3bUEGdV_XfYqnt0AXex94PFRmyXWqnWrOK-t5KnU7JBOep28A0GYKIy59XbJxOc0KIn2XY3E0PT44vHNt0RE0tO9zp6ZsdejxNg0X6YJbSr2w4Rufn7Mvt3rXzdXN-kgmog4b9K67F1pgxCIWvQAJVaT3jvmj5oeV7deMXv9F4o1n6enhc5sBcU68c1mjYxL1nvRcA2mosEetSph1M8lUwzRKck1kGHLFTTMWI7cNPH5p1QdeU3kwLPBQzvCxVF6EMaUUypPnF0T5lQ9Wu2CJPFySjKtVO1_JVPlDp3ZK4QzTLpVdJPqGnKDOPIaZ9Ka-_ip78om8yUqq-x9QtX5Ru6xBw&sig=Cg0ArKJSzLFl7yAYjbYhEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tag
a.teads.tv/page/122213/ Frame 13EB 		891 B
736 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/122213/tag
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a91b6405fab5846141aeecc5bdb09ee073a1b5e696b6c7ae7cf5b92ade8b767

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
536
expires
Mon, 06 Dec 2021 07:11:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 13EB 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Dec 2021 06:11:57 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035691&ns__t=1638771117100&ns_c=UTF-8&cv=3.5&c8=AP%20source%3A%20NSO%20Group%20spyware%20used%20to%20hack%20US%20State%20Department%20employees%20%7C%20T...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035691&ns__t=1638771117100&ns_c=UTF-8&cv=3.5&c8=AP%20source%3A%20NSO%20Group%20spyware%20used%20to%20hack%20US%20State%20Department%20employees%20%7C%20...
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035691&ns__t=1638771117100&ns_c=UTF-8&cv=3.5&c8=AP%20source%3A%20NSO%20Group%20spyware%20used%20to%20hack%20US%20State%20Department%20employees%20%7C%20The%20Star&c7=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&c9=
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Server
13.35.253.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-28.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
EsQsI97D7uoW3HqwPIaABYdx4NmJCO6wBjA12h6ucyTJhIe-0lNCGA==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 06 Dec 2021 06:11:57 GMT
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035691&ns__t=1638771117100&ns_c=UTF-8&cv=3.5&c8=AP%20source%3A%20NSO%20Group%20spyware%20used%20to%20hack%20US%20State%20Department%20employees%20%7C%20The%20Star&c7=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&c9=
content-length
378
x-amz-cf-id
6QTHfkPgBzFFCSXDXoU0noUEbb1c6nT5iVpy_0mFqAc3Dbd_GEvo9Q==
styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 4D3A 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=y7mkqjsdmy37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 11:38:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
239625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24065
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sat, 03 Dec 2022 11:38:12 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 4D3A 		343 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=y7mkqjsdmy37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 11:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137335
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Mon, 05 Dec 2022 11:31:32 GMT
formats.js
ad.lkqd.net/vpaid/ Frame 78A6 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1638771117.cds040.lo4.hn,1638771117.cds030.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame 9445 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1638771117.cds040.lo4.hn,1638771117.cds030.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
cookie
a.vidoomy.com/api/rtbserver/ Frame 4B02
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
43 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.218.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-218-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-type
image/gif
content-length
43
content-encoding
none
vary
Origin

Redirect headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length
0
date
Mon, 06 Dec 2021 06:11:56 GMT
server
AC1.1
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=212998082.82339261619899167.58978
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=212998082.82339261619899167.58978
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=19cf3904-7da7-4e6a-9c07-027de25f2f9d
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171316262&expires=5&ssp=vidoomy
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=19cf3904-7da7-4e6a-9c07-027de25f2f9d
43 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=19cf3904-7da7-4e6a-9c07-027de25f2f9d
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Server
3.122.218.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-218-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
none
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

Location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=19cf3904-7da7-4e6a-9c07-027de25f2f9d
Date
Mon, 06 Dec 2021 06:11:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
ve
stg.vidoomy.com/api/rtbserver/ 		9 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stg.vidoomy.com/api/rtbserver/ve?ad_type=Video&adomain=&c=GB&category=&crid=11272&deal=&domain=vidoomy.com&dsp=&dsp_ssp=&dt=1&gdpr=&gdprcs=&os=&p=&p_id=1&s=a&seat=1&size=&sspid=0&sync=0&zid=0&uimp=1
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.189.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae6a0aaac8071ff4b.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-length
9
vary
Origin
content-type
application/json
auto-user-sync
ads.stickyadstv.com/ 		43 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 06:11:57 GMT
Server
nginx
x-sticky-vk
1638771117125065-564
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
nnCoection
close
Expires
Mon, 06 Dec 2021 06:11:57 GMT
7021.json
script.crazyegg.com/pages/data-scripts/0012/ Frame 7924 		10 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0012/7021.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0012/7021.js?455214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
884a358cb1a3cef55436d7c98ed0e0414cdc93e8333d32c09d3ac44c7f91840f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
cf-cache-status
HIT
age
319378
ce-version
11.1.361
content-length
1401
timing-allow-origin
*
last-modified
Thu, 02 Dec 2021 13:28:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
6b935c1b3aeb59a7-MXP
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
last-modified
Sun, 28 Nov 2021 09:31:35 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1638092492.635591"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Wed, 05 Jan 2022 06:11:57 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
last-modified
Sun, 28 Nov 2021 09:31:35 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1638092476.569147"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Wed, 05 Jan 2022 06:11:57 GMT
l
mcdp-chidc2.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=62ddb44907490da41c6f66b960c373e6_10247_1638771116853&tm=1059&eT=0&widgetWidth=820&widgetHeight=550&widgetX=180&widgetY=3658&wRV=2000531&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=667&oo=true&ab=0&wl=0
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.159 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
X-TraceId
292e388e14f116fa119bc718c00f1a65
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Mon, 06 Dec 2021 06:11:57 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
/
pebed.dm-event.net/ 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 L'Haÿ-les-Roses, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 06 Dec 2021 06:11:57 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
5f64733dfc2346192550c7a5
api.pxl.dailymotion.com/players/ 		917 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.pxl.dailymotion.com/players/5f64733dfc2346192550c7a5?fields=config
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 L'Haÿ-les-Roses, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
nginx/1.19.3 /
Resource Hash
d5a8345dde00a9eb9f22b649e16d08acf5bd4049693c71e8e2b491b9f1fbbf4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 06:11:57 GMT
Content-Encoding
gzip
Vary
Origin
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Length
411
X-Dm-Lb-Name
icscale-01-02
Expires
Mon, 06 Dec 2021 06:21:57 GMT
Last-Modified
Thu, 22 Oct 2020 04:32:42 GMT
Server
nginx/1.19.3
Access-Control-Max-Age
0
Access-Control-Allow-Methods
OPTIONS, PUT, POST, PATCH, GET, DELETE, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
https://www.thestar.com.my
Access-Control-Expose-Headers
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization, X-HTTP-Method-Override, Content-Type, Accept
X-Proxy-Cache
HIT
bootstrap.min.css
cdn.thestar.com.my/Themes/css/ Frame B692 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Themes/css/bootstrap.min.css
Requested by
Host: sites.thestar.com.my
URL: https://sites.thestar.com.my/tsolnewsletter/subscription_footer.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf6286ab735948b1b8687b6b442c55e262bc1d6ba79f781b8d7d23586f0606bf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://sites.thestar.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
Ud66jYeCteNVhUEoIGU_tSliJ0c5oW8O
content-encoding
gzip
etag
W/"67d856a36edacea9564bd92310f7d792"
last-modified
Thu, 01 Oct 2020 02:17:09 GMT
server
AmazonS3
age
2768
x-amz-meta-cb-modifiedtime
Thu, 12 Oct 2017 02:23:22 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 06 Dec 2021 05:26:21 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
rKa5zl3mZxIK-AT_tEsq6kUQCGjYAcVGQs4x8t3nXUiEvXswZYQdsA==
view
securepubads.g.doubleclick.net/pcs/ Frame 0B99 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4QTN43quqm_EgiW4dNEjBYS6a4PI_Z0jmvEtNXyJ2DRdGy1Q_FzDjHTIrShm5FxUg-1uZePGvo3QmfHLXM9WlzPPMCGf5au5HV1hCq4OuiFORuAka-mGcXwlJ9KckmIIQQ6AORwA7H3nZ1qcCR1JsNXPtzwmoXfxj0kUWOd1hHqpPDp8YiKgY-xTWJLw15oHKm_6acLP7ynjky9a52docfL2ojBtzQie1no6IAwBdnSIuT4lPRF2EFEtxZu0K3RPk8BHtxI8pG0Tfvvp0Au2MC5Q10OzZorwBYWSrsSF_PSsejLg9-WTEaRLpKqfAqDRk2nnY-g1NUzQciCm9i-VVbRYFvVjS-ZBK9VuecLoGDDnzCxKe0FcaIyaOkDboG0-iwkQNONjwL5wlXsijlLhssW-hT67el5AZhnpHgNqMkCXpiDA7vA&sai=AMfl-YTvJz0VeyFVf-9utiMOjz-qagIqFoHvTa25GKpx2ZINUkbExUNr2xci3eKSv7cE64joRjmYRTo7orO5q6UDFj8Xrv8pQ5dorn1i2Ljj_xOqQDllsRfdsrgongRY3OP6&sig=Cg0ArKJSzJexNOYlGzbUEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 06 Dec 2021 06:11:57 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3HWDM68GV8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVM4TH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f57fd156baf8033aae75575c0a2df76fe6205d94aeeee52582909771a22330f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62035
x-xss-protection
0
expires
Mon, 06 Dec 2021 06:11:57 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVM4TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2214
date
Mon, 06 Dec 2021 05:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 06 Dec 2021 07:35:03 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
1JZjbvCDd9FxjfPcMrvSSRtVhRe1j8m5gPUfuOFWzuJ0mBmrfZdmDWrwSBPY8ceVBfnc6gGchXjdI27tRbmxFA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 06 Dec 2021 06:11:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
52a360d4000447a08efd7617080680a9.js.ubembed.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://52a360d4000447a08efd7617080680a9.js.ubembed.com/
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVM4TH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3d2a92b520f532afbea289fa59685ec9c1b87b86ca3b5b02ea19ab0b5d22bd1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
br
x-backend-region
eu_west_1
age
3065
etag
3d5e9bc6ac90efee4e88cc3d1c179593-v0.179.1
vary
Accept-Encoding, Referer
x-cache
Miss from cloudfront, HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
x-amz-cf-pop
LHR62-C2
accept-ranges
none
x-amz-apigw-id
J6WULEC4DoEF5dg=
iwtteAQ4FJP9DPzUxeLPrOdBvvyjKBtYq-E0epgtcCipEQpS-e81xQvxxbg_2fooSGZY8R6Dcdc
j93557g.com/v2/0/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j93557g.com/v2/0/iwtteAQ4FJP9DPzUxeLPrOdBvvyjKBtYq-E0epgtcCipEQpS-e81xQvxxbg_2fooSGZY8R6Dcdc
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
1d37796367c1efe3a6e12b6a116633f26f975ba5373b0255fcb8a02d6c0f4b36
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"252c5a238a684b5375156d0ae70c5bfa20af13820ba68c40aec61104f0312622"
vary
Accept-Encoding, Accept-Language
x-hostname
a26589ac
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Mon, 06 Dec 2021 06:11:57 GMT
timing-allow-origin
*
dtm.js
dtm-drcn.platform.hicloud.com/download/web/ 		0
0
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=217759&sync_limit=7
  • https://sync.search.spotxchange.com/partner?source=217759&sync_limit=7&__user_check__=1&sync_id=6ab9acc7-565b-11ec-ac5a-19bfd3920506
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=217759&sync_limit=7&__user_check__=1&sync_id=6ab9acc7-565b-11ec-ac5a-19bfd3920506
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Mon, 06 Dec 2021 06:11:57 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
104
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Mon, 06 Dec 2021 06:11:57 GMT
Server
nginx
Location
/partner?source=217759&sync_limit=7&__user_check__=1&sync_id=6ab9acc7-565b-11ec-ac5a-19bfd3920506
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
52
Connection
keep-alive
Content-Length
0
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00a149fe9401c432f57edaa96ee66b065d,002ad79d5e17fa1cd48be0f2c87f711f6d&obApiVersion=1.1&obtpVersion=1.5.2&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&optOut=false&bust=0898120824040316
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 06:11:57 GMT
Cache-Control
no-cache
X-TraceId
a6826649a2d26bf8817c8e4020c3a8c3
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
eyJpdSI6ImRkZDk0OGRkZmQzYTFiOThjOGQ2M2M5NzBlY2IwMzE4MDlkNGExYzM5NzA3MjNiODVlOGUyZWFiZWJkNGFjY2YiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRkZDk0OGRkZmQzYTFiOThjOGQ2M2M5NzBlY2IwMzE4MDlkNGExYzM5NzA3MjNiODVlOGUyZWFiZWJkNGFjY2YiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
022c0c3e793765c1cc44c0eb447d60003619b8c4c7f7fdb177d72388923d4c47

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
cache-control
max-age=2191619
last-modified
Thu, 02 Dec 2021 15:52:20 GMT
x-traceid
b296a44fef43404121583dc3d279ed88
timing-allow-origin
*
content-length
8896
content-type
image/webp
eyJpdSI6ImQzZDY3ODRhZGU0ZTE1M2E4YjA0ODJhZTZjNjQ1NWFhNzc4NDc4NGIwNWIzMjkxMzhjMmVhZTY3MDA2MThjYjUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImQzZDY3ODRhZGU0ZTE1M2E4YjA0ODJhZTZjNjQ1NWFhNzc4NDc4NGIwNWIzMjkxMzhjMmVhZTY3MDA2MThjYjUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9c9dae92462a144ca993bb391d5958d74dfaf4321604a5ebbe98f7c42aba5f6e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
cache-control
max-age=2344927
last-modified
Wed, 24 Nov 2021 14:59:26 GMT
x-traceid
5bbe184f293f7bcd6beb18dc87f5fd50
timing-allow-origin
*
content-length
11598
content-type
image/webp
eyJpdSI6IjJlY2E4ZTAyNmUzMTg5N2FiNTQ1NzIyY2YyMTc0OGFlNTdhNGE0ZjE5YzRjYjI4NTkyNTNmNjRhODg4NzA3MTEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjJlY2E4ZTAyNmUzMTg5N2FiNTQ1NzIyY2YyMTc0OGFlNTdhNGE0ZjE5YzRjYjI4NTkyNTNmNjRhODg4NzA3MTEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
179dec9f7352b27e62103bc67176c10c2f03e62309004351bfb65b5315ddc758

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
cache-control
max-age=1935469
last-modified
Tue, 16 Nov 2021 09:00:39 GMT
x-traceid
e12d1324e00539a58a491323eee12057
timing-allow-origin
*
content-length
51632
content-type
image/webp
eyJpdSI6ImVhMTJhN2YzMGI3ZDQxYmI0ODU2MTNhNDNiOTEyOTA5YWY3NmE3YjAzODZlZDUwOTA0Mzc2MzRhYjQwNzU2YWUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVhMTJhN2YzMGI3ZDQxYmI0ODU2MTNhNDNiOTEyOTA5YWY3NmE3YjAzODZlZDUwOTA0Mzc2MzRhYjQwNzU2YWUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5d797c71899cef8ef8d2a2063231a4cf9bc146dcd6922993355a726d34a1fa2f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
cache-control
max-age=2455837
last-modified
Mon, 06 Dec 2021 00:36:35 GMT
x-traceid
e729252394f668805ed22c785adc11b0
timing-allow-origin
*
content-length
47590
content-type
image/webp
eyJpdSI6IjE3MGEzNGU4YTVlMzExYTJiOTE5N2I2NWM0YmQ3NTVmYmQ2OWNkMzI2MjZkMmYzNGM1NmJjNDIwYzdkOTcxZjAiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE3MGEzNGU4YTVlMzExYTJiOTE5N2I2NWM0YmQ3NTVmYmQ2OWNkMzI2MjZkMmYzNGM1NmJjNDIwYzdkOTcxZjAiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7de3f1a983828e0c49ec9029ba50d9062f22dff8ad52f5aebf879c92f9b29647

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
cache-control
max-age=1604692
last-modified
Tue, 09 Nov 2021 15:35:52 GMT
x-traceid
a87711879feaedbd7f89d8ec3b62b9b1
timing-allow-origin
*
content-length
19864
content-type
image/webp
eyJpdSI6ImE1OTM2NDc0NTdkYzUwMjVjYjgwZjdlMWRiMTgwYWQ0MjViMDkwZTVkZTAyNjhhZWQyNjc2MzczZmNkYmI4MjYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImE1OTM2NDc0NTdkYzUwMjVjYjgwZjdlMWRiMTgwYWQ0MjViMDkwZTVkZTAyNjhhZWQyNjc2MzczZmNkYmI4MjYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8597db7efbef8186fac76961e1cf228c399c2169cca2c1e80f4dc4ea032caf17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
cache-control
max-age=983299
last-modified
Sat, 30 Jan 2021 06:38:35 GMT
x-traceid
b09b781ece435a0eb8abb3cbb5489738
timing-allow-origin
*
content-length
27744
content-type
image/webp
eyJpdSI6IjY0OTllZTI1Y2U3MGYxYzEyMWRkZDQ3NzllZGExNWVjZTUzMTkwNTVlMWMyMzNjZjE3ZDM1YWVjMDUzYzI3NWIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjY0OTllZTI1Y2U3MGYxYzEyMWRkZDQ3NzllZGExNWVjZTUzMTkwNTVlMWMyMzNjZjE3ZDM1YWVjMDUzYzI3NWIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
da81719beea5ec55535a6fe6956bb5dae1e9ef72aeb4d73ed8569f42b2394d86

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
cache-control
max-age=2433528
last-modified
Fri, 03 Dec 2021 23:55:40 GMT
x-traceid
7cebfb0e05d364c3c79a99f11dd18bcb
timing-allow-origin
*
content-length
20296
content-type
image/webp
eyJpdSI6ImQyNGM0MzVlMzljZmJkM2Y3YjdmMGE5NGU0YWMwZDQyNzZhZTlhOGViMjFmZjI4ZjZiYmU1ZDI2OGE4MjdmOTMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImQyNGM0MzVlMzljZmJkM2Y3YjdmMGE5NGU0YWMwZDQyNzZhZTlhOGViMjFmZjI4ZjZiYmU1ZDI2OGE4MjdmOTMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
50360fc5240c58c1d68b03464016bf506fafea5ea84fb30aab089146518286f1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
cache-control
max-age=2278808
last-modified
Fri, 03 Dec 2021 23:35:44 GMT
x-traceid
dff96e1d551a4e1ead5c28df249b1a21
timing-allow-origin
*
content-length
75586
content-type
image/webp
cx.js
cdn.cxense.com/ Frame 57E0 		118 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
61a9a4924579af06533a09ad0072612a6bcc4e69e54349a53fdb2d081cc8d81d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 06:11:57 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Dec 2021 15:30:08 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28194
Expires
Mon, 06 Dec 2021 07:11:57 GMT
truncated
/ Frame 2C61 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
129c8ac5179f898c419b8b4e1d90519b2a95a591b1d448fccc50a6671917334f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
segment
api.cxense.com/profile/user/ 		91 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/profile/user/segment?callback=cXJsonpCBkwua0esvhk0df3h5&persisted=94bfbd14c0ccdc7d377a4f4c47640ed80e32d6aa&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22kwua0d65tcvc6khu%22%2C%22type%22%3A%22cx%22%7D%5D%7D
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
bd4ed8bc0b9731c04413d3e004abf5c1241b0aa7504d792224fb55dcd95b7046
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:11:57 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript;charset=utf-8
content-length
91
expires
Mon, 26 Jul 1997 05:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5EDA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuw-DDPuB3RAZ0NNzQFJ2jeim-VOcQhqvcxTwG-ow9lHeB-x957d0EGqGO39FU_dq2h6ptYAdvLOF9vGob8TxoJcWMheLRN5CaaOSilduwRsgKT7x2h-PX0wQHYZAKd0O1JNppCyze_zdpZvxv8F8pgUw6yxvYYMy4r3ObQzp4ww7MCoc_yhMF-s48XamRvWLxI4Kb4EzZxt2ntFf20TpSSzf6o-vHxATdGMp11-Tsstrmc38EXVqVumX72JxIk3aL0DTxUGe7ue7K7efnZE2ZDzra6nDBZLMSJzc0mLvAANxm9vvyNkBC7vSe29B4hhc25VLxK3kw&sig=Cg0ArKJSzIpjvTvhU4LpEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 5EDA 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
335425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Dec 2022 09:01:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5EDA 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Dec 2021 06:11:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 190A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvc0IC39_bOdbUAHqgUR2FP2D2i_qJZvzKCrG8BpvTWD-Jfd8FeGZJEEZ4YbRX6PtJucFWzR1rpxPmy6AioFxCj48IGYyvYY4ZnQevO_g4wYD5XcxzOcb3BbTDcdmuSp7_KIyo2_lyc4PjcEPz7VcYbLCmiqAJY2-vL9ORCzl4JTyXGVVjv4j5_7hLxKowP3M1JClf-sFEgBHk2iSKReB2J53wKY_Hf1O7mzDsYAyk3ElCq-8qaLx1qH9VmV8jTY6xhr-ELKzAMnZISTgHHfIcOKN8k_9A3aQy0nKNsDqw-YhnGUhpHFEXACtj3fhREUzg38MSeyyM8euJcUufjHdqT1A1Lo_0wKGA_AxuGdVv4rPPVv24uJBEWQWmMTM21eVwhlV7VEJF81VoJ6tDZWq-DDQ5ubZVA9eWbZzr0H4D9Pc4&sig=Cg0ArKJSzOqt5m1qanmgEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 06 Dec 2021 06:11:57 GMT
truncated
/ Frame 190A 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df98f0cab7afd177f7465137dfe7aa3297a4aa16a162f6bb0c78f86ebb142c78

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4D3A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 07:03:19 GMT
x-content-type-options
nosniff
age
256118
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Fri, 10 Dec 2021 07:03:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4D3A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=y7mkqjsdmy37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 17:06:41 GMT
x-content-type-options
nosniff
age
479116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4D3A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=y7mkqjsdmy37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 14:17:54 GMT
x-content-type-options
nosniff
age
489243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 14:17:54 GMT
truncated
/ Frame 13EB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d8ca5e5aebcd111d7a89f30cda69803f7a817c6d776998e9e568e36dccfaff1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2C61 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgFhbD9sP9NiLvFOknlmAsPQdwJSYEwhadpq46QmNvpdvHSuOfvTMVpH1fhgTaGg-35VAyDRgMtR4x8lPYn6CyNEuYjy-kHg3AS_JJtEjqAqxZYETy8a0mpXjHsFXzLAoX8mUQlIt4QlB9uDHfC1U975pyY8wnW5JcpkGOEE2ZHjTignmy__-sVQ_PoNHZzUb-R5S3w0hucVACqsp8JxAlLEKhFd82eLoMWuiYmDFhBS_4fwBsByq6QubldUD5gu_UrGBMdiDQpmIXVh4sdx9YAKBeb54MttnGKHfhCSuCF7Xqq9fz3Zxp3ZLex5OTwkgwOE-8-MCXr7POiKhGDo_Sd54dhgh1r5XmDABXIiWzJu6x33KYYzwxTkKFhwTQ7xLQ3-pYxxhG7tzeJzxqA6UzhJX-V6L7P5YHfMi7DsCfYIAt0-_-0i_ovTmk4_UA9P3pHGQ&sig=Cg0ArKJSzLpGDj2h7HWIEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 06 Dec 2021 06:11:57 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7762759255349788672/ Frame 2846 		181 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7762759255349788672/index.html
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf0196af5f52b9727e24ec78c83871e955d6819552ae1f7046004fd4abe8af6d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
date
Thu, 02 Dec 2021 17:02:21 GMT
expires
Fri, 02 Dec 2022 17:02:21 GMT
last-modified
Thu, 02 Dec 2021 15:34:55 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
42655
age
306576
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame EAFE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQqWwrKmtYfCHFZrQ3gPVoaX4AeL0-uFm2ubxipIOloLNhYgWEAEgpZeCbmC7vq6D0AqgAZOA6vECyAEJqQIQ5X9hLjS2PuACAKgDAaoE-gJP0MmaTy1qCBv-4g6WaFoWDd3WLKAvtIIi6kMzRG8J1A0p6rCgIiI8IRVVNpau_tP7DLItxy987HQx4qYiX1Kw9lWZJJR_V437PVHEilITs6j2u0XCEaxNlSsPg27U9qQJvUlGO9uVw1Y9FEi74vEt6o28SFhnZMCTsgC5OUepuQ3s5KUYVw9bLH3XFRgvvknoF4JepikenMi4tlnRwwgMcs4EFbv1U0lfZ8z1qotUWHayLwYEX8oWBaQF2oC06wT-jOWXKPJE3q4Do5jjHCQFBgDUejJcmspJik_vMu3UWxFn2_QioYZxHAVH3QuID43Z7uiYK3I4popLwtna49oQMBFkYJ_6l1B1ruwFk0uz1lKua5rk8qDujEQKonLvSo9V9Bxk58bSNRCJPWxTzfQyvfBEfU1lHO9GsGwzWhnrhQ9AcVzBowv5Yu69J9nG1-4k00nGFTflpzsGve3rhACrnST4CY_6Yes80zoLz-NjwmP6B9DdJb2mCvnABJOw17PeA-AEAZIFBAgEGAGSBQQIBRgEoAZrgAfV_5WOAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAfIHBRC56IEB0ggJCIDhgBAQARgdgAoDyAsB2BMOiBQG0BUBmBYBgBcBshceChwIABIUcHViLTgyOTI3MjgyODE2ODQyMTcYyftu&sigh=FXFKJxtFDQ4&uach_m=[UACH]&template_id=531
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 73E7 		143 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 06 Dec 2021 05:58:32 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
805
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame EAFE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2990
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Dec 2021 05:22:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EAFE 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Dec 2021 06:11:57 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame EAFE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3393
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6446
x-xss-protection
0
server
cafe
etag
5472324691301332805
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Dec 2021 05:15:24 GMT
l
www.google.com/ads/measurement/ Frame EAFE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVjCBM3vrNhV3N1ocNyF3c4wx9-NiXtDaWZUFoQl5MaTYGz49B-nRjClp95PpqyQ2lf5vJaxhniz08LjS-6RdYVInMUg
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8041232346273284096/ Frame FA20 		180 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8041232346273284096/index.html
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5bca42bbea7300535975d6feb31b30bd92bdfddcf4c5fd87b73538690d48cb7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
date
Wed, 01 Dec 2021 11:21:11 GMT
expires
Thu, 01 Dec 2022 11:21:11 GMT
last-modified
Fri, 22 Oct 2021 16:59:29 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
35557
age
413446
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 3A44 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cg7PErKmtYeDtFKShrATE0buQCL7Ek4Fmg_yr7ucOv-EeEAEgpZeCbmC7vq6D0AqgAeTgm8oDyAEJqQIQ5X9hLjS2PuACAKgDAcgDAqoEiANP0KCwviKyIftG8ctXg566AQ_-RycqjrSqQv5bIZwtABru2Cz0eJxQt8RpYlD3E4BU6vQe7DWCCP5JylldMPV73g3P2l8LwYPaCqE7vLyqJndWy3iSbdv1POoalIA8zwWXSQCc4lDPwwTVNISrnNtAx9Ud1ftw8g_hfY3Wdj6LWLIxLDztwcVMezTxT8DEfiKwnnBEQ9BIYjkQhCG46WD65i6yKY-ANfmK62XBbGEynbhcAv-fjhN68XBaTfzk3uoQNg3X7swxYMrQoSth2kqU9b1aQwZzDA3-Pv152-6xMVC5ky9sB6ghK5b-7Qce1fVb5qdnOR7WOieI3ahpvn7estptJYmsLZYno3tNCl2PGdImrmm9YFma2gCKTgaOIGMQbsgbqCX6Y3DxdIxVPnIPjdSp8wpc0rRlmL4lE4eTB8nhkUuUl_VPrVCg5acbqwNL00ipFkOhXSDeFhZ4HPuvaG-cdMqxoqC7bcAb4iliybtb5Jc40kgOyB9z4vSh5W6OU1thE5TwAMAEv6bilNsD4AQBkgUECAQYAZIFBAgFGASgBl2AB4Sf5DWoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRCLi9QB0ggJCIDhgBAQARgdgAoDyAsB2BMNiBQG0BUBgBcBshceChwIABIUcHViLTgyOTI3MjgyODE2ODQyMTcYyftu&sigh=LmLRXr8Ok2M&uach_m=[UACH]
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame E341 		143 B
198 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 06 Dec 2021 05:58:32 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
805
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 3A44 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2990
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Dec 2021 05:22:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3A44 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Dec 2021 06:11:57 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 3A44 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3393
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6446
x-xss-protection
0
server
cafe
etag
5472324691301332805
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Dec 2021 05:15:24 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/261053816168775680/ Frame 3DD7 		182 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/261053816168775680/index.html
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcbd23d0ba81ea18f0192736513f33bfeaa6aae13d847bf681b0633ac38d8b9d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
date
Thu, 02 Dec 2021 01:40:57 GMT
expires
Fri, 02 Dec 2022 01:40:57 GMT
last-modified
Thu, 16 Sep 2021 15:04:50 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
35869
age
361860
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 51DD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cp9uBrKmtYevbC7-LjuwPwq2ZkAu-xJOBZu24i66-Dr_hHhABIKWXgm5gu76ug9AKoAHk4JvKA8gBCakCEOV_YS40tj7gAgCoAwHIAwKqBIUDT9Dp_u5W5Isu8p9BdBtxQjdopp17EJcGCfA08auCHS7PCP3CqoVHlByCb74YFU9l9OxYWK1I4NVD0uvuHV7tfrqPreNcwSOXWclhS4LfnF3kH0H4jDjLin8k5PiJZO499_o7-2FWNnSXQBeflisD-0J_p1Dkmxvdy-wrs1hjMP4i-cxLBTYFaSD7CuO6iImJwh-U6aNZAtF7-96uizaT_AerHl-V9n3voYLh9JHOS83kd9Fn-VIglyTlPJBROETOUneULenMftGeZv2hS0VBa19RcSH7z0uEQPqdkIvxAODBpWJdH_veLuOefwDbpeWODv4Oa3BUyBJmEWwiP5nkj3fN7nJyLrSHPI3lNK6v1U_3zL3wbbY83wdhqDRNEkyW6jel-xPlrdUP5HeBA0QMXRHrWnM-Sl2rN3WonrbG62ChLOeR1kQdq3SWnzmTOO1bxd6fTCTsr6tozXigvq8q86nhD2lM-la8Zkz16km2yieiDu_NGCUBNChmRUYS9Wu0XoDzGTbABL-m4pTbA-AEAZIFBAgEGAGSBQQIBRgEoAZdgAeEn-Q1qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ_Ps60ggJCIDhgBAQARgdgAoDyAsB2BMNiBQC0BUBgBcBshceChwIABIUcHViLTgyOTI3MjgyODE2ODQyMTcYyftu&sigh=viV3r2OZMdk&uach_m=[UACH]
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 80C0 		143 B
198 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 06 Dec 2021 05:58:32 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
805
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 51DD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2990
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Dec 2021 05:22:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 51DD 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Dec 2021 06:11:57 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 51DD 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3393
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6446
x-xss-protection
0
server
cafe
etag
5472324691301332805
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Dec 2021 05:15:24 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 2FD9 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1638771117.cds040.lo4.hn,1638771117.cds074.lo4.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 78A6 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=81697253&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
5888670b50e62007a52bce7ce7feaf0f10f354b21656581fd23b3dc4b0093731

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1365
settings
syndication.twitter.com/ Frame BA2B 		232 B
448 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=c41a2d2dd84031db18729012068cc54491c564a3
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.thestar.com.my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-response-time
106
date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
last-modified
Mon, 06 Dec 2021 06:11:57 GMT
server
tsa_f
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
3f47577dcd265b5095c28f6a7253dfd815be1698d528ae1a7d8f66584d47cd75
content-length
166
11.1.361.js
script.crazyegg.com/pages/versioned/common-scripts/ 		69 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.361.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0012/7021.js?455214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b01a61def7571cb496c04a29c430236325c6bcd29332a66b88b5511763c20e0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 16 Nov 2021 18:50:30 GMT
server
cloudflare
age
319482
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
cf-ray
6b935c1c9f0259d7-MXP
content-length
22856
webworker.js
www.google.com/recaptcha/api2/ Frame 4D3A 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=y7mkqjsdmy37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4e836cc5611e71fad7ca8b19324773a34afbad72550c012e50b83698262d6c50
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoZ8IUAAAAAMEbQ30xLwuzgSD08tra8cwz6ggA&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb20ubXk6NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=y7mkqjsdmy37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 06 Dec 2021 06:11:57 GMT
p1.js
p1cluster.cxense.com/ Frame 57E0 		47 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.80.165 Osterhofen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.80.202.116.clients.your-server.de
Software
Jetty(9.4.28.v20200408) /
Resource Hash
daa3b1da346a2871f023bc24cc54b9c66466766ed46e76dad18ccece9108a698

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
last-modified
Sun, 06 Jun 2021 06:11:57 GMT
server
Jetty(9.4.28.v20200408)
etag
2q2sgjbhobjnx2zhbo6tx228wv
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
private, proxy-revalidate
content-type
text/javascript;charset=utf-8
content-length
47
expires
Tue, 06 Dec 2022 06:11:57 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 0024 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1638771117.cds040.lo4.hn,1638771117.cds074.lo4.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 9445 		180 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1108035&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=6122311&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
dispatch
twa.netcoresmartech.com/ 		7 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://twa.netcoresmartech.com/dispatch?user_key=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&customer_key=&uuid=f9bb9ce6-cca3-47ca-b943-7a3f5074d381&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&browser=chrome&sid=1638771117548&visit=new&pts=0&sts=0&url=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&tx=1638771117548&ptx=null&purl=null&npv=0&title=AP%20source%3A%20NSO%20Group%20spyware%20used%20to%20hack%20US%20State%20Department%20employees%20%7C%20The%20Star&usertimings=1638771117553&web_activity=1
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.232.101.246 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-232-101-246.ap-south-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 06:11:58 GMT
server
awselb/2.0
content-length
7
content-type
text/plain
ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG.js
cdndc.netcoresmartech.com/webactivity/ 		10 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdndc.netcoresmartech.com/webactivity/ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG.js
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&rc=s
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
280e4dbbd93e9e2bd2b293700d3590e2b492c7b805087665f20d9b0195713ec7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 09:24:19 GMT
server
AmazonS3
x-amz-request-id
GT6MVW1YVK5ZP4VR
etag
"e1896b4f2aae406c4b62624821160e52"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
server-timing
cdn-cache; desc=HIT, edge; dur=57
accept-ranges
bytes
content-length
952
x-amz-id-2
sFVK9cFOqIFfheGfJmVxSxbzikuAagEhwBlUQvmZUwgBpOOLCZlP1IahmHycenDvpDuJngp3Cak=
expires
Mon, 06 Dec 2021 06:11:57 GMT
shopify_purchase_client_mapping.json
cdnt.netcoresmartech.com/ 		387 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnt.netcoresmartech.com/shopify_purchase_client_mapping.json?
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af8a3016fff1c36a33b05503191bfeaed7bec54216d46c9eafec6d09ae9e1a42

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
last-modified
Fri, 03 Dec 2021 14:24:16 GMT
server
AmazonS3
x-amz-request-id
STPC57JRBJCSAC94
etag
"42dcbf26a409b40ba6db341895ee7f34"
access-control-allow-methods
GET, POST, PUT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3353
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
387
x-amz-id-2
5pWQ97u4rG1wfrzZgqVCnd+RyvKbXMDU8WGunNPD6l3ZklsPVqnj55arrNl+bpQBS9orVsmgYEk=
expires
Mon, 06 Dec 2021 07:07:50 GMT
/
js.boxx.ai/js_init/ 		261 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.boxx.ai/js_init/?smartech=true&client_id=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&host=www.thestar.com.my&asset=1ea761fa10f93f18df46ddc3b4f7b01a
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&rc=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c000:9:a948:8e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0cc774c9edcfacef32f5d7401c7e74d7e601de7e6a977a0a8d0b1667341cc62d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 08:51:23 GMT
content-encoding
gzip
vary
Cookie,Accept-Encoding
age
76834
x-cache
Hit from cloudfront
content-length
177
last-modified
Sun, 05 Dec 2021 08:51:23 GMT
server
nginx/1.18.0
x-frame-options
SAMEORIGIN
content-language
en
via
1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
cache-control
public, must-revalidate, max-age=172800
x-amz-cf-pop
FRA6-C1
content-type
application/javascript
x-amz-cf-id
5aqX-S0qcNM0cB0FO-nFinxwRgCLxJ83-mw_Cj6LLXgRJ4V9jLvlIw==
expires
Tue, 07 Dec 2021 08:51:23 GMT
user_exists
psegment.netcoresmartech.com/ 		175 B
286 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=f9bb9ce6-cca3-47ca-b943-7a3f5074d381&s=true
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.235.123.107 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-235-123-107.ap-south-1.compute.amazonaws.com
Software
CRO SERVER /
Resource Hash
5dba87a8fb4f04053dbcd51b2869e96162fcb820cb58bd90377b07f759fa8e35

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 06:11:58 GMT
server
CRO SERVER
content-length
175
content-type
application/json
ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG_webp.js
cdndc.netcoresmartech.com/webp/ 		58 B
395 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdndc.netcoresmartech.com/webp/ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG_webp.js
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&rc=s
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ade6964320289bb8e3ff358f771feaa8c5802b61ede8685d8678e11c0eacbf5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
last-modified
Thu, 25 Feb 2021 10:35:05 GMT
server
AmazonS3
x-amz-request-id
GVVG846918TGF9CE
etag
"1d4003fd2edda3d62526374c76d3049d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604428
server-timing
cdn-cache; desc=HIT, edge; dur=49
accept-ranges
bytes
content-length
58
x-amz-id-2
Re+3Mh1MVwGrBYwn4w5QCd5430FlSFMdLOPvIi/TKqVMiahH5TXMqzPuXwhLhpsDV76lTB8oq90=
expires
Mon, 13 Dec 2021 06:05:45 GMT
df
twa.netcoresmartech.com/ 		57 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://twa.netcoresmartech.com/df?user_key=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.232.101.246 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-232-101-246.ap-south-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
9f878be7310ae8c9cb0334970d5a3ae14b0b4418374b8e73316756fc6abd1feb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 06:11:58 GMT
server
awselb/2.0
content-length
57
content-type
application/json
2207123949525156
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2207123949525156?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
312c28970d8ec18847bf606ff754a2389d85cb08f62972c6296dd20600ffbef2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89280
x-xss-protection
0
pragma
public
x-fb-debug
smtj+I3f4sgT63+nUjsXUI+uO5wqOPWcKYBpOqr1RX765a5qdAYd2HUGXIBk8CimpsfvR6umfByjA6jE3KwgeQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 06 Dec 2021 06:11:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
cxense_data.json
cdn.thestar.com.my/Content/Data/ 		47 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Data/cxense_data.json
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b168d8ab3c74c1db0643f47177895b9f37dacf4410dead91356532edfba2d42

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
W4qkhwSXbAY5HbSmduuwrYiqLCJLlYXJ
content-encoding
gzip
etag
W/"fe4f73a9c1dc9842250222843079dc82"
x-amz-cf-pop
FRA56-C2
x-cache
RefreshHit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Mon, 06 Dec 2021 05:53:16 GMT
server
AmazonS3
date
Mon, 06 Dec 2021 06:11:59 GMT
vary
Origin
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
application/json
via
1.1 0c0a9358491c37c184a221ad07b92016.cloudfront.net (CloudFront)
cache-control
max-age=180
x-amz-cf-id
KRr6bf5KT4Jd_imusuRJ14zTdBiLz0rmz4V0DsxxhxCkeWtK_U6WHw==
collect
analytics.google.com/g/ 		0
340 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-3HWDM68GV8&gtm=2oec10&_p=664786571&sr=1600x1200&_gaz=1&ul=en-us&cid=960081315.1638771116&_s=1&dl=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&dt=AP%20source%3A%20NSO%20Group%20spyware%20used%20to%20hack%20US%20State%20Department%20employees%20%7C%20The%20Star&sid=1638771117&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HWDM68GV8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:11:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3HWDM68GV8&cid=960081315.1638771116&gtm=2oec10&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HWDM68GV8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:11:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3HWDM68GV8&cid=960081315.1638771116&gtm=2oec10&aip=1&z=1899364588
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:11:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bundle.js
assets.ubembed.com/universalscript/releases/v0.179.1/ 		173 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Requested by
Host: 52a360d4000447a08efd7617080680a9.js.ubembed.com
URL: https://52a360d4000447a08efd7617080680a9.js.ubembed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-42.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 16:54:54 GMT
content-encoding
gzip
last-modified
Fri, 30 Jul 2021 19:19:04 GMT
server
AmazonS3
age
10761424
etag
W/"4d21402425377bf4a0f3a4f7ab8db2ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
VWcTJOJCNjyHukcXfY-6dbGZGGWNxffe6dof-_tqwyh8G2vM-1JtMQ==
teads-format.min.js
s8t.teads.tv/media/format/v3/ 		602 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/122213/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:191::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
510e6b176fac7f9500c599078eeed7cf9a0e11982f5df02e35e0a452e02a543f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
br
vary
Accept-Encoding
x-amz-request-id
4X1CSNVQHAXR4RK5
content-length
134154
x-amz-id-2
v5J7uSQGmRdwBsJ1xmP07QP1AVdDIEUGiZTAyWiETQdT/VgILmVusMgbPQK2r1QMYHMElL/o6WA=
last-modified
Wed, 01 Dec 2021 14:15:44 GMT
etag
"0f5a10a3dedcbbaf710854a2c3f5c144"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials
false
x-bucket
5
accept-ranges
bytes
access-control-allow-headers
*
expires
Mon, 06 Dec 2021 06:41:57 GMT
js
www.google-analytics.com/gtm/ 		92 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-P83PVZM&cid=960081315.1638771116
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dea196787ea84ef04b5c25df03426fa04436df5e14f8ef7f0a0231f3ef7cffe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36235
x-xss-protection
0
expires
Mon, 06 Dec 2021 06:11:57 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
age
10504643
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
w--wmXXNHctQ1w4TL4xxS7fStoP80ylBO_0D5ygRCC2exG5lKSpOaQ==
159.1c3fceccbc80f2a3615f.js
s7.addthis.com/static/ 		564 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
c02d2e4ee660f561338f717a6dc83745ea23c4ad356a57bdfee60c3643b25b1a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 15:49:19 GMT
server
nginx/1.15.8
etag
"5ed917ff-234"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Mon, 06 Dec 2021 06:11:57 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
394
1250F5B9-A35A-4F2C-BE77-A3A627FDBCB9.jpg
cdn.thestar.com.my/Components/Flyin/Thumbnails/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thestar.com.my/Components/Flyin/Thumbnails/1250F5B9-A35A-4F2C-BE77-A3A627FDBCB9.jpg
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232f0a276bc994b2c495f3616b71816bfbf1f8da4c1e007e1e8e07246ef73621

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
WTp8dH2zn_3LzW4GftX885cn1Q3T1kna
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Wed, 24 Nov 2021 12:01:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"5f070d9174e6b0a642216ca2ea1c31c6"
x-cache
Hit from cloudfront
content-type
.jpg
date
Mon, 06 Dec 2021 06:11:57 GMT
accept-ranges
bytes
content-length
155526
x-amz-cf-id
pQVezsOrT7iia866GUzARi0OPF02tn29J-Hkc22DFir68YedixPCSg==
view
securepubads.g.doubleclick.net/pcs/ Frame 5EDA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUBIk4tJLrcJXO2eO5Vjm4AYGAGAYUjUaROx6crBntBYv5omOY_m7KaLo4Ur1kxET-LJzUK67CzgM8tVW1n43z0k5jzhPC8RnIUhJjdh321LWOXxQF8-ErFmXcB3KgF--JhTw1f10NVff4Ex4dEjW0hGtEXWWR5BrwwWgea3W8xybKFnTnmnVuKZgrAKq3IbqXEFsEGWlrEfv6EiNqD5i6QP4lOhjWt8g8gvs6-8XCzgHA3TeYaSreFS1hUpmM7i93Fy0R1D0RLCHNl72rtwvb0worZzfshWaabBIbHDrfjaLtan6MBMSTWymb8qEXVikhPywLOslSLw&sig=Cg0ArKJSzBf9Rc8SJge6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 06 Dec 2021 06:11:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D11C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvI774NxubtTLCd3LPeUDwWhwT-2GUS1A1EM74bNka2SX3L2VbCaRFZygqlvM3361F9c1lgDNXIdmhCq0ZI38PbdjgTrbS2z-w5kGgY6iyeAH6xbsQUTFsVK0Vvx7bl0McFZ-0eijDWbGJIKa5LiGTYOfdWgt0xhj-TNiRe4diH6bRngHdspGsZfYPb5ww1blWpJkh-ScpDk_F36fsshRP-Kfy3dul3BwIKiyR8Jv5CQY2CeO1KS0SJiGYxGi0IRU25glFFbacNvUdLPy1ErOoBR4L_Q3bUnmsk9sZy02vv3zlM6nP_3V5ip2UL7uJXj3wPFtie_BohSgIa3nVikaDnOzng0mloGMLydu-UqErlRZ1T3NuYWMLA&sai=AMfl-YSzWv1mg1BXjutRFtfCtdp2sbY4amL6TJbpwxx6s1mZWlCAlycTjG2hCpdYdI1ThT-HNtZpkM66d-7E2ZdEgYTqcVaEBIe8t5Fl9zqWLfrBfCIfkMTajp_v43-tcyAG&sig=Cg0ArKJSzNtiIyUmeCUfEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 06 Dec 2021 06:11:57 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D11C 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021113001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a483bd0d2cc78f9d8bb5ac4dc658f12cdbd17d7a60692bc7d9f2674f126e52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8533
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 13EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcNWc_IjD3zRzVpieJtFH516b89l4pbAMk9TK-v8pqiu7cqO0Q2eE8KG0-AqoN3rNPvz9NYEm_GhKwzwoVrDGf4Hz2sNED7Km4px5-FgZXIKbGqx53-pnJQA6su5AHVJ7YzOxXIEOEEeklTwEnV--YmVqYhfnfVe-ecOQceinfjM9oANImndHILppq94w-drKr-O7rNEkF8EzK9Jq7Cw727KZYXm9srdsOuq2xfU7aJbk8BqUyzMPiOimMC-bQIPurdb2JoTjotbIrRufSz39C6_UIgGVSXcYx5i4zPbFX1ZuIINpFUPKFV_IMiWm7lpG7emYI_zeo0haHppjp-8gkaaw1nEnci7IyR6vyR1ztCfl-3ko2cnSESU-HCVLylPuk-Lzh0qC24upI_meAfcx8Tg9dK2KRYh1KmWjo6poGnNI3ig&sig=Cg0ArKJSzCo0ZI9tyZ2YEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 06:11:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 06 Dec 2021 06:11:57 GMT
css
fonts.googleapis.com/ Frame 2846 		8 KB
704 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600,regular,700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7762759255349788672/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bda2c84e2934508dd2b995f28876c68e3f0cf0955173bcf040b76ecc63e03786
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 05:44:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 06:11:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 06:11:57 GMT
rep.gif
comcluster.cxense.com/Repo/ Frame 57E0 		43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=1.1.2&typ=pgv&rnd=kwua0b2g9hchdwt3khju&sid=1145278932220698298&loc=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&new=0&arf=0&ltm=1638771115098&ref=&tzo=0&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=kwua0ekvmde7qsuz&ckp=kwua0d65tcvc6khu&glb=&wsz=1600x1200&amo=1638768652&cp_usergroup=anonymous&cp_ver=2.44&cp_testGroup=63&cp_loadDelay=2.2&cst=2q2sgjbhobjnx2zhbo6tx228wv
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.80.165 Osterhofen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.80.202.116.clients.your-server.de
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:58 GMT
server
Jetty(9.4.28.v20200408)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
43
content-type
image/gif
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2846 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7762759255349788672/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 23:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 06 Dec 2021 23:28:27 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2846 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7762759255349788672/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 16:13:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50298
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 06 Dec 2021 16:13:39 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.58 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.thestar.com.my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 06 Dec 2021 06:11:58 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.thestar.com.my
t
t.lkqd.net/ Frame A6C9 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.58 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Mon, 06 Dec 2021 06:11:58 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame 04C2 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1638771117.cds040.lo4.hn,1638771117.cds059.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3DD7 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/261053816168775680/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 23:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 06 Dec 2021 23:28:27 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3DD7 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/261053816168775680/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 16:13:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50298
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 06 Dec 2021 16:13:39 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame FA20 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8041232346273284096/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 23:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 06 Dec 2021 23:28:27 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame FA20 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8041232346273284096/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 16:13:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50298
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 06 Dec 2021 16:13:39 GMT
7021.json
script.crazyegg.com/pages/sampling-data-scripts/0012/ Frame 7924 		684 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/sampling-data-scripts/0012/7021.json?t=455214
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.361.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc73e9340fd6f5f84d4c250700ce47b888d7b90058c3b27d3e7002bd1dc8d629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:57 GMT
content-encoding
gzip
cf-cache-status
HIT
age
269796
ce-version
11.1.361
content-length
277
timing-allow-origin
*
last-modified
Fri, 03 Dec 2021 03:15:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
6b935c1f4fa559a7-MXP
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.58 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.thestar.com.my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 06 Dec 2021 06:11:58 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.thestar.com.my
t
t.lkqd.net/ Frame 91D8 		0
0
id
id.cxense.com/public/user/ 		118 B
690 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22kwua0d65tcvc6khu%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%222q2sgjbhobjnx2zhbo6tx228wv%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%222q2sgjbhobjnx2zhbo6tx228wv%22%7D%5D%2C%22siteId%22%3A%221145278932220698298%22%2C%22location%22%3A%22https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees%22%7D&callback=cXJsonpCBkwua0fb0lskw8d1i
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.80.165 Osterhofen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.80.202.116.clients.your-server.de
Software
Jetty(9.4.28.v20200408) /
Resource Hash
dddc8c4f028722a0b5b865fc87e649a45914bd724bb619165cd3838c6716b2d8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:11:58 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript;charset=utf-8
content-length
118
expires
Mon, 26 Jul 1997 05:00:00 GMT
1133176620062218
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1133176620062218?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
28a1bd8dcec5534f8c6e060ae3f5599ca8183248356f4115a2b499a892b70cf5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89230
x-xss-protection
0
pragma
public
x-fb-debug
tYO3MjSFB2nvh2+aVOigwnNjpuoSc1FRNRuys1LZGGd46Uwblf3Yyqqaje0N8U3cmmI7TKI5eBI/Ty0Lgm+peg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 06 Dec 2021 06:11:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2207123949525156&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&rl=&if=false&ts=1638771117986&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1638771117985.69696707&it=1638771117574&coo=false&exp=p1&rqm=GET
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 06 Dec 2021 06:11:58 GMT
truncated
/ Frame EAFE 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9813aea4d8e474ca65b60cd225fcf0f3bda9684e570c2408626147a588e8a72b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=664786571&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&ul=en-us&de=UTF-8&dt=AP%20source%3A%20NSO%20Group%20spyware%20used%20to%20hack%20US%20State%20Department%20employees%20%7C%20The%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEADQAAAAC~&jid=981819150&gjid=1646354051&cid=960081315.1638771116&tid=UA-828580-1&_gid=692849206.1638771118&_r=1&gtm=2wgc10PVM4TH&cg1=Article&cg2=Tech%2FTech%20News&cg3=NA&cd6=WEB&cd7=Article&cd11=Article&cd12=698637&cd13=AP%20source%3A%20NSO%20Group%20spyware%20used%20to%20hack%20US%20State%20Department%20employees&cd14=Tech%2FTech%20News&cd15=NA&cd16=NA&cd17=Metered&cd18=Cybersecurity%2CSmartphones%2CiOS%2CTechnology&cd19=English&cd20=2021-12-06&cd21=NA&cd22=ALAN%20SUDERMAN%2C%20ERIC%20TUCKER%20and%20FRANK%20BAJAK&cd23=Long&cd44=&cd45=false&cd50=0&cd54=NA&cd55=NA&cd56=NA&cd57=NA&cd58=NA&cd59=NA&cd60=NA&cm1=1&cd1=960081315.1638771116&z=1649859196
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:11:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVM4TH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2215
date
Mon, 06 Dec 2021 05:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 06 Dec 2021 07:35:03 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=664786571&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&dp=%2F5527862748764192611&ul=en-us&de=UTF-8&dt=AP%20source%3A%20NSO%20Group%20spyware%20used%20to%20hack%20US%20State%20Department%20employees%20%7C%20The%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEADQAAAAC~&jid=407058742&gjid=1640885352&cid=960081315.1638771116&tid=UA-127545387-2&_gid=692849206.1638771118&_r=1&_slc=1&cd1=IAEKyAAhACMC2gAAAAAAAQ%3D%3D&z=98179897
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:11:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame 2FD9 		0
0
cs
cs.lkqd.net/ Frame 2FD9 		0
0
cs
cs.lkqd.net/ Frame 2FD9 		0
0
cs
cs.lkqd.net/ Frame 2FD9 		0
0
cs
cs.lkqd.net/ Frame 2FD9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8091528906864552486
0
0
truncated
/ Frame 3A44 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
541a3dc0398db2cf2abef9f02a737882b36324a8123794996fc107979dda76ff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 51DD 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2ae70d091360f8470ee579f778492285d73d599c81bf557b3be2a226d9aef30

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=e8b80544-5c80-4ae8-b9c0-95b8f28e760b&pageId=122213&pid=132735&debug_metadata=EP8UC3m185&fv=923&ts=1638771118094&f=1&referer=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:58 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=e8b80544-5c80-4ae8-b9c0-95b8f28e760b&pageId=122213&pid=132735&slot=polymorph&fv=923&ts=1638771118100&f=1&referer=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:58 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
ad
a.teads.tv/page/122213/ 		541 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/122213/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&page=%7B%22id%22%3A122213%2C%22placements%22%3A%5B%7B%22id%22%3A132735%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A610%2C%22height%22%3A343%7D%2C%22slotType%22%3A%22polymorph%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%7D&auctid=e8b80544-5c80-4ae8-b9c0-95b8f28e760b&formatVersion=923&env=js-web&netBw=9.3&ttfb=2512
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e04a9c8230795c2f887b54c7728a38b10802fd05c50ea4be23e9387fa696c876

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:11:58 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thestar.com.my
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
365
expires
Mon, 06 Dec 2021 06:11:58 GMT
cs
cs.lkqd.net/ Frame 0024 		0
0
cs
cs.lkqd.net/ Frame 0024 		0
0
cs
cs.lkqd.net/ Frame 0024 		0
0
cs
cs.lkqd.net/ Frame 0024 		0
0
cs
cs.lkqd.net/ Frame 0024
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8307701688978336294
0
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D11C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 06 Dec 2021 06:11:58 GMT
healthcheck
pagestates-tracking.crazyegg.com/ Frame 7924 		19 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.361.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 06:41:36 GMT
via
1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 13:53:30 GMT
server
AmazonS3
age
4750223
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
19
x-amz-cf-id
A6DlKIfCcwm5LR1n-5N9CYJRsF-5OAxmYVFgJfbbGsrnFicqDQx4eQ==
healthcheck
assets-tracking.crazyegg.com/ Frame 7924 		19 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.361.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-27.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 06:41:36 GMT
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 13:53:30 GMT
server
AmazonS3
age
4750223
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
19
x-amz-cf-id
SEJElNfewAKS2vBffwTEajzvMxWKdOmR9m9W23cVnRfeECRWtxYAMQ==
collect
stats.g.doubleclick.net/j/ 		7 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-828580-1&cid=960081315.1638771116&jid=981819150&gjid=1646354051&_gid=692849206.1638771118&_u=aCDAAEACQAAAAC~&z=1330790405
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 06 Dec 2021 06:11:58 GMT
content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-127545387-2&cid=960081315.1638771116&jid=407058742&gjid=1640885352&_gid=692849206.1638771118&_u=aCDAAEADQAAAAC~&z=1096815473
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 06 Dec 2021 06:11:58 GMT
content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
garador_roller_garage_door_and_cyclist.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8041232346273284096/ Frame FA20 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8041232346273284096/garador_roller_garage_door_and_cyclist.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8041232346273284096/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d88dd69a23a07246d2b9b8f53880e290c4ebfad3cd97fbf5fe20bb09e957637a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
null
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
433545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96261
x-xss-protection
0
last-modified
Fri, 22 Oct 2021 16:59:29 GMT
server
sffe
date
Wed, 01 Dec 2021 05:46:13 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 01 Dec 2022 05:46:13 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 73E7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 06 Dec 2021 06:11:58 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 06 Dec 2021 06:11:58 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 06 Dec 2021 06:11:58 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
80bb5fa0-9b37-48f3-a160-240dab0a107c
https://www.thestar.com.my/ 		53 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thestar.com.my/80bb5fa0-9b37-48f3-a160-240dab0a107c
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
68c3532442a503d298666c3642cf13b54a841f302565ea0c8939771a9375497a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
53
Content-Type
text/javascript
si
googleads.g.doubleclick.net/pagead/drt/ Frame 80C0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 06 Dec 2021 06:11:58 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 06 Dec 2021 06:11:58 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 06 Dec 2021 06:11:58 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame E341
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 06 Dec 2021 06:11:58 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 06 Dec 2021 06:11:58 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 06 Dec 2021 06:11:58 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usync.html
ad.lkqd.net/cookie-sync/ Frame 425D 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

date
Mon, 06 Dec 2021 06:11:58 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1638771118.cds040.lo4.hn,1638771118.cds074.lo4.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 04C2 		76 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=81697253&m=&rtv=1&thost=www.thestar.com.my
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a8a4b47fdb7fbbf9085c9b3db2716c83605cdda0c323406a61169a13c92b1b50

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Dec 2021 06:11:59 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.thestar.com.my
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
5472
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=81697253&m=&rtv=1&thost=www.thestar.com.my
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.thestar.com.my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 06 Dec 2021 06:11:58 GMT
content-length
0
access-control-allow-origin
https://www.thestar.com.my
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 2846 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600,regular,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 13:52:02 GMT
x-content-type-options
nosniff
age
231596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 03 Dec 2022 13:52:02 GMT
2102948126432240
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2102948126432240?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9cb5adefe61a0fa79740f02d47d47a561bb05a7b9b0a553b75aa8267d72c98f0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89282
x-xss-protection
0
pragma
public
x-fb-debug
YnvR4DdUrSIQrpXPujYwA6QYhb039siVhQhwYSWfoi9dyQMjapJN76/azT+qm+eLIdZBVYXnDwLKW9rqcwGXYA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 06 Dec 2021 06:11:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1133176620062218&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&rl=&if=false&ts=1638771118252&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1638771117985.69696707&it=1638771117574&coo=false&exp=p1&rqm=GET
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 06 Dec 2021 06:11:58 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-828580-1&cid=960081315.1638771116&jid=981819150&_u=aCDAAEACQAAAAC~&z=1307462575
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:11:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-828580-1&cid=960081315.1638771116&jid=981819150&_u=aCDAAEACQAAAAC~&z=1307462575
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:11:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D11C 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 5EDA 		0
0
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
KuXuY5mbG6yln5YsEdf9JaPJtFF6aIqm
content-encoding
gzip
server
Server
x-amz-cf-pop
FRA56-C2
x-amz-rid
0NXY1NXTJ2D5RK0WKDAA
etag
1e39d25f07f5619925357b752ab10d04
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
cache-control
public, max-age=900
date
Mon, 06 Dec 2021 06:11:58 GMT
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
LI5Id9hgwwO065MosCLoRvmFjrEasASlhY_e-3Z3r4VJrYVtY-OAWw==
DSC_8666_pszwo_0.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/261053816168775680/ Frame 3DD7 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/261053816168775680/DSC_8666_pszwo_0.jpg
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d36f309cfd8549fe7700b6ece8080ddb8a4b0c0a5e55fbe362cecf8b5b9a06ae
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
467830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85739
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 15:04:50 GMT
server
sffe
date
Tue, 30 Nov 2021 20:14:48 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 30 Nov 2022 20:14:48 GMT
698596.json
cdn.thestar.com.my/Content/Text/short-with-headline/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Text/short-with-headline/698596.json?callback=jsonCallback698596&_=1638771114818
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
581d112a7789f6e30155b07829fa624e8b8c29297e498c2958465d554b5d8b58

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:59 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:23:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"4a9126a36aae40fa47c49fb76394d657"
x-cache
Miss from cloudfront
x-amz-version-id
w8PzUCISey_HsJqbosjVWBSAqKgLFx7Q
cache-control
max-age=180
accept-ranges
bytes
content-type
application/json
content-length
2917
x-amz-cf-id
YkSJKbLOJRZESFwFDPzQVbEelo3X-2gIcuN-tz-Ejm7lefwtg7oCfg==
clock
tracking.crazyegg.com/ Frame 7924 		28 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1638771118312
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.361.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.212.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-212-247.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
52ece501443953c801a84e7db80916af9c1c73e6d43d53dd2b953751bc616a26

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 06:11:58 GMT
cache-control
no-store
server
awselb/2.0
content-length
28
content-type
text/plain
cs
cs.lkqd.net/ Frame 425D 		0
0
cs
cs.lkqd.net/ Frame 425D 		0
0
cs
cs.lkqd.net/ Frame 425D 		0
0
cs
cs.lkqd.net/ Frame 425D 		0
0
cs
cs.lkqd.net/ Frame 425D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8091528906864552486
0
0
Temple_Spa_Primary_Logo_-_black.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7762759255349788672/ Frame 2846 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7762759255349788672/Temple_Spa_Primary_Logo_-_black.png
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcdfa01a53f484ed40c2fc1d5546d3c18d1df010a18a615c39723b05dfaf2d82
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
306574
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26903
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 15:34:55 GMT
server
sffe
date
Thu, 02 Dec 2021 17:02:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Dec 2022 17:02:24 GMT
21.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7762759255349788672/ Frame 2846 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7762759255349788672/21.png
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09d11d3640cd3e096fb70ff1e58656656ad6b6bbfd6d69f8309f17dfaaa344fe
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
306574
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2176
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 15:34:55 GMT
server
sffe
date
Thu, 02 Dec 2021 17:02:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Dec 2022 17:02:24 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 2846 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSTCmmLBVA59tlrV9CRgjyCXfrafAd9iCJlB_rTQF2IVittvFjdX26kjlkj4A&usqp=CAI
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2a686f9e08cac48f0d588ff921ec19abe4f1cd9c78ff277c78fb39a3acb0073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:24:51 GMT
x-content-type-options
nosniff
age
283627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19509
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 23:40:20 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 02 Dec 2022 23:24:51 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 2846 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT4kGFfve6n4WOiMhm7Uw7tr3vqLteVgJq8Z3DeONIBxp2W9VYOjf1a4sRx0Q&usqp=CAI
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93afa92de30a5d84cd576634093d2a031e4fce3abe47d2114f061b779bdf12cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 18:48:59 GMT
x-content-type-options
nosniff
age
40979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9729
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 13:40:31 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 05 Dec 2022 18:48:59 GMT
MKS-2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7762759255349788672/ Frame 2846 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7762759255349788672/MKS-2.jpg
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e163f1565c5ee237a76d40f0fc202d38a7042bb1f5d05ce980e202c225e3b1f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
306574
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26720
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 15:34:55 GMT
server
sffe
date
Thu, 02 Dec 2021 17:02:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Dec 2022 17:02:24 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2102948126432240&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&rl=&if=false&ts=1638771118323&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.2.1638771117985.69696707&it=1638771117574&coo=false&exp=p1&rqm=GET
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 06 Dec 2021 06:11:58 GMT
garador_roller_garage_door_and_cyclist.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8041232346273284096/ Frame FA20 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8041232346273284096/garador_roller_garage_door_and_cyclist.jpg
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d88dd69a23a07246d2b9b8f53880e290c4ebfad3cd97fbf5fe20bb09e957637a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
433545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96261
x-xss-protection
0
last-modified
Fri, 22 Oct 2021 16:59:29 GMT
server
sffe
date
Wed, 01 Dec 2021 05:46:13 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 01 Dec 2022 05:46:13 GMT
truncated
/ Frame 2846 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/gif
Temple_Spa_Primary_Logo_-_black.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7762759255349788672/ Frame 2846 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7762759255349788672/Temple_Spa_Primary_Logo_-_black.png
Requested by
Host: c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcdfa01a53f484ed40c2fc1d5546d3c18d1df010a18a615c39723b05dfaf2d82
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
306574
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26903
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 15:34:55 GMT
server
sffe
date
Thu, 02 Dec 2021 17:02:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Dec 2022 17:02:24 GMT
t
t.lkqd.net/ Frame 38DC 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.58 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Mon, 06 Dec 2021 06:11:58 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.58 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.thestar.com.my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 06 Dec 2021 06:11:58 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.thestar.com.my
config
c.amazon-adsystem.com/cdn/prod/ 		0
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.thestar.com.my&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:58 GMT
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.thestar.com.my
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
OxPH9kaDLD2CGfHyPeEtwRmC2LCl-4O7HSgI5r6udHXht30DDtbgNg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-201.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
78275
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 22:55:20 GMT
server
AmazonS3
date
Sun, 05 Dec 2021 08:27:53 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
AXRh535PBITqavDiDAbnN0cjclXlihqie99tUGUZMbXdmhLsaAhtpg==
shopping
encrypted-tbn3.gstatic.com/ Frame 2846 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT4kGFfve6n4WOiMhm7Uw7tr3vqLteVgJq8Z3DeONIBxp2W9VYOjf1a4sRx0Q&usqp=CAI
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93afa92de30a5d84cd576634093d2a031e4fce3abe47d2114f061b779bdf12cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 18:48:59 GMT
x-content-type-options
nosniff
age
40979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9729
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 13:40:31 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 05 Dec 2022 18:48:59 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 2846 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSTCmmLBVA59tlrV9CRgjyCXfrafAd9iCJlB_rTQF2IVittvFjdX26kjlkj4A&usqp=CAI
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2a686f9e08cac48f0d588ff921ec19abe4f1cd9c78ff277c78fb39a3acb0073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:24:51 GMT
x-content-type-options
nosniff
age
283627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19509
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 23:40:20 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 02 Dec 2022 23:24:51 GMT
/
www.facebook.com/tr/ Frame F6C8 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.thestar.com.my
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees

Response headers

content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Mon, 06 Dec 2021 06:11:58 GMT
/
www.facebook.com/tr/ Frame B824 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.thestar.com.my
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees

Response headers

content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Mon, 06 Dec 2021 06:11:58 GMT
query
global.cloud.netacuity.com/webservice/ 		573 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://global.cloud.netacuity.com/webservice/query?u=04842bc1-ecc8-4db1-aeec-6a7708559ff2&json=true
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.172.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-172-98.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
0978bb7b7c480487d82fd4404aa23e735b3be91bca39ad2534678d56a2a02278

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 06:11:58 GMT
content-encoding
gzip
server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-length
264
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
/
www.facebook.com/tr/ Frame E478 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.thestar.com.my
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees

Response headers

content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Mon, 06 Dec 2021 06:11:58 GMT
a.js
p.adlooxtracking.com/gpt/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9a59c5e5bf506c979d9baf8521375edc46c510007ea428f877717bdf90a81528
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:30:16 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Sun, 11 Jul 2021 15:29:14 GMT
server
nginx
age
2503
etag
"91f36cb612bb5287d05f3c7044927cbe"
content-type
application/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
alt-svc
clear
content-length
8068
prebid-custom.js
rtbpass-us.andbeyond.media/ 		497 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbpass-us.andbeyond.media/prebid-custom.js
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
AmazonS3 /
Resource Hash
ba8e120de9f4324345f8191286351644cfa2c7456af38600865582dbc5ee7ce7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 06:11:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Nov 2021 05:49:49 GMT
Server
AmazonS3
x-amz-request-id
0HXXJGJFJ51KMBNJ
ETag
"c5823f176022bb33b65608cb49556638"
X-HW
1638771118.dop040.lo4.t,1638771119.cds077.lo4.shn,1638771119.cds077.lo4.c
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31316589
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
158382
x-amz-id-2
Z6Gyyhv6aLubLckZc8upW8apbwY0BMzHLtyej05tKCXRiZsViSqVjvObz/YHVc8STzWi/dqx3Jc=
activeview
pagead2.googlesyndication.com/pcs/ Frame 3A44 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0x2xvH4nZq30BSwIalbWEfr3gB92R-RhYyOCXZqoxAhTtXydxSpeWpvmj0-BzklE9DglNNq9sBPR5nK4CSiUmTJmfdLwMEOMcWKY6ePMV9ZjxzHRkxQ&sai=AMfl-YStU5ueqoxFU53Jlx6iqEI8MvIcTWQOrauyzEvoiISGyLb2l0k5_jc1SWau0UPdJSbqEACWkF6_17SmdIc9-DcjemswjCSt19jQAJGMK28_qnodaAF0ba2A2CM&sig=Cg0ArKJSzH_xwPxWJRhsEAE&cid=CAASF-RosmLHEhtGdvE1mKrjIo3l3H1-gzaA&id=lidar2&mcvt=1000&p=167,315,257,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=383088598&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638771117075&rpt=833&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:11:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EAFE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSTT-iABJnIHxFSV_14_dMwo8imQTrFoPaBGFQtj6eLjXey-mfqKU2PKkGT0txyUPaQEkfpcN7NB1l2LsyUVuh721JvQ_SEpkcfNHyRtsyCAevJkm_zg&sai=AMfl-YT0eS1yIDTridxTI88TyYJWbq16w_iGYmOPVBOEirSHzaLwIf-uRdTIDiXZNERlpDbHfRXju7A37Y_3KiRjE9rgeZi4_NL95FevnCRNnh4D9_fkHGafjMpGOeI&sig=Cg0ArKJSzJHVJNaHOu9fEAE&cid=CAASF-Rokcm67OSh0sMWpO6jjDBJkNKL7FUT&id=lidar2&mcvt=1001&p=346,1070,596,1370&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3194759617&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638771117081&rpt=806&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:11:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
698596_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 		80 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Audio/short-with-headline/698596_v1.mp3
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
t.g4vbazGdYbhRULVUA92hkbNRislxSZ
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:23:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"c1ccc51bfc1531915a83b3672697ea4b"
x-cache
Hit from cloudfront
content-type
audio/mpeg
Content-Range
bytes 0-497023/497024
cache-control
max-age=180
date
Mon, 06 Dec 2021 06:11:59 GMT
accept-ranges
bytes
Content-Length
497024
x-amz-cf-id
OSdifrVXCIeiG2UMdPq_9sKYO1cvmfj9acsrJxauvf6PG8ukepLHqg==
698596.json
cdn.thestar.com.my/Content/Text/short-with-headline/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Text/short-with-headline/698596.json?callback=jsonCallback698596&_=1638771114819
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
581d112a7789f6e30155b07829fa624e8b8c29297e498c2958465d554b5d8b58

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:00 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:23:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"4a9126a36aae40fa47c49fb76394d657"
x-cache
Miss from cloudfront
x-amz-version-id
w8PzUCISey_HsJqbosjVWBSAqKgLFx7Q
cache-control
max-age=180
accept-ranges
bytes
content-type
application/json
content-length
2917
x-amz-cf-id
sJ8Gt3AEVcKs3Rw-O2BhD2N-K43GJdvprBPI1rFiFAo-ifjYMhb7kQ==
tag
4cywq-eqnre.ads.tremorhub.com/ad/ Frame 0B99 		119 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0%2C1%21vidoomy.com%2C56965%2C1%2C327677383196164777228068321%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:7919:d06d:12c8:6304 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:11:59 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
text/xml;charset=UTF-8
tag
4cywq-eqnre.ads.tremorhub.com/ad/ Frame 0B99 		119 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0%2C1%21vidoomy.com%2C56965%2C1%2C3276773831961647771594897272%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:7919:d06d:12c8:6304 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:11:59 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
text/xml;charset=UTF-8
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 0B99 		67 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=0&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C56965%2C1%2C913096364327677383196164777%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 06:11:59 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.thestar.com.my
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1638771118970059-374
Expires
Mon, 06 Dec 2021 06:11:59 GMT
/
adx.adform.net/adx/ Frame 0B99 		65 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=http%3A%2F%2Fwww.thestar.com.my%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:59 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ Frame 0B99 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=242523735&gdpr=0&gdpr_consent=&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.249.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-249-59.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
/
adx.adform.net/adx/ Frame 0B99 		65 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=http%3A%2F%2Fwww.thestar.com.my%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:11:59 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.thestar.com.my
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/xml
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ Frame 0B99 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1537583188&gdpr=0&gdpr_consent=&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.249.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-249-59.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads.adaptv.advertising.com/a/h/ Frame 0B99 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=70586564&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.249.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-249-59.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
wrapper.html
wrappers.geoedge.be/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4e00:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

x-amz-version-id
gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 12:46:04 GMT
server
AmazonS3
age
34593
etag
"4a6c546fe449447f2a620613c0655458"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
date
Sun, 05 Dec 2021 20:35:27 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
3121
x-amz-cf-id
2NVLfZmbWa5Q3ZETd-DoMuQi8OBHV1zwC1Tgek5UT1vMiPf1NK376Q==
grumi.js
rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/ 		221 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dfc8e66d6cecef50b7312090571d02df1e5cecfe834cd9328f4d98beb9c6a653

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:00:21 GMT
content-encoding
br
last-modified
Mon, 06 Dec 2021 05:55:31 GMT
server
AmazonS3
age
699
etag
W/"488a170d0812cf67077b4e130a5f5679"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
w1ujg3qYXFVpQ0J7_gshh0sh3NECBa2o
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA56-C1
content-type
text/javascript
x-amz-cf-id
bRk6yRS8VyjrnVD72RZp-uWP9HRShj-j9CT1mC-nf21MQtelrZxPKg==
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.58 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.thestar.com.my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 06 Dec 2021 06:11:59 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.thestar.com.my
t
t.lkqd.net/ Frame 38DC 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.58 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Mon, 06 Dec 2021 06:11:59 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid_25214542.js
vpaid.springserve.com/production/ Frame 4030 		495 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_25214542.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 18:31:49 GMT
content-encoding
br
last-modified
Fri, 19 Nov 2021 18:30:16 GMT
server
AmazonS3
age
1424411
etag
W/"185feb14359001049d144410afbeaaa4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
QIMj3KKeFQV3hxCycGh95IzVHmuIfMBocO1XF8cp10NjskLqW3XYgA==
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/gif
698596_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 		32 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Audio/short-with-headline/698596_v1.mp3
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
t.g4vbazGdYbhRULVUA92hkbNRislxSZ
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:23:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"c1ccc51bfc1531915a83b3672697ea4b"
x-cache
Hit from cloudfront
content-type
audio/mpeg
Content-Range
bytes 0-497023/497024
cache-control
max-age=180
date
Mon, 06 Dec 2021 06:11:59 GMT
accept-ranges
bytes
Content-Length
497024
x-amz-cf-id
npXb8KZXs_bgeziuGHZ0OXuqRpG23FORQ9NACaZRmYrnWN8fgMYsjg==
t
t.lkqd.net/ Frame 38DC 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.58 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Mon, 06 Dec 2021 06:11:59 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.58 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.thestar.com.my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 06 Dec 2021 06:11:59 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.thestar.com.my
698593.json
cdn.thestar.com.my/Content/Text/short-with-headline/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Text/short-with-headline/698593.json?callback=jsonCallback698593&_=1638771114820
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78f762df6a12431120bc192dd5e8918aa1f9e025602f1819101663df62e17313

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:01 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:23:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"639b77400b8cdfbe77fa03738cbbe2fb"
x-cache
Miss from cloudfront
x-amz-version-id
oBXYyekdlh3rafUq5aV23U21uhAdSlla
cache-control
max-age=180
accept-ranges
bytes
content-type
application/json
content-length
2332
x-amz-cf-id
j8jaSnnrlkMIKUAL2osHRzU8VgKRjfvXgV_J0GFM6Pt3RJV4gkGilQ==
698596_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 		44 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Audio/short-with-headline/698596_v1.mp3
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=65536-

Response headers

x-amz-version-id
t.g4vbazGdYbhRULVUA92hkbNRislxSZ
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:23:27 GMT
server
AmazonS3
age
14
etag
"c1ccc51bfc1531915a83b3672697ea4b"
x-cache
Hit from cloudfront
content-type
audio/mpeg
Content-Range
bytes 65536-497023/497024
cache-control
max-age=180
date
Mon, 06 Dec 2021 06:11:46 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
Content-Length
431488
x-amz-cf-id
MsjWnhvVsSGh5ABRyW1RP1Rd_JJEXuVw3aGz4EB79sR84U5jq59Edg==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 4030 		961 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771118805,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
209523352731baeb2c1dc15e5e7a6cbb36b3a502a06f6c65f7a92d3fa77644e0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:00 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.thestar.com.my
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
589
expires
Mon, 06 Dec 2021 06:12:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 4030 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.249.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-249-59.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com.my
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 4030 		165 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
50ddda48f6ff21a6c82903cabdda3e19adffcb734dc7c352d26234daa4470139
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 06:12:00 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
1cdc44d2-a20e-46de-964e-3dcec5f57396
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thestar.com.my
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
165
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ups.analytics.yahoo.com/ups/57304/ Frame 4030
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP6c5cb458-565b-11ec-84d2-0634bd7286aa
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA2YzVjYjQ1OC01NjViLTExZWMtODRkMi0wNjM0YmQ3Mjg2YWE%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEFogK7CbAo308WSYV7zreDE&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFogK7CbAo308WSYV7zreDE&google_cver=1&apid=UP6c5cb458-565b-11ec-84d2-0634bd7286aa
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFogK7CbAo308WSYV7zreDE&google_cver=1&apid=UP6c5cb458-565b-11ec-84d2-0634bd7286aa
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:00 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFogK7CbAo308WSYV7zreDE&google_cver=1&apid=UP6c5cb458-565b-11ec-84d2-0634bd7286aa
date
Mon, 06 Dec 2021 06:12:00 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55986/ Frame 4030
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=Ya2psAAJ8VHN5gBG&_origin=0&gdpr=0&gdpr_consent=&_test=Ya2psAAJ8VHN5gBG
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=Ya2psAAJ8VHN5gBG&_origin=0&gdpr=0&gdpr_consent=&_test=Ya2psAAJ8VHN5gBG&apid=UP6c5cb458-565b-11ec-84d2-0634bd7286aa
0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=Ya2psAAJ8VHN5gBG&_origin=0&gdpr=0&gdpr_consent=&_test=Ya2psAAJ8VHN5gBG&apid=UP6c5cb458-565b-11ec-84d2-0634bd7286aa
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:00 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=Ya2psAAJ8VHN5gBG&_origin=0&gdpr=0&gdpr_consent=&_test=Ya2psAAJ8VHN5gBG&apid=UP6c5cb458-565b-11ec-84d2-0634bd7286aa
date
Mon, 06 Dec 2021 06:12:00 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/ Frame 4030
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=e285ef8b-5e81-4a7f-870d-b84e8a25eed6&_origin=1&gdpr=1&gdpr_consent=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=e285ef8b-5e81-4a7f-870d-b84e8a25eed6&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:00 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=e285ef8b-5e81-4a7f-870d-b84e8a25eed6&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame BADA 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771118805,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:00 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6BF9 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771118805,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=81678
expires
Tue, 07 Dec 2021 04:53:18 GMT
date
Mon, 06 Dec 2021 06:12:00 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame BADA 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771118805,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:00 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81678
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Tue, 07 Dec 2021 04:53:18 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 6BF9 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=9791284&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6048ecd86ef752631fa45c1f33db4a6c6eac3689774b436266d9a433e7604050

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:00 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame F756
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 06 Dec 2021 06:12:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 06 Dec 2021 06:12:00 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 0491
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=840177843997574231
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=840177843997574231
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 06 Dec 2021 06:11:59 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug001:0:421
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=840177843997574231
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame A043 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 06 Dec 2021 06:12:00 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 06 Dec 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
564273
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6BF9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6nkI3F3OQWSQ4uDkX41vHg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:00 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=162705
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Wed, 08 Dec 2021 03:23:45 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 6BF9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b79461ad-a9b0-4300-aab3-5ca03af527c9
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b79461ad-a9b0-4300-aab3-5ca03af527c9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 06 Dec 2021 06:12:00 GMT
Server
MT3 4133 baa842e master zrh-pixel-x30 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b79461ad-a9b0-4300-aab3-5ca03af527c9
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 06 Dec 2021 06:11:59 GMT
/
pixel.onaudience.com/ Frame 6BF9
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=4c9710421393ae29e44292a43225ce3d
35 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=4c9710421393ae29e44292a43225ce3d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Server
51.210.112.236 , France, ASN16276 (OVH, FR),
Reverse DNS
pikafka-1.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Mon, 06 Dec 2021 06:12:00 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=4c9710421393ae29e44292a43225ce3d
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 6BF9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUE3OTA4REMtNURDRS00MTY0LTkwRTItRTBFNDVGOEQ2RjFF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:00 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:2241
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6BF9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAnYXlLffKYajWQVTldrXSc&google_cver=1
42 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAnYXlLffKYajWQVTldrXSc&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:59 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:841
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAnYXlLffKYajWQVTldrXSc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 6BF9 		43 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 05 Dec 2021 06:12:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6BF9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:4bb461ad-a9b0-4000-bc07-3ef084bfca61&gdpr=0&gdpr_consent=
42 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:4bb461ad-a9b0-4000-bc07-3ef084bfca61&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:59 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:363
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 06 Dec 2021 06:12:00 GMT
Server
MT3 4133 baa842e master zrh-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:4bb461ad-a9b0-4000-bc07-3ef084bfca61&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 06 Dec 2021 06:11:59 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6BF9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6172238121245427292
42 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6172238121245427292
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 04:29:55 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0022:0:402
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:00 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6172238121245427292
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 6BF9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e285ef8b-5e81-4a7f-870d-b84e8a25eed6
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e285ef8b-5e81-4a7f-870d-b84e8a25eed6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:00 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:374
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e285ef8b-5e81-4a7f-870d-b84e8a25eed6
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 6BF9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5730653417264827476&gdpr=0&gdpr_consent=
42 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5730653417264827476&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:59 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:311
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 06:12:00 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
58ff0aa1-33e6-4e03-9f28-b7314a4bc43d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5730653417264827476&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6BF9
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7mfPC7lvzF_1b5kM7zSDV7xvnVb1NJZYuW-3mTQE
42 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7mfPC7lvzF_1b5kM7zSDV7xvnVb1NJZYuW-3mTQE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:59 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:266
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7mfPC7lvzF_1b5kM7zSDV7xvnVb1NJZYuW-3mTQE
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
698593_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 		70 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Audio/short-with-headline/698593_v1.mp3
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
4vD0ws.OP5zQVlhlJsTPpSAgn0yjA.Kn
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:23:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"4747394d2dc87f4558a8040102994415"
x-cache
Hit from cloudfront
content-type
audio/mpeg
Content-Range
bytes 0-330463/330464
cache-control
max-age=180
date
Mon, 06 Dec 2021 06:12:00 GMT
accept-ranges
bytes
Content-Length
330464
x-amz-cf-id
GUOU3n5Q3GblFqpwkaDSe9hN2c2lPV8GFjfsM2pbLgbFS5OscTC_KQ==
698592.json
cdn.thestar.com.my/Content/Text/short-with-headline/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Text/short-with-headline/698592.json?callback=jsonCallback698592&_=1638771114821
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
505229b34a2c40ebb0a5ea16c9ffa4fe2f2fcd693404f886de2ed6b9415bc2b8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:02 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:23:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"a34e2d4bc87ea8985d4f873a4f6d48f9"
x-cache
Miss from cloudfront
x-amz-version-id
T87qoOyqatUwIH7FQaHjAcfD41XDkSlZ
cache-control
max-age=180
accept-ranges
bytes
content-type
application/json
content-length
2038
x-amz-cf-id
6Qkr7kvdEY0sxfpN9-k-AV2z4BS0Yj_H7MdePakeN_jEphLCETE3Lg==
AdServerServlet
vid.pubmatic.com/AdServer/ Frame BADA 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771118805,,&us_privacy=&cb=1638771120289&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.thestar.com.my%252Ftech%252Ftech-news%252F2021%252F12%252F06%252Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.thestar.com.my%252Ftech%252Ftech-news%252F2021%252F12%252F06%252Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-6%206:12:0&ranreq=0.8261064565806846&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771118805,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:00 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 4030 		961 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771118805,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8b8ac00d726753ee65f6a7f48408ee7e49fca76c9bb11d658812f48118ad36cc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:01 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.thestar.com.my
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
589
expires
Mon, 06 Dec 2021 06:12:01 GMT
track
aktrack.pubmatic.com/ Frame 4030 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1638771120&wa=0&e=96&ier=901
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:01 GMT
content-length
0
content-type
text/html
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame A8F1 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771118805,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:01 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6156 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771118805,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=81677
expires
Tue, 07 Dec 2021 04:53:18 GMT
date
Mon, 06 Dec 2021 06:12:01 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame A8F1 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771118805,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:01 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81677
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Tue, 07 Dec 2021 04:53:18 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 6156 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34303418&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ce4ae615871ef962013f4065b9b0986132dd32cf09034120278d7b02007b113f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1934
content-type
text/html; charset=UTF-8
698592_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 		68 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Audio/short-with-headline/698592_v1.mp3
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
J7t7TbV_qsI9FpW1Wd.9bnuMYimdySqJ
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:23:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"75c2a5f727712964ed24ffd939e1778d"
x-cache
Hit from cloudfront
content-type
audio/mpeg
Content-Range
bytes 0-198175/198176
cache-control
max-age=180
date
Mon, 06 Dec 2021 06:12:01 GMT
accept-ranges
bytes
Content-Length
198176
x-amz-cf-id
IWPT_jr7mGIQQANR8eNbfvEKrQaKAu6oz_Oxef5T6byqkXu0C7oGrQ==
Pug
simage2.pubmatic.com/AdServer/ Frame 4241
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7038468370331793563
42 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7038468370331793563
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 06 Dec 2021 06:12:01 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug014:0:297
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Mon, 06 Dec 2021 06:12:01 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7038468370331793563
Pug
simage2.pubmatic.com/AdServer/ Frame 1FE2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ya2psAAJ8VHN5gBG&gdpr=0&gdpr_consent=
1 B
253 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ya2psAAJ8VHN5gBG&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 06 Dec 2021 06:11:59 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
amspug012:0:403
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ya2psAAJ8VHN5gBG&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Mon, 06 Dec 2021 06:12:01 GMT
via
1.1 varnish
x-served-by
cache-lcy19254-LCY
x-cache
HIT
x-cache-hits
0
x-timer
S1638771121.276888,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame 4366
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFmZ2FVN0RXMU1BQUItdjZEQ1BMUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.6.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-6-213.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Mon, 06 Dec 2021 06:12:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Mon, 06 Dec 2021 06:12:01 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Pug
simage2.pubmatic.com/AdServer/ Frame 5BD5
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=33672461
  • https://sync.1rx.io/usersync/tradedesk/e285ef8b-5e81-4a7f-870d-b84e8a25eed6
  • https://sync.targeting.unrulymedia.com/csync/RX-0e81ab6f-b500-4832-a367-d889d89eb94e-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0e81ab6f-b500-4832-a367-d889d89eb94e-003
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0e81ab6f-b500-4832-a367-d889d89eb94e-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 06 Dec 2021 06:12:00 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug013:0:431
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Mon, 06 Dec 2021 06:12:01 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0e81ab6f-b500-4832-a367-d889d89eb94e-003
etag
RX0e81ab6fb5004832a367d889d89eb94e003
Artemis
aud.pubmatic.com/AdServer/ Frame 6156
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E&addseg=11,34,40
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E&addseg=11,34,40
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:01 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Mon, 06 Dec 2021 06:12:01 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E&addseg=11,34,40
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 6156
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Server
77.243.60.138 Ballerup Municipality, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:00 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:00 GMT
frontend-id
10
location
/pubmatic/1/info2?sType=sync&sExtCookieId=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 6156 		95 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6b935c34eba20e12-MXP
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 6156
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E
  • https://a.audrte.com/p
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 6156
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-enpmg8NE2uXIUf6PabVEJVj3d2C9GUs-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-enpmg8NE2uXIUf6PabVEJVj3d2C9GUs-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-enpmg8NE2uXIUf6PabVEJVj3d2C9GUs-~A&gdpr=0&gdpr_consent=
date
Mon, 06 Dec 2021 06:12:01 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6156 		43 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:15eb:8f8e:fe0:229e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 6156
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=19cf3904-7da7-4e6a-9c07-027de25f2f9d
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mkb9995cf5-30b2-4ee5-a9ef-72dad1ca4b52&expires=7&user_group=5&ssp=pubmatic&bsw_param=19cf3904-7da7-4e6a-9c07-027de25f2f9d
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=19cf3904-7da7-4e6a-9c07-027de25f2f9d&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=19cf3904-7da7-4e6a-9c07-027de25f2f9d&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:01 GMT
cache-control
no-store, no-cache, private
x-lat
amspug018:0:432
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=19cf3904-7da7-4e6a-9c07-027de25f2f9d&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 06 Dec 2021 06:12:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6156
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8091528906864552486&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8091528906864552486&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:00 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:430
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8091528906864552486&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 06 Dec 2021 06:12:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 6156 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:01 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 6156
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:11:59 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:449
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:01 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
698588.json
cdn.thestar.com.my/Content/Text/short-with-headline/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Text/short-with-headline/698588.json?callback=jsonCallback698588&_=1638771114822
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc00bad77745c95ef035ff451ec24834f56352318f5b5edd0b9521687eecffbd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:02 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:23:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"2e844c19adeb56f21008e9906a5003dc"
x-cache
Miss from cloudfront
x-amz-version-id
.qyLgNj0Fn9qKGOMle0xdrsMczo9gpa5
cache-control
max-age=180
accept-ranges
bytes
content-type
application/json
content-length
2013
x-amz-cf-id
0r7NB7xnFY8qKr73Xk4RH55a3PU5Q3zog_4bbOWXV6QJRoV6E7YmoA==
AdServerServlet
vid.pubmatic.com/AdServer/ Frame A8F1 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771118805,,&us_privacy=&cb=1638771121159&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.thestar.com.my%252Ftech%252Ftech-news%252F2021%252F12%252F06%252Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.thestar.com.my%252Ftech%252Ftech-news%252F2021%252F12%252F06%252Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-6%206:12:1&ranreq=0.5205677273549891&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771118805,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:01 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
i
vid-io-cle.springserve.com/vd/ Frame 4030 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=936f1032&ps_id=356921&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.19.190.206 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-190-206.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Mon, 06 Dec 2021 06:12:02 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 4030 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1638771121&wa=0&e=96&ier=901
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:01 GMT
content-length
0
content-type
text/html
698588_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 		72 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Audio/short-with-headline/698588_v1.mp3
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
GJ5IZmmIDyoA4TBq4tedoXVvCeKaa28V
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:23:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"f73a4c971f789f4b91c049fe074f08d8"
x-cache
Hit from cloudfront
content-type
audio/mpeg
Content-Range
bytes 0-238399/238400
cache-control
max-age=180
date
Mon, 06 Dec 2021 06:12:02 GMT
accept-ranges
bytes
Content-Length
238400
x-amz-cf-id
xQkFok5WgZr0u_kA7VQBkkyHl3qi0nx1YIkb9PyOCiJRdD9g_f3KNQ==
track
aktrack.pubmatic.com/ Frame 4030 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1638771120&wa=0&e=96&ier=901
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:02 GMT
content-length
0
content-type
text/html
698586.json
cdn.thestar.com.my/Content/Text/short-with-headline/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Text/short-with-headline/698586.json?callback=jsonCallback698586&_=1638771114823
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f75a3bdc56a20b4e31a3ebb2f970e4efab54b4c339882c71e22075c88953df4f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:03 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:23:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"07ee2c47ce55efba4c9381601b4385c5"
x-cache
Miss from cloudfront
x-amz-version-id
TP7H_tsxIlROk2lq9q5UdVOy.imNBRaa
cache-control
max-age=180
accept-ranges
bytes
content-type
application/json
content-length
1807
x-amz-cf-id
6Bh4mVipBaPlP69cXZKBUdxSkuW0bUea_IPX9_aVztwUamzvP7vaMA==
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.58 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.thestar.com.my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 06 Dec 2021 06:12:02 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.thestar.com.my
t
t.lkqd.net/ Frame 38DC 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.58 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Mon, 06 Dec 2021 06:12:02 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-3HWDM68GV8&gtm=2oec10&_p=664786571&sr=1600x1200&ul=en-us&cid=960081315.1638771116&_s=2&dl=https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees&dt=AP%20source%3A%20NSO%20Group%20spyware%20used%20to%20hack%20US%20State%20Department%20employees%20%7C%20The%20Star&sid=1638771117&sct=1&seg=0&en=page_view_content&_et=2&ep.meta_page_type=Article&ep.meta_content_type=Article&ep.meta_content_id=698637&ep.meta_content_title=AP%20source%3A%20NSO%20Group%20spyware%20used%20to%20hack%20US%20State%20Department%20employees&ep.meta_content_category=Tech%2FTech%20News&ep.meta_content_author=NA&ep.meta_content_sp=NA&ep.meta_content_tier=Metered&ep.meta_content_tags=Cybersecurity%2CSmartphones%2CiOS%2CTechnology&ep.meta_content_language=English&ep.meta_content_date=2021-12-06&ep.meta_content_agency=NA&ep.meta_content_byline=ALAN%20SUDERMAN%2C%20ERIC%20TUCKER%20and%20FRANK%20BAJAK&ep.meta_content_length=Long&ep.meta_content_category_alt=&ep.meta_content_exclusive=false&ep.meta_content_classification_main=NA&ep.meta_content_classification_main_alt=NA&ep.meta_content_classification=NA&ep.meta_content_classification_alt=NA&ep.meta_content_sentiment=NA&ep.meta_content_sentiment_magnitude=NA&ep.meta_content_keyword_suggestion=NA
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HWDM68GV8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
v.lkqd.net/ Frame 78A6 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=56214805&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
f7c4f889efe4c089a1c58379deadf75368d88b3b31e87b652e10ca4f735c434d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:02 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1359
698586_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 		96 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Audio/short-with-headline/698586_v1.mp3
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
iMvRRj8PljEL4kebvCgsVI2Fqt2JiSVc
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:23:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"fcb6fafacaff2e899b91bdd8295d1855"
x-cache
Hit from cloudfront
content-type
audio/mpeg
Content-Range
bytes 0-200479/200480
cache-control
max-age=180
date
Mon, 06 Dec 2021 06:12:02 GMT
accept-ranges
bytes
Content-Length
200480
x-amz-cf-id
byyttMQPDI_qLdylWBwWeRe68pBAxenfeIRufjQpowy3gSPjZIqQNw==
vpaid.js
ad.lkqd.net/vpaid/ Frame C296 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:02 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1638771122.cds040.lo4.hn,1638771122.cds059.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame 600D 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

date
Mon, 06 Dec 2021 06:12:02 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1638771122.cds040.lo4.hn,1638771122.cds074.lo4.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame C296 		62 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=56214805&m=&rtv=1&thost=www.thestar.com.my
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
447959fa8f2267084e2f71c05230909045322d252f330090c4ad38d588cc40eb

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Dec 2021 06:12:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.thestar.com.my
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
5160
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=56214805&m=&rtv=1&thost=www.thestar.com.my
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.thestar.com.my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 06 Dec 2021 06:12:03 GMT
content-length
0
access-control-allow-origin
https://www.thestar.com.my
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
698585.json
cdn.thestar.com.my/Content/Text/short-with-headline/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Text/short-with-headline/698585.json?callback=jsonCallback698585&_=1638771114824
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b875ec33de25e99e1ac3a0ad42ccaef1d32a2aeeae1b94441fa7e6f08b0461ac

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:04 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:23:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"617c7f7d9036b3d4e4da362c88c5e5b0"
x-cache
Miss from cloudfront
x-amz-version-id
KKrsIyaxT9g0vdHHmhYGlVUwxhK3XRUa
cache-control
max-age=180
accept-ranges
bytes
content-type
application/json
content-length
1971
x-amz-cf-id
-uVOzuQK5xFQgUY03EqHJhm4Mnls-ndKcwfwdPDQ45tSO1jy3o3j3g==
cs
cs.lkqd.net/ Frame 600D 		0
0
cs
cs.lkqd.net/ Frame 600D 		0
0
cs
cs.lkqd.net/ Frame 600D 		0
0
cs
cs.lkqd.net/ Frame 600D 		0
0
cs
cs.lkqd.net/ Frame 600D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8091528906864552486
0
0
t
t.lkqd.net/ Frame 6821 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.58 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Mon, 06 Dec 2021 06:12:03 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.58 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.thestar.com.my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 06 Dec 2021 06:12:03 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.thestar.com.my
v2rksPhx3veqTM-DZ1vQXLCNuEBd2TU9BqsYtULt3aOoTv2QvxLydbyDqtTzwSDcr7aPfDvb5
handyfireman.com/ 		216 B
615 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://handyfireman.com/v2rksPhx3veqTM-DZ1vQXLCNuEBd2TU9BqsYtULt3aOoTv2QvxLydbyDqtTzwSDcr7aPfDvb5
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
73608d747033f761814591dae199f31e11b93d338c4f7dd4f0ce68199c7a5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Mon, 06 Dec 2021 06:12:03 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
a26589ac
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Mon, 06 Dec 2021 06:12:02 GMT
v2svx4P_G2hlXf0PcUqbtKXgDyMj0Z3ffK8AsbLgpIMmSekjZbCktlz8x08RrXl3rz25frJ7d
handyfireman.com/ 		3 B
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://handyfireman.com/v2svx4P_G2hlXf0PcUqbtKXgDyMj0Z3ffK8AsbLgpIMmSekjZbCktlz8x08RrXl3rz25frJ7d
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Mon, 06 Dec 2021 06:12:03 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
access-control-allow-credentials
true
x-hostname
a26589ac
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
tag
4cywq-eqnre.ads.tremorhub.com/ad/ Frame 0B99 		119 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0%2C1%21vidoomy.com%2C56965%2C1%2C58190495977382163311416969452%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:7919:d06d:12c8:6304 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:03 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
text/xml;charset=UTF-8
tag
4cywq-eqnre.ads.tremorhub.com/ad/ Frame 0B99 		119 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0%2C1%21vidoomy.com%2C56965%2C1%2C5819049597738216331807018438%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:7919:d06d:12c8:6304 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:03 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
text/xml;charset=UTF-8
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 0B99 		67 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=0&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C56965%2C1%2C7240664325819049597738216331%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 06:12:03 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.thestar.com.my
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1638771123180072-529
Expires
Mon, 06 Dec 2021 06:12:03 GMT
/
adx.adform.net/adx/ Frame 0B99 		65 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=http%3A%2F%2Fwww.thestar.com.my%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:03 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.thestar.com.my
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/xml
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/ Frame 0B99 		65 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=http%3A%2F%2Fwww.thestar.com.my%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:03 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.thestar.com.my
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads-eu.v.ssp.yahoo.com/a/h/ Frame 0B99
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=913190829&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi....
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=913190829&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.heig...
249 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=913190829&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=4375da3c-44ea-4d1e-903c-a11f231c48ae&a.is_yahoo=3&redirect_y=dHM9MTYzODc3MTEyMzM4Mi42ODQ4MTQ6YXBpZD1VUDZjNWNiNDU4LTU2NWItMTFlYy04NGQyLTA2MzRiZDcyODZhYTpyZXF1ZXN0X2lkPTQzNzVkYTNjLTQ0ZWEtNGQxZS05MDNjLWExMWYyMzFjNDhhZQ==
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
HTTP/1.1
Server
52.57.42.190 -, , ASN (),
Reverse DNS
Software
ATS/9.1.0.33 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 06 Dec 2021 06:12:03 GMT
content-encoding
gzip
server
ATS/9.1.0.33
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://www.thestar.com.my
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=913190829&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=4375da3c-44ea-4d1e-903c-a11f231c48ae&a.is_yahoo=3&redirect_y=dHM9MTYzODc3MTEyMzM4Mi42ODQ4MTQ6YXBpZD1VUDZjNWNiNDU4LTU2NWItMTFlYy04NGQyLTA2MzRiZDcyODZhYTpyZXF1ZXN0X2lkPTQzNzVkYTNjLTQ0ZWEtNGQxZS05MDNjLWExMWYyMzFjNDhhZQ==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
698585_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 		71 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Audio/short-with-headline/698585_v1.mp3
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
opu3Z3PO2iKT2KVn28q_ftc7iopLsEMm
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:23:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"5ab0c02dd0cccf5a45f3ab86bd4666f1"
x-cache
Hit from cloudfront
content-type
audio/mpeg
Content-Range
bytes 0-197983/197984
cache-control
max-age=180
date
Mon, 06 Dec 2021 06:12:03 GMT
accept-ranges
bytes
Content-Length
197984
x-amz-cf-id
6y53lsuiejx686Jnq065hEzeMXeAd5VDHqTrVqWGcfAlggm5eoVDvg==
698584.json
cdn.thestar.com.my/Content/Text/short-with-headline/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Text/short-with-headline/698584.json?callback=jsonCallback698584&_=1638771114825
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21c0a1fe3c300bb4c792452fdea10a110a2a5ef7ffb55e0773a3d9bf0c3371f3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:05 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:23:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"90abd323c60749df30faf1a6cbdd074f"
x-cache
Miss from cloudfront
x-amz-version-id
GgbKIAMCH342T3cAwf1g27Xy4yB39NMo
cache-control
max-age=180
accept-ranges
bytes
content-type
application/json
content-length
1996
x-amz-cf-id
lZLfs20XL3HomDcl54df7_Yx54aDUulHPmZHAsMLivqFHB3OUJw8Fw==
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.58 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.thestar.com.my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 06 Dec 2021 06:12:04 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.thestar.com.my
t
t.lkqd.net/ Frame 6821 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.58 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Mon, 06 Dec 2021 06:12:04 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame C296 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_25214542.js
vpaid.springserve.com/production/ Frame 465A 		495 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_25214542.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 18:31:49 GMT
content-encoding
br
last-modified
Fri, 19 Nov 2021 18:30:16 GMT
server
AmazonS3
age
1424416
etag
W/"185feb14359001049d144410afbeaaa4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
65i9OzsXSBvWpQMKPE2U9IyOEXU02uZk5MBfuzfUaJbDL7U5Nq3yoA==
t
t.lkqd.net/ Frame 6821 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.58 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.thestar.com.my
date
Mon, 06 Dec 2021 06:12:04 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.58 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.thestar.com.my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 06 Dec 2021 06:12:04 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.thestar.com.my
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 465A 		961 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771123169,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c1fac49b08d43a9f724cadb02cd4611276727a01b05714671ef77cf961cf6d43

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:04 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.thestar.com.my
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
588
expires
Mon, 06 Dec 2021 06:12:04 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 465A 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.249.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-249-59.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com.my
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 465A 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
29e6df079ebc1c8a701aaf27c51e26663c6de2b2bed5c73a0e58193b0b4ec8c3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 06:12:04 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e6b58c0f-2daf-4de8-8b02-896c8a55839a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thestar.com.my
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 465A 		165 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
63fbe115b201544bed3184d36896bfaaebb06d398713abbd902dd7e0be5046a1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 06:12:04 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
bce00a08-ba14-4c59-bafa-71ddae2cb291
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thestar.com.my
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
165
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 465A 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
61f167192287cf9c01220d5a82b7cdc411bc3b736d893629554e0fdeaf431657
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 06:12:04 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
1e9601c6-fb5e-4c7c-97bf-cad026a61d47
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thestar.com.my
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame E550 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771123169,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:04 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3ECC 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771123169,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=81674
expires
Tue, 07 Dec 2021 04:53:18 GMT
date
Mon, 06 Dec 2021 06:12:04 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame E550 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0,1!vidoomy.com,56965,1,1638771123169,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:04 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81674
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Tue, 07 Dec 2021 04:53:18 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3ECC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24560831&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b12d2222994bc4c831cdb6365e92f51c65355dc78c7bc2474bb6d0e17bb79791

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1687
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame B9CB
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 06 Dec 2021 06:12:03 GMT
content-type
text/html; charset=utf-8
x-lat
amspug003:2:285
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Mon, 06 Dec 2021 06:12:04 GMT
server
_
sync
sync.srv.stackadapt.com/ Frame 3403 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 26B4
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=AsUOdrFD46YtLr4JN57cX72U
42 B
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=AsUOdrFD46YtLr4JN57cX72U
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 06 Dec 2021 06:12:03 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug008:0:414
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Mon, 06 Dec 2021 06:12:04 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=AsUOdrFD46YtLr4JN57cX72U
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame DF01 		0
0
dpe
ad4m.at/ad/ Frame C588 		15 B
915 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 06 Dec 2021 06:12:04 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b935c48080e3743-MXP
cookiesync
core.iprom.net/ Frame FD13 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Vary
Accept-Encoding
X-adserver-worker
avatar-fb330004f061@version_1.362v2
Connection
close
X-server-arch
v2
Content-Type
image/gif
Content-Length
43
X-core-time
0ms
Date
Mon, 06 Dec 2021 06:12:04 GMT
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 784B
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=37e80a71-60c0-4926-9e53-eee83481a070-tuct8a72f34&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
0
ids
idsync.frontend.weborama.fr/ Frame 3ECC
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2152235026
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3ECC
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e26dcc68-62b0-4c2f-b377-3b1eec83131c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e26dcc68-62b0-4c2f-b377-3b1eec83131c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 06:12:03 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:337
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e26dcc68-62b0-4c2f-b377-3b1eec83131c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 06 Dec 2021 06:12:04 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
getuid
secure.adnxs.com/ Frame 3ECC
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
0
0
d1ba4609
rtb.gumgum.com/getuid/ Frame 3ECC 		35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 06:12:04 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
698584_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 		99 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.thestar.com.my/Content/Audio/short-with-headline/698584_v1.mp3
Requested by
Host: www.thestar.com.my
URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
yTearghY9xmWfcOhksfZtlMdZcOvqrG7
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 04:23:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"86bc5078de1b41e60eeda80e74195171"
x-cache
Hit from cloudfront
content-type
audio/mpeg
Content-Range
bytes 0-217183/217184
cache-control
max-age=180
date
Mon, 06 Dec 2021 06:12:04 GMT
accept-ranges
bytes
Content-Length
217184
x-amz-cf-id
5YmiVPwfNLg3A_bqPzX5RjcnDoUrZaILWNj4t4jOs6xCW0-b7ZT_nQ==
698583.json
cdn.thestar.com.my/Content/Text/short-with-headline/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
dtm-drcn.platform.hicloud.com
URL
https://dtm-drcn.platform.hicloud.com/download/web/dtm.js?id=DTM-0a04ac057b0b120e817b0be7b3d42a84
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8091528906864552486
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8307701688978336294
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubZvbyCzXygWOSkM0579mDgmbPv_qIaVp4QkXYFaNusaej3906tqVFhJznYbQl2PAcnpNaGomgM1tzpRbf2pSPZU9Oj6rzpb00IU1aiZ1L708S9kex&sig=Cg0ArKJSzGMgq5aI1yNeEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=1690029205&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1638771116191&rpt=1650&isd=0&lsd=0&ec=0&met=ce&wmsd=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQNARALciwRkaP4Fxm6u4tNrQpzqUs1EWGG0d0SkVwL_kkCgt0RcTPshNzEameCWnN-hBHyOOWAQqL-zz6AszSwl_P1nmnIXwjOnOSFoxRTgq3kKRa&sig=Cg0ArKJSzDmur8MxtRwbEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=2034016349&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1638771117312&rpt=526&isd=0&lsd=0&ec=0&met=ce&wmsd=0
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8091528906864552486
Domain
a.audrte.com
URL
https://a.audrte.com/p
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8091528906864552486
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=11
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
match.taboola.com
URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=37e80a71-60c0-4926-9e53-eee83481a070-tuct8a72f34&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Domain
idsync.frontend.weborama.fr
URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Domain
cdn.thestar.com.my
URL
https://cdn.thestar.com.my/Content/Text/short-with-headline/698583.json?callback=jsonCallback698583&_=1638771114826

Verdicts & Comments Add Verdict or Comment

707 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| NREUM object| newrelic function| __nr_require object| dataLayer object| cX function| cxCCE_callQueueExecute object| cxTest function| $ function| jQuery function| ParselyFilterStory object| onLoadParselyFunctions object| onLoadParselyFunctionsWithList object| onLoadParselyFunctionsWithList_History_Trending boolean| isLoadParsely object| PARSELY object| IPv6 object| punycode object| SecondLevelDomains function| URI function| URITemplate function| moment function| postscribe function| Cookies function| Vue function| axios function| ResetFields function| FirefoxSearchBoxNoPadding function| EmailBoxFocused string| tsolTier01_mouseenter string| tsolTier02_mouseenter function| TSOLcarousel function| callPlayer function| GetGigyaContentCount function| parseXml function| MediaContainer4Items function| MediaContainer4Items_thumbnail_Click function| MediaContainer5Items function| MediaCarousel function| MediaCarouselNextPrevBtn function| PopulateMediaCarouselGallery function| PopulateMediaContainer5Items function| PopulateMediaContainer5ItemsOnClick function| RepopulateMediaContainer5ItemsDescription function| LatestGalleryTabbed function| ChangeCursorForLatestGalleriesTabbed function| ResetScrollPosition function| getUrlVars function| RearrangePaginationCss function| CategoryListingLeftRightButton function| MediaContainer_DynamicCaption_init function| CategoriesListing_init function| CategoriesListing_refresh function| PhotosSliderBox_init function| PhotosSliderBox_showItem function| PhotosSliderBox_nextItem function| VideoSliderBox_init function| VideoSliderBox_showItem function| VideoSliderBox_nextItem function| SectionSliderBox_init function| SectionSliderBox_showItem function| SectionSliderBox_nextItem number| min number| max function| increaseFontSize function| decreaseFontSize function| printpage function| sendemail object| AjaxComponents function| EndRequestHandler function| getIEVersion function| isThereBizPremiumSubscription function| validURL function| my_jquery string| pageType string| cxenseRandom object| FB string| KICKER_FREE_MARKUP string| KICKER_PREMIUM_MARKUP string| KICKER_LOCK_MARKUP string| KICKER_UNLOCK_MARKUP function| ValidURL function| isValidVideoSource function| GenerateMediaTag function| getMediaObj function| inlineImageReplacePath function| createCookie function| readCookie function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto function| obApi boolean| rmad number| viewid function| sasiajserver function| sascalcsize boolean| daxsubscriber boolean| isLogin object| tkValid string| sectionName function| pbjsChunk object| pbjs object| _pbjsGlobals object| googletag object| ggeac object| google_js_reporting_queue object| __twttrll object| twttr object| __twttr number| PREBID_TIMEOUT object| adUnits object| gptAdSlots number| responsive function| refreshBid function| trainParsely function| trainParselyStar2Stories string| WDMObject function| cpe string| IMAGE_URL object| Laravel function| migrateStorages function| cx_callQueueExecute function| cx_pollActivity function| cx_pollActiveTime function| cx_pollFragmentMessage boolean| __@@##MUH undefined| google_measure_js_timing undefined| cXJsonpCBkwua0d67v72s23hc function| cpeclient object| stockdata function| getParameterByName function| searchKeyPress function| post function| toggleDrop function| toggleSubDrop string| widgetId number| dcw number| dch string| leftPosition string| topPosition string| filename string| topicbar_html object| reqTB function| bookmarkStory object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| ptag function| trackStoryWhenCxenseDown function| checkCCEDownCookie string| ru undefined| href function| setCookie function| getCookie object| cx_widgetDataArticleDetails object| CCEAPIRequestArticleDetails object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| email string| story_id string| story_headline string| story_link string| story_section string| feedback_key function| feedback_get function| getRecaptchaV2 function| feedback_getV2 function| feedback_reset function| feedback_toggleEmail function| expireFeedback function| setFeedback boolean| _sTrackingAlreadyPresent object| _svc object| _svd function| topImages function| generateCookie function| getTimeStamp function| digitPad object| trendingNews object| recommendedNews string| nav_headline_html string| nav_interact_html function| affixSetup2 function| controlShareModal object| timer object| timerIncrementInt function| setDailymotionDLPushValues function| setDailymotionDLPushEvent function| dailymotionDLPush function| increment function| formatDate object| today string| year string| month string| day string| todaydate string| addthis_position function| loadTrendingWidget function| titleCase string| curUrl object| aParser string| newUrl object| listing object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater number| per_page object| firstLimit string| recommendedStories string| premiumSpan string| paywallSpan object| nextSet number| lastIndex string| fbmminTime string| fbmmaxTime object| fbmlastdone number| fbmprev number| fbmlow number| fbmhigh number| fbmylow number| fbmyhigh number| fbmminval number| fbmmaxval number| gain number| lose number| unchange number| untraded number| fbmlast string| time string| bizdate number| fbmchange number| fbmpercentchange string| fbmvolume object| chart object| activeData object| sidemarket function| GetCurrentSection function| GetCurrentSectionSubsection function| TryParseInt function| GetCurrentTag function| GetCurrentMeta string| strsection string| newsurl string| storynewsurl string| params undefined| tag undefined| sectionsubsection undefined| kickerUrl undefined| page_type undefined| ku undefined| keyword function| receiveMessage function| inlineNewsletter number| Brand_currentItem object| reqSP function| Brand_showItem function| Brand_nextItem function| getVouchers object| cx_widgetDataFooter object| CCEAPIRequestFooter function| loadsticky boolean| adblock function| replacePaywallLayout undefined| scriptData undefined| scriptData2 string| currentSite string| scriptTagline string| domain object| scripts object| recaptcha object| adbro object| globalBarConfig function| checkSubdomain function| changeTrackingValue function| loadBar object| moreLinks object| mainLinks boolean| loadGigya boolean| loadMsg string| msgSiteName string| msgShortUrl string| msgFullUrl string| tagline number| barInterval string| signinlink string| hru function| getCook string| username string| fbusername undefined| cookies function| delete_cookie function| logout object| rangetouch function| updateRangeProgress function| replaceAll function| formatPubdate function| formatTime function| getNews function| generatePlaylist object| lazySizesConfig object| lazySizes function| isMobile string| affixElement function| affixSetup function| recaptchaReset function| reset function| contactUs function| contactUs_v2 function| showHide function| noScroll function| getUrlParameter function| decodeURIComponentSafe string| firstPath string| firstPathJstr object| firstPathJObj object| homejObj number| scrollPos boolean| slickReady number| interval function| calcMargin function| setTrackingURL function| searchAdvanceClick object| _comscore function| addCookie function| checkCookie function| Anno function| AnnoButton function| userTour number| id string| title string| desc string| image_url string| pdf_url string| pdf_file_name string| download string| ga_event object| startDate object| endDate object| startDate2 object| endDate2 string| startDateStr string| endDateStr string| startDateStr2 string| endDateStr2 string| cookie_visits string| cookie_hide number| criteria_show_no number| cookie_visits_duration number| cookie_hide_duration number| cookie_close_duration number| show_form function| getflyinGlobals function| setflyinSettings function| setflyinUI function| getflyinDateStr function| SetCookieForAlertBox function| GetCookieForAlertBox function| validatePhonenumber function| gaTracking function| getLocationFromCxense function| downloadFile string| SmartechObject function| smartech function| cpeAsyncInit function| inlineStoryBoxP function| inlineStoryBoxBR function| inlineStoryBox function| isEmpty function| inlineAdPaging function| inlineRectAd function| inlineAd function| mobileUnderlayAd function| balloonAd function| pagingToURL function| trackInvol undefined| pageQueryString string| pagingcontrols string| lastPage function| trackOutboundLink object| regI object| regL object| regS object| regSw undefined| intRegex object| addthis_share object| addthis_config object| closure_lm_611072 string| html number| jqInterval function| abdro_init_function object| Handlebars object| tags object| location_cached object| ampInaboxIframes object| ampInaboxPendingMessages string| linkId function| udm_ object| ns_p object| COMSCORE object| smartech_wnconfig object| STAPI object| google_tag_manager boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL function| cpeapp object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| recordTier undefined| cXJsonpCBkwua0esvhk0df3h5 object| gainerData object| loserData function| loadActive function| loadGainer function| loadLoser string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL boolean| NCSBX string| NCSBX_UID object| NCSBX_UD object| parselyGuid object| parselyStories number| counter object| data boolean| loading object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks function| onYouTubeIframeAPIReady object| teadsscript object| gaplugins object| gaData function| admiral function| 4dm1r11545242527 string| dateStr object| CE2BH function| CE_URL_FINGERPRINT undefined| BOXX_CLIENT_ID object| webp_configuration object| configuration_map undefined| cXJsonpCBkwua0fb0lskw8d1i object| ube object| google_optimize object| teads object| lkqd number| time_interval object| adUnitsnative object| adUnits1 number| geopercent number| geoedge number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| residual number| refresh_andbeyond number| number number| refresh number| iframes string| home_country object| adunit_network function| getQueryString_val function| bidder_restrict function| encodenativeurl string| sitemainurlandbyeond undefined| andbeyondhttp object| andbeyondadrefresh object| myElementrtbtracker object| andbeyonddebug object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult object| block_url undefined| width undefined| height number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size9701status number| size9702status number| size9703status number| size9702501status number| size9702502status number| size1601status number| size1602status number| size1201status number| size1202status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status number| size4681status number| size4682status number| size4683status number| size4684status object| and_geo_block object| block_domain_creative object| label_adapter object| machine_rules number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy number| myVar number| randomval1 number| network1 number| network2 number| percent1 number| namemc number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| rtbpbjs object| activeadunit object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop boolean| idleStates object| idleTimers object| a9slots undefined| adUnitsfirst undefined| adUnitsvideo function| calcTime function| isInteger function| myTimer function| isVisible function| bidadjust1 function| refreshbidpageview function| andbeyonddisps function| addListenerMulti function| callback0 object| apstag object| debug boolean| apstagLOADED object| adloox_pubint object| ignore object| splitLink function| rtbpbjsChunk object| _rtbpbjsGlobals object| ADAGIO object| mnet number| refreshval number| number5 number| success number| timeflag string| idnew2 number| knew number| j number| newidflag string| vs3 number| nextactive number| nextpassive number| time_refreshunit number| nextnumber number| pos number| passivedivgptadMobileTSOLSPBTFMobileCard number| activedivgptadMobileTSOLSPBTFMobileCard number| time_refreshunitdivgptadMobileTSOLSPBTFMobileCard number| nextnumberdivgptadMobileTSOLSPBTFMobileCard number| newflag number| diff number| flagnewone number| passivedivgptadDesktopTSOLTechSPMidSTO number| activedivgptadDesktopTSOLTechSPMidSTO number| time_refreshunitdivgptadDesktopTSOLTechSPMidSTO number| nextnumberdivgptadDesktopTSOLTechSPMidSTO number| passivedivgptadDesktopTSOLTechSPATFMegalead number| activedivgptadDesktopTSOLTechSPATFMegalead number| time_refreshunitdivgptadDesktopTSOLTechSPATFMegalead number| nextnumberdivgptadDesktopTSOLTechSPATFMegalead number| passivedivgptad16109542102620 number| activedivgptad16109542102620 number| time_refreshunitdivgptad16109542102620 number| nextnumberdivgptad16109542102620 number| passivedivgptadDesktopTSOLTechSPMidOSV number| activedivgptadDesktopTSOLTechSPMidOSV number| time_refreshunitdivgptadDesktopTSOLTechSPMidOSV number| nextnumberdivgptadDesktopTSOLTechSPMidOSV number| passivedivgptadDesktopTSOLTechSPBTFLead number| activedivgptadDesktopTSOLTechSPBTFLead number| time_refreshunitdivgptadDesktopTSOLTechSPBTFLead number| nextnumberdivgptadDesktopTSOLTechSPBTFLead number| passivedivgptadDesktopTSOLTechSPMidSlider number| activedivgptadDesktopTSOLTechSPMidSlider number| time_refreshunitdivgptadDesktopTSOLTechSPMidSlider number| nextnumberdivgptadDesktopTSOLTechSPMidSlider number| passivedivgptadResponsiveTSOLTechSPATFRect number| activedivgptadResponsiveTSOLTechSPATFRect number| time_refreshunitdivgptadResponsiveTSOLTechSPATFRect number| nextnumberdivgptadResponsiveTSOLTechSPATFRect number| passivedivgptadResponsiveTSOLTechSPBTFRect number| activedivgptadResponsiveTSOLTechSPBTFRect number| time_refreshunitdivgptadResponsiveTSOLTechSPBTFRect number| nextnumberdivgptadResponsiveTSOLTechSPBTFRect number| passivedivchart number| activedivchart number| time_refreshunitdivchart number| nextnumberdivchart number| passivedivsidemarketv2 number| activedivsidemarketv2 number| time_refreshunitdivsidemarketv2 number| nextnumberdivsidemarketv2 number| passivedivgptadResponsiveTSOLTechSPATFMiniRect number| activedivgptadResponsiveTSOLTechSPATFMiniRect number| time_refreshunitdivgptadResponsiveTSOLTechSPATFMiniRect number| nextnumberdivgptadResponsiveTSOLTechSPATFMiniRect function| jsonCallback698585

95 Cookies

Domain/Path Name / Value
.thestar.com.my/ Name: cX_P
Value: kwua0d65tcvc6khu
www.thestar.com.my/ Name: outbrain_cid_fetch
Value: true
www.thestar.com.my/ Name: __atuvc
Value: 1%7C49
www.thestar.com.my/ Name: __atuvs
Value: 61ada9aa97d3d559000
.adnxs.com/ Name: uuid2
Value: 5730653417264827476
.doubleclick.net/ Name: IDE
Value: AHWqTUndEJ-G1Rcjzd3gfZwQWoDdVPKg0dVWUenKrweW63LavT3SaBjtEcOMLzXZwaw
www.thestar.com.my/ Name: the_star_session
Value: eyJpdiI6ImFoQnRQZ0g5QVh1dDVUM1wvTTJVSmdnPT0iLCJ2YWx1ZSI6IktHODZQSStKOEZPWDVNVk8zWDFLQXM2VWJuajlUODhqcFBRZHJNWWtsN3ZDckVoVnNZeHdjT1NSUHN5OUw4TWoiLCJtYWMiOiI2OTdhZjkyZWI0ZWJhMjJjYzc0ZmEyMDgzNjAyZGU2NzRmMTM0MzA0Y2ZhZDc1MWFlZDU0ZmExZTRjNmM1Mjk0In0%3D
.www.thestar.com.my/ Name: visited_stories
Value: ["698637"]
sites.thestar.com.my/ Name: ASP.NET_SessionId
Value: vhq2jzm2pzbm53ywmzbm1rnq
.thestar.com.my/ Name: cX_S
Value: kwua0ekvmde7qsuz
.thestar.com.my/ Name: __gads
Value: ID=4b2b8571e11bbc64:T=1638771116:S=ALNI_MZqPPSuvduG-ieOP3kDhD52q0TubQ
.scorecardresearch.com/ Name: UID
Value: 16QTHFKPGBZFFCSXDXOU0Ng1638771117
.addthis.com/ Name: uvc
Value: 1%7C49
.bidswitch.net/ Name: tuuid
Value: 19cf3904-7da7-4e6a-9c07-027de25f2f9d
.bidswitch.net/ Name: c
Value: 1638771117
.bidswitch.net/ Name: tuuid_lu
Value: 1638771117
ads.stickyadstv.com/ Name: UID
Value: ef3edd5b342dbc4b5fbe9c93c6c2eda9
ads.stickyadstv.com/ Name: sessionId
Value: ba9f63d992f4cf82832e69fdc84bdb0
.spotxchange.com/ Name: audience
Value: 6ab9ac7d-565b-11ec-ac5a-19bfd3920506
.adbro.me/ Name: uid
Value: 51f11b87-2564-4ece-8d79-5161e1520e0f
.cxense.com/ Name: cX_T
Value: kwua0ezeow1fcy6i
.addthis.com/ Name: loc
Value: MDAwMDBFVUdCMDAyMzU4MTc1NjAzNDAwMDBDSA==
www.thestar.com.my/ Name: __sts
Value: {"sid":1638771117548,"tx":1638771117548,"url":"https%3A%2F%2Fwww.thestar.com.my%2Ftech%2Ftech-news%2F2021%2F12%2F06%2Fap-source-nso-group-spyware-used-to-hack-us-state-department-employees","pet":1638771117548,"set":1638771117548}
www.thestar.com.my/ Name: __stp
Value: {"visit":"new","uuid":"f9bb9ce6-cca3-47ca-b943-7a3f5074d381"}
.thestar.com.my/ Name: _ga_3HWDM68GV8
Value: GS1.1.1638771117.1.0.1638771117.60
.thestar.com.my/ Name: _ga
Value: GA1.3.960081315.1638771116
.thestar.com.my/ Name: _gid
Value: GA1.3.692849206.1638771118
www.thestar.com.my/ Name: __stgeo
Value: "0"
.thestar.com.my/ Name: _fbp
Value: fb.2.1638771117985.69696707
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjE5Y2YzOTA0LTdkYTctNGU2YS05YzA3LTAyN2RlMjVmMmY5ZCIsImV4cGlyZXMiOjE2NDEzNjMxMTd9LCJDRU4iOnsidWlkIjoibm8tY29uc2VudCIsImV4cGlyZXMiOjE2NDEzNjMxMTd9fX0=
.thestar.com.my/ Name: _gat
Value: 1
.thestar.com.my/ Name: _gat_adbroGA
Value: 1
.facebook.com/ Name: fr
Value: 0BuR4cL3VRcg1vm7Y..Bhramu...1.0.Bhramu.
.cxense.com/ Name: gckp
Value: 1hazdxoqkzt403u7b05skrrw7r
.thestar.com.my/ Name: cX_G
Value: cx%3A381ocwryrxf4i379o2ykoi6n1q%3A3qkzwnvhwdok4
www.thestar.com.my/ Name: __stdf
Value: 0
.turn.com/ Name: uid
Value: 8091528906864552486
.doubleclick.net/ Name: DSID
Value: NO_DATA
ads.stickyadstv.com/ Name: pxId
Value: 7169
.adnxs.com/ Name: icu
Value: ChgIjPdGEAoYAiACKAIwrNO2jQY4AkACSAIKGAjV03UQChgBIAEoATCw07aNBjgBQAFIARCw07aNBhgC
.advertising.com/ Name: APID
Value: UP6c5cb458-565b-11ec-84d2-0634bd7286aa
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Ya2psAAJ8VHN5gBG
.yahoo.com/ Name: APID
Value: UP6c5cb458-565b-11ec-84d2-0634bd7286aa
.yahoo.com/ Name: APIDTS
Value: 1638771120
.yahoo.com/ Name: A3
Value: d=AQABBK2prWECENsoJ1iHJ9njwroeEb0p6k0FEgEBAQH7rmG3YQAAAAAA_eMAAA&S=AQAAAg0hgcsw1nDzAoAi-qquR1Y
.adsrvr.org/ Name: TDID
Value: e285ef8b-5e81-4a7f-870d-b84e8a25eed6
.pubmatic.com/ Name: KADUSERCOOKIE
Value: EA7908DC-5DCE-4164-90E2-E0E45F8D6F1E
.quantserve.com/ Name: d
Value: EJYBCwHyJPijAA
.quantserve.com/ Name: mc
Value: 61ada9b0-97c7b-8d939-b87a9
.onaudience.com/ Name: cookie
Value: 40499490e0bb9338
.onaudience.com/ Name: done_redirects161
Value: 1
.mathtag.com/ Name: uuid
Value: b79461ad-a9b0-4300-aab3-5ca03af527c9
.simpli.fi/ Name: suid
Value: EE8C314252B342B9A6E387BF2739D581
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid2
Value: 1.840177843997574231
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-e285ef8b-5e81-4a7f-870d-b84e8a25eed6&KRTB&22918-e285ef8b-5e81-4a7f-870d-b84e8a25eed6&KRTB&23031-e285ef8b-5e81-4a7f-870d-b84e8a25eed6
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5730653417264827476
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEAnYXlLffKYajWQVTldrXSc&KRTB&16514-CAESEAnYXlLffKYajWQVTldrXSc&KRTB&23025-CAESEAnYXlLffKYajWQVTldrXSc
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-7mfPC7lvzF_1b5kM7zSDV7xvnVb1NJZYuW-3mTQE&KRTB&19420-7mfPC7lvzF_1b5kM7zSDV7xvnVb1NJZYuW-3mTQE&KRTB&22979-7mfPC7lvzF_1b5kM7zSDV7xvnVb1NJZYuW-3mTQE
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:4bb461ad-a9b0-4000-bc07-3ef084bfca61&KRTB&16736-uid:4bb461ad-a9b0-4000-bc07-3ef084bfca61&KRTB&23019-uid:4bb461ad-a9b0-4000-bc07-3ef084bfca61&KRTB&23114-uid:4bb461ad-a9b0-4000-bc07-3ef084bfca61
.adform.net/ Name: uid
Value: 2674289048740814321
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6172238121245427292&KRTB&23263-6172238121245427292
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-840177843997574231
.exelator.com/ Name: EE
Value: "4c9710421393ae29e44292a43225ce3d"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEk2dLc0MDEyNDY0jgx1cgy1cTEyNIo0cTYyMg0OdU4ZXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvoid6fFRSlpDItKik8F7zuuDwA10ilY"
.pubmatic.com/ Name: pp
Value: 156498
.pubmatic.com/ Name: PMDTSHR
Value: cat:
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: DPSync3
Value: 1639958400%3A227_235_219_201_197_221_226%7C1638835200%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1639353600%3A2_15_223%7C1639958400%3A220_13_21_166_161_56_8_71_22_55_99_7_54_3%7C1641340800%3A203%7C1639612800%3A63%7C1640044800%3A35
.analytics.yahoo.com/ Name: IDSYNC
Value: "187s~21xi:1776~21xi:18z8~21xi"
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Ya2psAAJ8VHN5gBG&KRTB&22978-Ya2psAAJ8VHN5gBG&KRTB&23194-Ya2psAAJ8VHN5gBG&KRTB&23209-Ya2psAAJ8VHN5gBG
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.pubmatic.com/ Name: SPugT
Value: 1638771120
.fiftyt.com/ Name: fifid
Value: 5b85a64a-244a-4b7c-7b9f-900ccc6d2499
.fiftyt.com/ Name: cs
Value: MTYzODc3MTEyMXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fF-z2PPjpCGJlf0lUj8xVSJ-mD0kgM8CLZsRtKJeJy9Y
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8091528906864552486
.adfarm1.adition.com/ Name: UserID1
Value: 7038468370331793563
.fiftyt.com/ Name: fppm
Value: 20211206061201
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiMjP2Qq6KcOhAFGAEgASgCMgsImsHExsGinDoQBTgBWgthZGNvbmR1Y3RvcmAC
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7038468370331793563
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0e81ab6f-b500-4832-a367-d889d89eb94e-003%22%7D
.semasio.net/ Name: SEUNCY
Value: 66814F14633FBCAA
.bidr.io/ Name: bito
Value: AAfgaU7DW1MAAB-v6DCPLQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.zeotap.com/ Name: zc
Value: 9ddc22fa-6ea9-4e04-6c2b-8be5ded8b50c
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0e81ab6f-b500-4832-a367-d889d89eb94e-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-0e81ab6f-b500-4832-a367-d889d89eb94e-003
event.clientgear.com/ Name: mkuuid
Value: mkb9995cf5-30b2-4ee5-a9ef-72dad1ca4b52
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-19cf3904-7da7-4e6a-9c07-027de25f2f9d
.pubmatic.com/ Name: PugT
Value: 1638771121
.audrte.com/ Name: arcki2
Value: 516Wh3gfu6OQIuFzU22-p3n5g!20210804!1638771121667
.thestar.com.my/ Name: _awl
Value: 3.1638771123.0.4-377b1927-bb2edf939f83c00a4c2aec882bb8432f-6763652d6575726f70652d7765737431-61ada9b3-0
.adaptv.advertising.com/ Name: migrated2y
Value: "1"

5 Console Messages

Source Level URL
Text
deprecation warning URL: https://www.thestar.com.my/tech/tech-news/2021/12/06/ap-source-nso-group-spyware-used-to-hack-us-state-department-employees(Line 9)
Message:
Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
security error URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/7762759255349788672/index.html".
security error URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/8041232346273284096/index.html".
security error URL: https://c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/261053816168775680/index.html".
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4cywq-eqnre.ads.tremorhub.com
52a360d4000447a08efd7617080680a9.js.ubembed.com
a.audrte.com
a.teads.tv
a.vidoomy.com
ad.lkqd.net
ad.turn.com
ad4m.at
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.co.uk
adservice.google.com
adx.adform.net
ajax.googleapis.com
aktrack.pubmatic.com
amplify.outbrain.com
analytics.google.com
api.cxense.com
api.dmcdn.net
api.pxl.dailymotion.com
apicms.thestar.com.my
apis.adbro.me
assets-tracking.crazyegg.com
assets.ubembed.com
aud.pubmatic.com
c.amazon-adsystem.com
c1.adform.net
c9785ada00ff4658f99543aaba6c90ea.safeframe.googlesyndication.com
cdn.adbro.me
cdn.cxense.com
cdn.jsdelivr.net
cdn.thestar.com.my
cdndc.netcoresmartech.com
cdnjs.cloudflare.com
cdnt.netcoresmartech.com
cm.adgrx.com
cm.g.doubleclick.net
comcluster.cxense.com
connect.facebook.net
core.iprom.net
cs.lkqd.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dtm-drcn.platform.hicloud.com
e66e4ff9650e16c05403fc85f0686c39.safeframe.googlesyndication.com
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
global.cloud.netacuity.com
googleads.g.doubleclick.net
green.erne.co
handyfireman.com
ib.adnxs.com
id.cxense.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
j93557g.com
js.boxx.ai
loada.exelator.com
log.outbrainimg.com
m.addthis.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
mcdp-chidc2.outbrain.com
mwzeom.zeotap.com
odb.outbrain.com
osjs.netcoresmartech.com
p.adlooxtracking.com
p1cluster.cxense.com
pagead2.googlesyndication.com
pagestates-tracking.crazyegg.com
pebed.dm-event.net
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
platform.twitter.com
pr-bh.ybp.yahoo.com
psegment.netcoresmartech.com
pubmatic-match.dotomi.com
rtb.gumgum.com
rtbpass-us.andbeyond.media
rumcdn.geoedge.be
s3-ap-southeast-1.amazonaws.com
s3.ap-southeast-1.amazonaws.com
s7.addthis.com
s8t.teads.tv
sb.scorecardresearch.com
scdn.cxense.com
script.crazyegg.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sites.thestar.com.my
static.adsafeprotected.com
stats.g.doubleclick.net
stg.vidoomy.com
survey.survicate.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
syndication.twitter.com
t.lkqd.net
t.teads.tv
tag.adbro.me
tcheck.outbrainimg.com
tpc.googlesyndication.com
tr.outbrain.com
tracking.crazyegg.com
tw.netcore.co.in
twa.netcoresmartech.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
v.lkqd.net
v1.addthisedge.com
vid-io-cle.springserve.com
vid.pubmatic.com
visitor.fiftyt.com
vpaid.pubmatic.com
vpaid.springserve.com
widget-pixels.outbrain.com
widgets.outbrain.com
wrappers.geoedge.be
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.thestar.com.my
x.bidswitch.net
z.moatads.com
a.audrte.com
cdn.thestar.com.my
cm.adgrx.com
cs.lkqd.net
dtm-drcn.platform.hicloud.com
idsync.frontend.weborama.fr
match.taboola.com
pagead2.googlesyndication.com
s7.addthis.com
secure.adnxs.com
sync.srv.stackadapt.com
t.lkqd.net
104.244.42.72
104.75.88.126
116.202.80.165
13.228.188.75
13.232.101.246
13.235.123.107
13.32.22.15
13.32.22.18
13.32.29.201
13.35.253.27
13.35.253.28
13.35.253.81
142.250.184.226
142.250.185.194
146.20.128.58
146.20.132.73
147.75.85.120
151.101.114.132
151.101.129.131
151.101.130.49
151.139.128.11
159.65.197.210
169.50.137.182
178.250.2.151
178.79.242.16
18.195.249.59
18.196.195.54
185.29.132.241
185.64.189.110
185.64.189.111
185.64.189.229
185.94.180.126
188.65.124.59
188.65.124.90
195.5.165.20
198.47.127.19
198.47.127.20
2.18.232.28
2.18.232.7
2.18.233.180
2.18.234.190
2.18.234.233
2.18.235.40
2001:678:cb4:bbbb::11
213.155.156.183
213.19.147.45
23.88.75.186
2600:1f18:612b:4264:7919:d06d:12c8:6304
2600:9000:2057:4e00:2:d490:4d80:93a1
2600:9000:2057:c000:9:a948:8e80:93a1
2600:9000:206f:a800:15:6f6c:b180:93a1
2600:9000:206f:b200:4:b37b:9440:93a1
2600:9000:211e:6600:8:48e:53c0:93a1
2600:9000:211e:e00:1c:47d:4bc0:93a1
2606:4700:10::6816:1957
2606:4700:10::6816:30fd
2606:4700:20::681a:ad1
2606:4700::6810:135e
2606:4700::6810:5614
2606:4700::6813:9408
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1450:4001:801::2002
2a00:1450:4001:802::200a
2a00:1450:4001:803::2003
2a00:1450:4001:803::200a
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:813::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c0a::9a
2a02:26f0:6c00:191::26e5
2a02:26f0:6c00:2a7::268b
2a02:26f0:6c00:2bf::268b
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:ba11
2a02:fa8:8806:20::2010
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3605:15eb:8f8e:fe0:229e
2a0b:4d07:1::1
3.122.218.60
3.126.56.137
3.129.250.65
3.19.190.206
34.107.231.31
34.249.212.247
34.254.122.11
34.254.143.3
35.157.241.218
35.186.249.84
35.190.74.49
35.201.96.126
37.157.3.30
37.157.6.252
37.252.173.38
47.252.78.131
51.210.112.236
52.219.128.62
52.219.133.34
52.223.40.198
52.49.172.98
52.57.42.190
54.77.6.213
64.202.112.159
64.74.236.159
65.9.68.115
65.9.68.42
66.155.71.25
69.16.175.42
77.243.60.138
85.114.159.118
93.184.220.66
94.23.171.206
95.101.27.33
99.83.189.147
002426618e1fdc3faa18dcf7a2ac38acbde5120e5b36d4c7d6e881bb81d89d16
022c0c3e793765c1cc44c0eb447d60003619b8c4c7f7fdb177d72388923d4c47
047b2010d498213bc9246a93ba819dda53a216bf764ad9b5ee2e5ae471bff3df
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
073871c472b0faf53307aa60ce6020d7f82a4a695d2caee068f606baa7951be8
07f7e650aef8a01dccceb4a6d976e651b6b7d9b97303d27d79a0d59bf97c0804
081d444de733f8f3e5a1fa79b128371245ed03613029cba549a07bbac5c07ecf
08fac54032735fe70e378a797b3136a392ee3634926ea4de66e6615ece695f03
091bffc74d80325dfeda3fd6d7cfa7345e4c05475683bba43288e71b976b9097
0978bb7b7c480487d82fd4404aa23e735b3be91bca39ad2534678d56a2a02278
09d11d3640cd3e096fb70ff1e58656656ad6b6bbfd6d69f8309f17dfaaa344fe
0c679e0b86729bc2dcab3c8a082733241b3b9247944a9818db66eab3b3a35e60
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0cc774c9edcfacef32f5d7401c7e74d7e601de7e6a977a0a8d0b1667341cc62d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
122e0de24633a9fa3d0668b02f8ff785df8f58990d3d263b955d967a9542c682
129c8ac5179f898c419b8b4e1d90519b2a95a591b1d448fccc50a6671917334f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
179852524d78ae73e90fa8355d8a993306eae0d7a82ead38154e69e96cc26037
179dec9f7352b27e62103bc67176c10c2f03e62309004351bfb65b5315ddc758
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b337ee06c0e848fe74da72c0315aeb97849bf74282d08763fb5e59a7f2b8202
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c5d613b8ef978ba3ebfe0679c291d1ea29c24849b6ad544b6524e60e964bcbb
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d37796367c1efe3a6e12b6a116633f26f975ba5373b0255fcb8a02d6c0f4b36
1f57fd156baf8033aae75575c0a2df76fe6205d94aeeee52582909771a22330f
209523352731baeb2c1dc15e5e7a6cbb36b3a502a06f6c65f7a92d3fa77644e0
21c0a1fe3c300bb4c792452fdea10a110a2a5ef7ffb55e0773a3d9bf0c3371f3
21e36ae794cf514a7c6485939b9a4cfadee4583035f104952be19f6bde15b84a
232f0a276bc994b2c495f3616b71816bfbf1f8da4c1e007e1e8e07246ef73621
23e11f5b0c3750f8e72b2fb7ff40dbf55c054bf90d4c8d60a55501f602b5eddc
249491720598f893eed99f05872f325bf73976054034f2ef607a6456f8b00e0a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
270c56cdecd7bd45eb74a011b460b48fb1b068cc527fa8dc8581cd03b8fb3e7e
280e4dbbd93e9e2bd2b293700d3590e2b492c7b805087665f20d9b0195713ec7
28a1bd8dcec5534f8c6e060ae3f5599ca8183248356f4115a2b499a892b70cf5
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
29e6df079ebc1c8a701aaf27c51e26663c6de2b2bed5c73a0e58193b0b4ec8c3
2a1ac7ba856a43cf71b7cc3657ec9766bf8779d370f2f36b140aa0d3eff755af
2a39337477e6517ba860468256878100735c32f2c10023e05ec547e00b5a3fa6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b3188194dd55d8784117eb05af34e23ba99afdc63d9cd4d50ed6a590f6f979c
2b99d7da83110b09c1b9d952a13835c84318995ba10b61d5c18a9b70d96c5cf5
2c6d547393eef26e0d42f8dfede54cfc7b634de58b2259291927aad6b48ecfd6
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2ea3631e4df491b93c574d3863a4b2ba9728392c7f1b702e28bd4eee5abb2aae
2eb3b837a4e3ecb73de5a872cdc5cf0516b47aa991519e92acebe6c178b23316
3117a7ba625ae0dd6868ae3b835180238def98ec3386d8ea7ef152245b55e742
312c28970d8ec18847bf606ff754a2389d85cb08f62972c6296dd20600ffbef2
312ccabde69942b8c1f22893e7a20c9fa6e7af20a95903a8034f19e7b4dddea6
316344e85419e921d1f7f7f5e846f8081e17b2da631e24ee1a9dba4d544fddb1
326f46040295b7bed5241d373bdb5f58d097ca13fac9f6337964357a082c2a35
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
362a427be5650fe06b6226baa3a95bacf5288caaccf9bb64922babb96b363c85
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37ded0b4eb56a3a29160e59249c93bc9a73e47f5dc62678b2c696fbda31b35c8
38d6fd28cc1afe32bbc91d8612db70dc990616fc78e1c8e09653169547534085
39259f689de4a4b42fe99ce88884ca2d525ccca82c0c7d99e7ab8f900bd24196
3927ded96fc064b744009d5f1d0cbb5e64e7279b972428967a0f0038f558bde8
3a1a5eab94a09501c2ad8e7927a34690cdbb6c56c181a3e28c54f60643b73a1a
3c080360ae620ced973c2d0da05a920661d78b5dd5aaac6e0eb7a1f1e0b579b8
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d0183bdacfc8e0bfba4b0c8150db35953bfc1b94c14d2946e075b9ae1e0626a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e904f4815baada34656973f1043e230bb0f363ed65fb919cf2120a034875560
3eae04d2bcf8165655a2d164bfaf44ed72b38bef84aefa1f477c273ee3cefced
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
402f77a98964e0b600f97d53bb43a7fcf72d6b32d6efbe3f64704fa2fa25044c
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42ba00577dd09005be874a620fec2c0c9bef0a72ccf4ae82337f8fbb1de0a7ac
443c99709775a9adc404bab4873ab8dc0cc51fcec7427c36b1981f596345a0de
447959fa8f2267084e2f71c05230909045322d252f330090c4ad38d588cc40eb
451fd516e30a2c9f8540ea8147bf0562674750839aa967147189fa7d3cae22c0
452401583c42f3b8f6992ed4d1a1c21b8c34d9b1d3475e2f7bfe09009c5e482c
4558e3a35886ed9f6e0d9242230ffbe9f795276478c9580daeed4124373ac823
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
465b31f84196ddfdd21c859a1460c95d70093d91e3ae5ce5c688c398b9dc20f7
47269f8f454fbfd295cbae0bc19f51ba58c6a1511f4f7265f273b2fd912484f3
478474c1dae8dda2ab356c2ad6acc7dbf5dd8fc4f6d0ff749f30d02ebe2c828c
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ac09a266fc228ccfeda054bc051dba4c85b49194143bf231e618d0a3f977f1b
4b01a61def7571cb496c04a29c430236325c6bcd29332a66b88b5511763c20e0
4b168d8ab3c74c1db0643f47177895b9f37dacf4410dead91356532edfba2d42
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
4b8ada87f6e9500e167b6afbc808f611d85788ae0b1119f75c5e2a3939480b04
4bf4a9bd526fe56f0c1f728a46defffe19897d8fc49ed811d10ac3f208007c2c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e163f1565c5ee237a76d40f0fc202d38a7042bb1f5d05ce980e202c225e3b1f
4e836cc5611e71fad7ca8b19324773a34afbad72550c012e50b83698262d6c50
50360fc5240c58c1d68b03464016bf506fafea5ea84fb30aab089146518286f1
505229b34a2c40ebb0a5ea16c9ffa4fe2f2fcd693404f886de2ed6b9415bc2b8
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
50ddda48f6ff21a6c82903cabdda3e19adffcb734dc7c352d26234daa4470139
510e6b176fac7f9500c599078eeed7cf9a0e11982f5df02e35e0a452e02a543f
5150dc4a5f7d50db58294826f36cb09c1c049415fb8a217b5179c0906efbf48c
520b16a4f232dc9ba5cdf6f4cdf27cb8f79e912c01ec5c04bdfa30a1f71b289c
528c628dbd031227f5c18079f4a56caffb9ff2b9308fe64d7464d0211f5374f6
52ece501443953c801a84e7db80916af9c1c73e6d43d53dd2b953751bc616a26
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
541a3dc0398db2cf2abef9f02a737882b36324a8123794996fc107979dda76ff
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0
5679829f522dc480fb97c0936ebf61581c20795cad12c388c6928e43e21066db
57b4a8736adf73f8686e12a5dc8b5b446c57168d97d0fd8f1ef1c840542d3d43
581d112a7789f6e30155b07829fa624e8b8c29297e498c2958465d554b5d8b58
581e25592a67045516265f84c02caa0310999ac85b8330fdcdc79f363b33611f
5888670b50e62007a52bce7ce7feaf0f10f354b21656581fd23b3dc4b0093731
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b08e6c2a6d110648a9c41b88b373b187f8565ebccb7a785d1f8aaffe49e9e19
5d797c71899cef8ef8d2a2063231a4cf9bc146dcd6922993355a726d34a1fa2f
5d8ca5e5aebcd111d7a89f30cda69803f7a817c6d776998e9e568e36dccfaff1
5dba87a8fb4f04053dbcd51b2869e96162fcb820cb58bd90377b07f759fa8e35
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
6048ecd86ef752631fa45c1f33db4a6c6eac3689774b436266d9a433e7604050
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
61a9a4924579af06533a09ad0072612a6bcc4e69e54349a53fdb2d081cc8d81d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d0e86849b6dabf198e30c022f56b838137807ac8429f6caf0a9bd844cfa126
61f167192287cf9c01220d5a82b7cdc411bc3b736d893629554e0fdeaf431657
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
6277bfdfd016fc40380bbccc4c0235c68a3308db77593fbfd9ede1736cb8f456
63fbe115b201544bed3184d36896bfaaebb06d398713abbd902dd7e0be5046a1
64e2027cfa89bd33663a465bbae111e5a4cb253ba68406ce689d3307f25f79c5
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
663ab3f00bf72950de2d95107b96498fdf6e00b040e3749155996fdce8790c17
6730e2dc065ea4a645d075baee29915d96a90c17a8f72e6764b9641c8e166f21
682dba44c5ce490546c57b50fd2946e1128db030c6500e12fe02f188d39f4ada
68af7f7aee4d567b6795b63bd542fb1db8dbc0159b72d406c0586fc1b950804d
68c3532442a503d298666c3642cf13b54a841f302565ea0c8939771a9375497a
69b39b769a35b7575db31a2a73151c20a3fc7df2eca7ed00d719e47e41531bbf
6a91b6405fab5846141aeecc5bdb09ee073a1b5e696b6c7ae7cf5b92ade8b767
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bcc613069b43acb016f817d716e9df3a3ca6b4f93dbeec17c4729b708805207
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6d23794fa9865f81e47215bfd906f6f5cc3851623992a34352e76ca3905e4fce
6de5f10ccef7544ae2724a6baaf888e54031959cd40e133126d64fc913a005fa
6df2b3acd9ea4840aae415eff31d7504ffd5cd1735b8cbc0cd7ffc3b3429bbda
6f2d79e83c8e873bf5c9ca48819c3bf85ac03659ab34764ca0857c60e0b23e27
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72885c7b721704e236e38ed9af84078e146c7156c2ff91bceac0b47ee77f71a0
73608d747033f761814591dae199f31e11b93d338c4f7dd4f0ce68199c7a5bcc
739055135bbf490ef9967201e81e84a8917bfa8dbdac6c7022fff950bfb47917
73eaef684ed4118dad4828f6c72ab096d28e9f4629540ef0f0695e0bed57c854
74059d8123198fcfc5ca7622fcd47d6077d1dff573b36bd37bd92bc57298f828
740e76e642e714e163854ee71b809f2d48c201af9dd60b48793c467bae1d3f30
7492227263c88aed04de04ba81b411844b8301ced1bec61a2c273886ea20ad9b
76a1a95498b18eb98ae2b90d764cce5e025f185f9d5b42b89b8428c4fa59010f
76ad0e3d81d44aad912b8dd9a1aa81a76e1c5c501ca3a6aba6d7bc520f42240c
7801e6d6dfe4bb0739f38b4a875eedd3caeb86fd83907d6e8a9f840ea1253d9f
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c
78f762df6a12431120bc192dd5e8918aa1f9e025602f1819101663df62e17313
79c97d4c0c9a85281c12061d93149696a76eeffdcc1de3475c5c1bfdffb7beb9
7a483bd0d2cc78f9d8bb5ac4dc658f12cdbd17d7a60692bc7d9f2674f126e52d
7a8d9deb2f6c627e8dcdebfe454788b84c8b80d2fc6f8d1c5c6d3145921956ca
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7c192c4ae04c34ef69988daef84fb7daa3a8a427c68a7bea5bc001d7c8d24f05
7c4ea21aa9230e2365c82ceb7f2bbb00d18f0ebb1412a6bc66a8c71323e1c8b0
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7dc797fac05f08e013f8297cf74c5c6f44d5f18547a73bb72e558b342f373fbf
7de3f1a983828e0c49ec9029ba50d9062f22dff8ad52f5aebf879c92f9b29647
7de862c78c063457dd1efecec6a0e18a101a1f1c6004ab1ee5e4a47fb30ad70d
7df08ea48bfba8931db949e335892074fbb5c5f947c4b9d7a2cf84174ca78019
7e78e48d0030ee8f1bb143e6bed1e23831aa407edc7f1f5def849ebce11a3b7c
8221ceca59482880db172a9978526d9dd2a894a8c918232d4ddfe8989892495b
824108d6942edfd5d4eb473c8fb180227e21f6c8c6e9590579d2e6371091eaa2
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839891fc3b87451fb81530b4e017cc54e7c87ec5cfc60808ab178e040856419e
83fdcf272f1b3595e9fb6ff516c1d97f525ba9bdb405f1d1396111ea21f2fa20
8536bfd44d07e09e4ecc22ed8d9702397a7531cc791fc4016341fd062874681f
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8597db7efbef8186fac76961e1cf228c399c2169cca2c1e80f4dc4ea032caf17
871ff658d9767aa340756d6c5fa46759091ca65abc2071c3f3381cd0b09954de
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
884a358cb1a3cef55436d7c98ed0e0414cdc93e8333d32c09d3ac44c7f91840f
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89c9421ac39490aa9d49852dea53fd6bae0f07639ed1d50b3879b4299e64ca43
8b419e3880844b388be6e5741bfba63db8a32da77ebf64237a86e1dcdbb86fa2
8b8ac00d726753ee65f6a7f48408ee7e49fca76c9bb11d658812f48118ad36cc
8c6f45467304d598dd713c1f2efae51dec6b7a5cf1b0a4c1dd7fb19f91a1a9b0
8cc16df9139267030b4faab035b18687532f0534b2bd244357cdc92ade62c7d8
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8f3638a07274186824d584038c798c850e3f3229223e79346461b1595db501c6
8fb6a3fed795d18c97e59795ac6fe8f7d4ad804e2844b9129d562d94b06f04fe
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
90767ecb25166ad6de23d6c3c47369b320bc0800c2c52cd814cc49043eb9ecf7
909a359f2b9645b7bbc478fb7ee65b55debacc6d65d3652460a89f61da4f3da1
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
93afa92de30a5d84cd576634093d2a031e4fce3abe47d2114f061b779bdf12cd
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
953e3226dbc68321a97a1706e9c13c0fb59dc08b25a6471ea3b98e4f7a40025e
95c99406ed917af33a051c1dfb42b552dc255d1e1a84db2c63911aae9ed8dfee
96594a5870fb25c08fae392cc11b5efef3748685e976288ad9eaf519342ec33f
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
978b1153b68636a7a174eebaf2eaa694b324794c24b125504d4fe66925d6e453
97e01e9c8f9a09704caddeccf0ed2e5bd2df7992ebd7c6b62b6b8860e97176d1
9813aea4d8e474ca65b60cd225fcf0f3bda9684e570c2408626147a588e8a72b
9868fb532b076c8c0ccd10e76ca31cd0baf006b9abf0580d8c40cc08c5d4af20
98fd6d37a4d49e1651aedf49857bb021f6c61058c262aa01ed2444d3f81c5f39
998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a59c5e5bf506c979d9baf8521375edc46c510007ea428f877717bdf90a81528
9ade6964320289bb8e3ff358f771feaa8c5802b61ede8685d8678e11c0eacbf5
9b698821cb8ad51c19ae43cdc91d3fa37b0d1edc1c12a7ba1d0b940b5986c778
9c9dae92462a144ca993bb391d5958d74dfaf4321604a5ebbe98f7c42aba5f6e
9cb5adefe61a0fa79740f02d47d47a561bb05a7b9b0a553b75aa8267d72c98f0
9de09574b3b0c74b29652aa2b38db155ce59c20c765b4a515429c6934f2c3a36
9efee46369fbd12a860cb46e422648e616c076cd46f37f2afc3829426269a7d8
9f878be7310ae8c9cb0334970d5a3ae14b0b4418374b8e73316756fc6abd1feb
9fc10a0177174d74db7bda54fb15df5935ec60190569404b117540893591b1cc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a27cf029356c4c26244522c419c54964a8c99be53c901ac04ae7d55ce3576ce7
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50093685096b42c151027bf72fe769a2655bef6d24024d165900fb53ca5bd86
a684a7fead41f8763e01290db33ff62ce49ea93e849c65a8e1bb0260b91f991a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a739cc97a54df824e12fc75392160360e56e55f623a445f99fa26108fa84e6fb
a73b7af07e739f75e57f3b3a8925f73c8ea24e7c0cb92bae0f38408229e5f39c
a81534ccf81d8b26a26b07b3a7335dc583d7a0fdde639ef2dc768a1aa1799d25
a8a4b47fdb7fbbf9085c9b3db2716c83605cdda0c323406a61169a13c92b1b50
a931addb76b88ba9180fc266b4656eea02090c1f642c4b3081c5c833775848e6
aa6226cb013c006ba243f8c4161a9b2954024a784c0c665fafa50ddd2b72d56d
acc7aa7159635dd9eab73254844a50eaa96dc1e212d84b8467c4369a265d3b81
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af8a3016fff1c36a33b05503191bfeaed7bec54216d46c9eafec6d09ae9e1a42
afef52ff47e49036406cb4cd0c8ab14c8fbd68bcebef8269c1442413cebef502
b000baee5b2289f2dd58d1e39e06d15c97b5b7b6b3cb6e17a5c536cfd975e8a4
b09cf331a7fe109687ce1477d0a3a62540207f298748676cefe505b1bd6977e3
b12d2222994bc4c831cdb6365e92f51c65355dc78c7bc2474bb6d0e17bb79791
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2ae70d091360f8470ee579f778492285d73d599c81bf557b3be2a226d9aef30
b58a38a6581a36e413eb512789da1b593c86970dd74c4607062604b18899e6c5
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b61c2c4b07a9ff596ac8fb4ced20988a9de454225943dad54ec3016e4928003d
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf
b875ec33de25e99e1ac3a0ad42ccaef1d32a2aeeae1b94441fa7e6f08b0461ac
ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485
ba8e120de9f4324345f8191286351644cfa2c7456af38600865582dbc5ee7ce7
baa015b36b513c09ba52f87c9d8e7ea0490885c7a6e7328f349dbf1c8a5d1c3c
baa0892fb63bfb0affd093b3b974ef7f32ff1a8cafee6cae315170577c801b32
bc00bad77745c95ef035ff451ec24834f56352318f5b5edd0b9521687eecffbd
bc73e9340fd6f5f84d4c250700ce47b888d7b90058c3b27d3e7002bd1dc8d629
bcdfa01a53f484ed40c2fc1d5546d3c18d1df010a18a615c39723b05dfaf2d82
bd4ed8bc0b9731c04413d3e004abf5c1241b0aa7504d792224fb55dcd95b7046
bda2c84e2934508dd2b995f28876c68e3f0cf0955173bcf040b76ecc63e03786
c02d2e4ee660f561338f717a6dc83745ea23c4ad356a57bdfee60c3643b25b1a
c066970a333942bac84a0a666ec95b65f9aa1c66f8dda2b9463d3cc7ef8ffa53
c18491705449cbdae97140faac4dcc785348651585e1f1cb3560c9a5fab1ab70
c1b1771d4d20dc6c84d8528e89c9bc735839e33083196c95cdc94fe6accb9cdc
c1fac49b08d43a9f724cadb02cd4611276727a01b05714671ef77cf961cf6d43
c2a686f9e08cac48f0d588ff921ec19abe4f1cd9c78ff277c78fb39a3acb0073
c34be4417f25834d203def539d55dbbafa3c5228ea573f75f5ed732d0882a4ce
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c41d9fe7df9f000a26c0b5c1c65863aff7880496e1ca9e669136c55390424265
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c540a9231b20ee699d027d00ff6e0ff728eb955d7a54ebc6498fb75125f92c12
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7178acd38cffa906122dc6628f92ad892ba8fafbd11c23806226417e294ba50
c81a984679125929df25a98e701bf11c4ef91204ea576737cd08bb0bdb34ade8
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf
c88db5fef86344acc9f5a2df7e9c9b882fdea254e01b7a7ca6e0659f5895a21c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc24e970a499fa71fd78aab5a09370b1021809f75b223ff73cdbc5ccb7366a4d
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
ce4ae615871ef962013f4065b9b0986132dd32cf09034120278d7b02007b113f
cf0196af5f52b9727e24ec78c83871e955d6819552ae1f7046004fd4abe8af6d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6286ab735948b1b8687b6b442c55e262bc1d6ba79f781b8d7d23586f0606bf
d1a4b5737534ed3628e1cfac272c9ffb0d3cb070c186b7dc93698f2ad671ac6c
d36f309cfd8549fe7700b6ece8080ddb8a4b0c0a5e55fbe362cecf8b5b9a06ae
d41cc785e9d0a923e48b68893f44b38ce41495f60b6c920335a0699630d6e0ae
d5a8345dde00a9eb9f22b649e16d08acf5bd4049693c71e8e2b491b9f1fbbf4d
d5bca42bbea7300535975d6feb31b30bd92bdfddcf4c5fd87b73538690d48cb7
d5f651c373eb4e965f1231f92b984fb7ff11233c8f2148b36116fc2bf95f32e3
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
d88dd69a23a07246d2b9b8f53880e290c4ebfad3cd97fbf5fe20bb09e957637a
d8a3e2c87ff151b415ee2a65965a6c6459431d1430730c9a8a204ab0705b4938
d8fd2a2d3ba29a9c4df14f66b1bd33e9a5db41f9e43527d8e2341fdecf4ed7bc
d8fe0a5fd8c54e4deed0515142cc5269fc5709e07974a99399a0cb5d53477004
d998e83d193b8718681967d5165c3abf8e0f17a0c79373857b0128c740414bda
da22428a5b5d2666e5071afdf138ed28badcfc4e2454a8a4dde2f19fd8cadada
da81719beea5ec55535a6fe6956bb5dae1e9ef72aeb4d73ed8569f42b2394d86
daa3b1da346a2871f023bc24cc54b9c66466766ed46e76dad18ccece9108a698
dbc856f89aa2ee82e83af6db3313a50c73303578d3d66dccbe06b619be0500bd
dc7ddb48baeb09e5268d9ddbb27b5cfea676e41bb8b20d7430162595a2f7e762
dc7f6e3a40dff7ac871bb5572dc316cffd3a872d5d9142c19f50ef8c2843797a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd1448fcedd66fd634ecd7509d683798a1832b029b85735ed1deef908f1390ff
dddc8c4f028722a0b5b865fc87e649a45914bd724bb619165cd3838c6716b2d8
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
dea196787ea84ef04b5c25df03426fa04436df5e14f8ef7f0a0231f3ef7cffe7
df98f0cab7afd177f7465137dfe7aa3297a4aa16a162f6bb0c78f86ebb142c78
dfc8e66d6cecef50b7312090571d02df1e5cecfe834cd9328f4d98beb9c6a653
e001c17fec4c77216fcec0b2dc56828c2dbc46711a4a082c7c047249f9bcaced
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e04a9c8230795c2f887b54c7728a38b10802fd05c50ea4be23e9387fa696c876
e153152a3f654df7d36456a16f373b5994c53dbe923800f4cd0af6cd04643e55
e29d2f1a858534d9899baeb23a4f178e98bbd3e70481af59229dfe7d5c05f06e
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e311588888d321b6dc507dbaf7cbdd58fef865edf6ef9511a6cc27ca8ee59fcf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b957ea6cdda4e5509beca77d581506f6fedd9167de1a5c7494e89a405ca764
e3d2a92b520f532afbea289fa59685ec9c1b87b86ca3b5b02ea19ab0b5d22bd1
e4a89d9588799e0cf2c929823609717c593964608447f3307144505d530342a0
e96bdc1023e254eb8df1614b1e60f49da6c3569c146505d2de7c10fa8359bede
eb2631a273e438a2a4eecf22f4272d4abf5b4cd2564506c0597ccacdc318ea3d
eb4bc33283e00e578d8f8d8244f12a504c5473252c6280a17e76ba157000354b
eba3a9df23af26c6d75b298846b3f2163d63b1df3d611976bb7e122a52a3148f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef549d4f64eff079682d21179b21640f4f902f34489c385e544f7f64b8a87c6e
efa875fbc07e6790f68ce847dfdeed6f81ca93a301b27b7440682b20f688023b
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f4d194bc24a9585caa944053add27041d47a22913f8891aa843488e9369cdee9
f6328097b88e89b824f66b7327ac9625e7fdb720231b031c89171303dd5c2fff
f6fc4aaef7df4e92be26cdbfdc377700ffc5d82d80c63ec74b2b82e00bd6040c
f7358b5fe7bd97a7191a07be7385c7943dc30f44bf27df724c0d556cae25fb53
f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4
f75a3bdc56a20b4e31a3ebb2f970e4efab54b4c339882c71e22075c88953df4f
f7c4f889efe4c089a1c58379deadf75368d88b3b31e87b652e10ca4f735c434d
f8117e9e4039e48e73dddefb54e3e5cf0bd2509688a8f64ed0f3c03845029cea
fa1bf0a305255e52d5153e94fd298cbecc48453e99bda085672a4918639c3834
fcb48567c9630e566e15ba74ac5d7ff9411b4969a87370335ebc3660aeb3ad17
fcbd23d0ba81ea18f0192736513f33bfeaa6aae13d847bf681b0633ac38d8b9d
fe7e190183a9ec401b584644379982b748ee0f5f771a8e4b3be9f1a6257735db