www.nst.com.my Open in urlscan Pro
2606:4700::6812:51c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell
Submission: On June 21 via api (June 21st 2024, 9:22:12 pm UTC) from US — Scanned from DE

Summary HTTP 289 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 54 IPs in 10 countries across 32 domains to perform 289 HTTP transactions. The main IP is 2606:4700::6812:51c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.nst.com.my. The Cisco Umbrella rank of the primary domain is 304177.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 11th 2023. Valid for: a year.

This is the only time www.nst.com.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700::68... 2606:4700::6812:51c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
50	104.18.4.28 104.18.4.28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.230.228.32 54.230.228.32	16509 (AMAZON-02) (AMAZON-02)
1	18.239.18.78 18.239.18.78	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:4bd8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:10d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
6	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	104.18.5.28 104.18.5.28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
53	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
2	23.32.224.239 23.32.224.239	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
6	34.87.4.75 34.87.4.75	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.19.165.229 52.19.165.229	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:272... 2600:9000:2729:800:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.156.64.193 18.156.64.193	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:239... 2600:9000:2394:d000:18:1fcd:354:4b41	16509 (AMAZON-02) (AMAZON-02)
2	18.165.242.4 18.165.242.4	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.78.73.124 104.78.73.124	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 3	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
4	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2600:9000:225... 2600:9000:225b:d400:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
56	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
6	2606:4700:7::... 2606:4700:7::a29f:863d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::714	54113 (FASTLY) (FASTLY)
7	172.217.16.206 172.217.16.206	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.197.189.6 54.197.189.6	14618 (AMAZON-AES) (AMAZON-AES)
5	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
1 3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	216.58.212.142 216.58.212.142	15169 (GOOGLE) (GOOGLE)
2	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	157.240.251.35 157.240.251.35	32934 (FACEBOOK) (FACEBOOK)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
6	2606:4700:7::... 2606:4700:7::a29f:853d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:9d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
289	54

10 2606:4700::6812:51c (United States)

ASN13335 (CLOUDFLARENET, US)

www.nst.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.nst.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 104.18.4.28 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.nst.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.nst.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-32.muc50.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.18.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-78.ams58.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:10d2 (United States)

ASN13335 (CLOUDFLARENET, US)

ad.mediaprimaplus.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
heartbeat.mediaprimaplus.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.5.28 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.nst.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.224.239 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-224-239.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.87.4.75 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 75.4.87.34.bc.googleusercontent.com

mp-bigdata.es.asia-southeast1.gcp.elastic-cloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.165.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-165-229.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2729:800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.64.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-64-193.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2394:d000:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.165.242.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-242-4.lhr61.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.78.73.124 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a104-78-73-124.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.132 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:225b:d400:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:7::a29f:863d (United States)

ASN13335 (CLOUDFLARENET, US)

newstraitstimesmalaysia.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
locationv2.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f206.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.189.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-189-6.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States) 1 redirects

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.142 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:7::a29f:853d (United States)

ASN13335 (CLOUDFLARENET, US)

newstraitstimesmalaysia.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
carrier.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
segment.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

ut.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:9d6 (United States)

ASN13335 (CLOUDFLARENET, US)

hb.revid.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
113	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 844 trc.taboola.com — Cisco Umbrella Rank: 711 trc-events.taboola.com — Cisco Umbrella Rank: 2315 am-trc-events.taboola.com — Cisco Umbrella Rank: 18530 15.taboola.com — Cisco Umbrella Rank: 7263 images.taboola.com — Cisco Umbrella Rank: 1555 vidstat.taboola.com — Cisco Umbrella Rank: 3898 pips.taboola.com — Cisco Umbrella Rank: 1642 cds.taboola.com — Cisco Umbrella Rank: 1761 imprammp.taboola.com — Cisco Umbrella Rank: 23832 am-vid-events.taboola.com — Cisco Umbrella Rank: 22734 am-match.taboola.com — Cisco Umbrella Rank: 24583	2 MB
61	nst.com.my www.nst.com.my — Cisco Umbrella Rank: 304177 assets.nst.com.my — Cisco Umbrella Rank: 342812	3 MB
12	useinsider.com newstraitstimesmalaysia.api.useinsider.com — Cisco Umbrella Rank: 698710 carrier.useinsider.com — Cisco Umbrella Rank: 36745 segment.api.useinsider.com — Cisco Umbrella Rank: 21217 locationv2.api.useinsider.com — Cisco Umbrella Rank: 23012 log.api.useinsider.com — Cisco Umbrella Rank: 25371 hit.api.useinsider.com — Cisco Umbrella Rank: 18626	135 KB
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71 region1.google-analytics.com — Cisco Umbrella Rank: 2355	23 KB
9	google.com 4 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744 www.google.com — Cisco Umbrella Rank: 5 region1.analytics.google.com — Cisco Umbrella Rank: 3125	129 KB
9	gstatic.com fonts.gstatic.com	282 KB
8	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 ad.doubleclick.net — Cisco Umbrella Rank: 164 googleads.g.doubleclick.net — Cisco Umbrella Rank: 70 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	176 KB
7	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 5168 buttons-config.sharethis.com — Cisco Umbrella Rank: 5857 l.sharethis.com — Cisco Umbrella Rank: 5781 platform-cdn.sharethis.com — Cisco Umbrella Rank: 12014	51 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	5 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 743 c.clarity.ms — Cisco Umbrella Rank: 1434 o.clarity.ms — Cisco Umbrella Rank: 12392	28 KB
6	elastic-cloud.com mp-bigdata.es.asia-southeast1.gcp.elastic-cloud.com — Cisco Umbrella Rank: 531570	7 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	470 KB
5	btloader.com btloader.com — Cisco Umbrella Rank: 1087 api.btloader.com — Cisco Umbrella Rank: 1198	19 KB
4	google.de www.google.de — Cisco Umbrella Rank: 8088	255 B
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 133	5 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	79 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1688 mab.chartbeat.com — Cisco Umbrella Rank: 2945	35 KB
3	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 621 ut.pubmatic.com — Cisco Umbrella Rank: 7719	173 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	8 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 188	3 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1092	1 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 137	197 KB
2	mediaprimaplus.com.my ad.mediaprimaplus.com.my — Cisco Umbrella Rank: 323247 heartbeat.mediaprimaplus.com.my — Cisco Umbrella Rank: 314571	47 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1285 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1104	19 KB
1	revid.my hb.revid.my — Cisco Umbrella Rank: 336630
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 324	32 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1451	201 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 224	766 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1797	4 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 493	446 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1073	7 KB
0	mediaprimalabs.com Failed podcast.mediaprimalabs.com Failed
289	32

	Domain	Requested by
52	assets.nst.com.my	www.nst.com.my assets.nst.com.my
51	am-trc-events.taboola.com	cdn.taboola.com
36	images.taboola.com
14	cdn.taboola.com	www.nst.com.my cdn.taboola.com
10	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
9	fonts.gstatic.com	fonts.googleapis.com
9	www.nst.com.my	www.nst.com.my assets.nst.com.my static.cloudflareinsights.com
6	www.facebook.com
6	mp-bigdata.es.asia-southeast1.gcp.elastic-cloud.com	assets.nst.com.my
5	www.googletagmanager.com	www.nst.com.my www.googletagmanager.com
4	log.api.useinsider.com
4	platform-cdn.sharethis.com
4	www.google.de
4	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
4	www.googleadservices.com	www.googletagmanager.com ad.mediaprimaplus.com.my
4	connect.facebook.net	www.nst.com.my connect.facebook.net
3	trc-events.taboola.com
3	www.google.com	3 redirects
3	googleads.g.doubleclick.net	3 redirects
3	api.btloader.com	btloader.com
3	fonts.googleapis.com	www.nst.com.my assets.nst.com.my
2	hit.api.useinsider.com	newstraitstimesmalaysia.api.useinsider.com
2	carrier.useinsider.com	newstraitstimesmalaysia.api.useinsider.com
2	o.clarity.ms	www.clarity.ms
2	region1.analytics.google.com	1 redirects www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	newstraitstimesmalaysia.api.useinsider.com	www.googletagmanager.com newstraitstimesmalaysia.api.useinsider.com
2	trc.taboola.com	cdn.taboola.com
2	www.clarity.ms	www.nst.com.my www.clarity.ms
2	sb.scorecardresearch.com	www.nst.com.my
2	static.chartbeat.com	www.googletagmanager.com www.nst.com.my
2	ad-delivery.net
2	ads.pubmatic.com	www.nst.com.my ads.pubmatic.com
2	pagead2.googlesyndication.com	www.nst.com.my pagead2.googlesyndication.com
2	securepubads.g.doubleclick.net	www.nst.com.my securepubads.g.doubleclick.net
2	btloader.com	www.nst.com.my
1	hb.revid.my	heartbeat.mediaprimaplus.com.my
1	am-match.taboola.com	vidstat.taboola.com
1	am-vid-events.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	locationv2.api.useinsider.com	newstraitstimesmalaysia.api.useinsider.com
1	segment.api.useinsider.com	newstraitstimesmalaysia.api.useinsider.com
1	www.googletagservices.com	www.nst.com.my
1	ut.pubmatic.com	ads.pubmatic.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	vidstat.taboola.com	cdn.taboola.com
1	15.taboola.com	cdn.taboola.com
1	region1.google-analytics.com
1	ping.chartbeat.net
1	c.bing.com	1 redirects
1	mab.chartbeat.com	static.chartbeat.com
1	a.teads.tv	www.googletagmanager.com
1	heartbeat.mediaprimaplus.com.my	www.googletagmanager.com
1	gum.criteo.com	cdn.taboola.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	ad.doubleclick.net
1	ad.mediaprimaplus.com.my	www.nst.com.my
1	tags.crwdcntrl.net	www.nst.com.my
1	platform-api.sharethis.com	www.nst.com.my
1	static.cloudflareinsights.com	www.nst.com.my
0	podcast.mediaprimalabs.com Failed	www.nst.com.my
289	65

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.tiktok.com
www.audioplus.audio
vouchers.nst.com.my
www.xiaohongshu.com
fragebogen.geers.de
popup.taboola.com
cdn.gsght.com
www.aroundhome.de
das-solar-portal.de
shop.rewe.de
quelancepitylus.com
www.faltenfreialtern.com
de.search.yahoo.com
eu-play.sunrisevillagegame.com
yuma.de
www.zaun-idee.de
lhlrtvx.com
apothekenaratgeber.de
www.fensterversand.com
apps.apple.com
play.google.com
appgallery5.huawei.com
digital.nstp.com.my

Subject Issuer	Validity	Valid
nst.com.my Cloudflare Inc ECC CA-3	`2023-07-11` - `2024-07-09`	a year	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M03	`2024-04-19` - `2025-05-17`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
btloader.com WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
mediaprimaplus.com.my Cloudflare Inc ECC CA-3	`2023-07-01` - `2024-06-30`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-31` - `2024-06-29`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2024-06-04` - `2024-09-02`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.asia-southeast1.gcp.elastic-cloud.com R10	`2024-06-19` - `2024-09-17`	3 months	crt.sh
*.googleadservices.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2024-05-15` - `2025-06-06`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
teads.tv R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
useinsider.com Cloudflare Inc ECC CA-3	`2023-12-05` - `2024-12-04`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
*.google.de WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
revid.my Cloudflare Inc ECC CA-3	`2023-12-31` - `2024-12-30`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell
Frame ID: 2B75AACDD5B17B33306CB29C64B60EC7
Requests: 279 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 50D0C551DF9465DD439AC5956F0F73C4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: AB157056BED1968E55805FC3DFFAF441
Requests: 1 HTTP requests in this frame

Frame: https://newstraitstimesmalaysia.api.useinsider.com/worker-new.html
Frame ID: 716BE74EFFD68BB8FE38484D048A9A3D
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66630942&crid=6976096&dast=V9TmYCABYDABEu1bRZ0a3UBAARLtW0WdGt1AUAAAAABgYA9AcAJORYGRYL13CtWrgsa9HCYnNLTCuXW2RcLQwzh8e3GdmMAEACk5VttJyY1irPzLAWrWbOtXCyXK4VNottNHMNVrPJYgoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsA1tB0Onyue73u97vLPae7xu-2q51_ucv3-cs9p7fsaXmY_ZLBZLQXzPaKwWy13Ez2cs_p9rQ8zG7Bw-70uMWW01vyNLncoofX5XkLHp7Py-5zWT5v0dHyd_2MbqHLbLYDAAAAAMADAICaHBgEwA8gAEAEAAAAAIAEAAAAAAAFQEAFwL8FgMAFAAAAAAAGAMCCNI0GAAAUBwBCel6Ws99o9wcAAMBDBAgAAIAABgkAQIKAewkAgIzQ-wkAAAAAAAAAAAALwP___38MwAB-rYcMAAFBXXUPAMCDDwDAAxEAQAGMYREAIwAAAAAAqP8DtiOASQCdAFABWFQBAAAQpFsBAFwBAAAEQPK0Tp6HAQAAABiMASzQw-L3mx12jd_tMgAAAAAAAAAAADOA_zOAfzQAoSZXijQAIHuKPTWAX0AAgDWAX0AAADYAdQMAAHgDEIADCDoAglYMBqsDUIjdcLbYDTeDwewAAAAAAO4A_v____UAQGJlWk4cxtFgZNtYDMvhbOFwrkw2k8m2cowmg4X3AA7wGLkcU03A-gBChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-ABO2GK0mk81yOFsuJoPhaDga7Q9gICazAQJMxGC5nEwWk91qtBpthrvRbLBAAIEYTBCAokWDyWo0miwmw9VospotF7vdBgEoWrWajTaD4Wo2me12q-FguByNEGDCFqPVZLJZDmfLxWQwHA1HoyECwIxtNfF4Nja3crKauUWT3catXC5sa91iMlxuNqvFZrJxi14f08k28412Ky8CBPruRXCRTiQv29tlcjp8lr_r8Ja7fJ_T5eE0fU5Pt8tzEUs0J4t0IhFLBKeLdCJ6GU8XsUTytEgnipHFt3EZNivfwmbcjFyj0cxh8UycI-NoZJmMdhOxRGm6SCd6ucv3-cs9p7fsaXmY_ZLBZLQXzPaKwWy13Ez2cs_p9rQ8zG7Bw-70uMWW01vyNLncoofX5XkLHp7Py-5zWT5v0dHyd_2MbqHLbLao_wjAgIO5ZLWa6-aKwXCVAAAAAAAAAAAAlgA2AQAAAAA4AQxqOVjtRssFALggltcF-LmsD9lQO53bBQhLOpSPx9MNPwbokJft7TI5HT7L33V4y12-z-nycJo-p6fb5bkyAMAFcTszwGYAzwAEsVarZQ0AAAAggA0AAAAQwA2gG4A3gIDzOg7w____vw8ANIVbL_zIlcIPUBCD4XCyfwAAAQqxVqvl88VarZZAwP___z9BAAAAAAAAgIpgQkCFAIMhWv5ulxcCAg!&cmcv=&pix=undefined&cb=1719004927678&uv=3406&tms=1719004927678&abt=adxsub-out_vA!adxsub-out_vB!pl157290-537_vB!tbt_loaf_fader!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=d1e01a58-5ae2-4abf-b4ee-d85a0fac73df&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: FD0A190123F5A7D359A255712D596F2B
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V9TmYCABYDABEu1bRZ0a3UBAARLtW0WdGt1AUAAAAABgYA9AcAJORYGRYL13CtWrgsa9HCYnNLTCuXW2RcLQwzh8e3GdmMAEACk5VttJyY1irPzLAWrWbOtXCyXK4VNottNHMNVrPJYgoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsA1tB0Onyue73u97vLPae7xu-2q51_ucv3-cs9p7fsaXmY_ZLBZLQXzPaKwWy13Ez2cs_p9rQ8zG7Bw-70uMWW01vyNLncoofX5XkLHp7Py-5zWT5v0dHyd_2MbqHLbLYDAAAAAMADAICaHBgEwA8gAEAEAAAAAIAEAAAAAAAFQEAFwL8FgMAFAAAAAAAGAMCCNI0GAAAUBwBCel6Ws99o9wcAAMBDBAgAAIAABgkAQIKAewkAgIzQ-wkAAAAAAAAAAAALwP___38MwAB-rYcMAAFBXXUPAMCDDwDAAxEAQAGMYREAIwAAAAAAqP8DtiOASQCdAFABWFQBAAAQpFsBAFwBAAAEQPK0Tp6HAQAAABiMASzQw-L3mx12jd_tMgAAAAAAAAAAADOA_zOAfzQAoSZXijQAIHuKPTWAX0AAgDWAX0AAADYAdQMAAHgDEIADCDoAglYMBqsDUIjdcLbYDTeDwewAAAAAAO4A_v____UAQGJlWk4cxtFgZNtYDMvhbOFwrkw2k8m2cowmg4X3AA7wGLkcU03A-gBChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-ABO2GK0mk81yOFsuJoPhaDga7Q9gICazAQJMxGC5nEwWk91qtBpthrvRbLBAAIEYTBCAokWDyWo0miwmw9VospotF7vdBgEoWrWajTaD4Wo2me12q-FguByNEGDCFqPVZLJZDmfLxWQwHA1HoyECwIxtNfF4Nja3crKauUWT3catXC5sa91iMlxuNqvFZrJxi14f08k28412Ky8CBPruRXCRTiQv29tlcjp8lr_r8Ja7fJ_T5eE0fU5Pt8tzEUs0J4t0IhFLBKeLdCJ6GU8XsUTytEgnipHFt3EZNivfwmbcjFyj0cxh8UycI-NoZJmMdhOxRGm6SCd6ucv3-cs9p7fsaXmY_ZLBZLQXzPaKwWy13Ez2cs_p9rQ8zG7Bw-70uMWW01vyNLncoofX5XkLHp7Py-5zWT5v0dHyd_2MbqHLbLao_wjAgIO5ZLWa6-aKwXCVAAAAAAAAAAAAlgA2AQAAAAA4AQxqOVjtRssFALggltcF-LmsD9lQO53bBQhLOpSPx9MNPwbokJft7TI5HT7L33V4y12-z-nycJo-p6fb5bkyAMAFcTszwGYAzwAEsVarZQ0AAAAggA0AAAAQwA2gG4A3gIDzOg7w____vw8ANIVbL_zIlcIPUBCD4XCyfwAAAQqxVqvl88VarZZAwP___z9BAAAAAAAAgIpgQkCFAIMhWv5ulxcCAg!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 7760E67529128176BD53806E64A90AE6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

#NSTviral: Panic as LRT ride takes passengers 'through hell'

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Insider (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.useinsider\.\w+/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

289
Requests

98 %
HTTPS

45 %
IPv6

32
Domains

65
Subdomains

54
IPs

10
Countries

6577 kB
Transfer

13465 kB
Size

28
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/nstonline/

Search URL Search Domain Scan URL

URL: https://twitter.com/NST_Online

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nstonline/?hl=en

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCsWp7U58TZM8uOYtRrAqWhg

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@nstonline

Search URL Search Domain Scan URL

URL: https://www.audioplus.audio/
Title: Get Audio+

Search URL Search Domain Scan URL

URL: https://vouchers.nst.com.my/
Title: Vouchers

Search URL Search Domain Scan URL

URL: https://www.xiaohongshu.com/explore/667270a4000000001c02ae45?app_platform=ios&app_version=8.40&share_from_user_hidden=true&type=video&author_share=1&xhsshare=CopyLink&shareRedId=N0pDNDw7SE42NzUyOTgwNjY0OTc8SDw-&apptime=1718780699
Title: XiaoHongShu account

Search URL Search Domain Scan URL

URL: https://fragebogen.geers.de/hoergeraete-testen-mvp-loc/
Title: GEERS

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=revmediagroup-newstraitstimes&utm_medium=referral&utm_content=thumbnails-4x1:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://cdn.gsght.com/c/cbqqov
Title: Star Trek Fleet Command

Search URL Search Domain Scan URL

URL: https://www.aroundhome.de/treppenlift/formular/
Title: Treppenlift-Vergleich

Search URL Search Domain Scan URL

URL: https://das-solar-portal.de/top-photovoltaik-tab/
Title: Das Solar Portal

Search URL Search Domain Scan URL

URL: https://shop.rewe.de/
Title: REWE. Dein Markt.

Search URL Search Domain Scan URL

URL: https://quelancepitylus.com/8eb0c9c2-407c-4232-99ee-0c4ce5fff87d
Title: Knauermann

Search URL Search Domain Scan URL

URL: https://www.faltenfreialtern.com/anti-falten-trick/
Title: Endlich Faltenfrei

Search URL Search Domain Scan URL

URL: https://de.search.yahoo.com/yhs/search
Title: Treppenlifte | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://www.aroundhome.de/advertorial/solaranlage/kosten/
Title: Solaranlagen

Search URL Search Domain Scan URL

URL: https://eu-play.sunrisevillagegame.com/
Title: Sunrise Village

Search URL Search Domain Scan URL

URL: https://yuma.de/pages/strom-spar-checker
Title: Yuma

Search URL Search Domain Scan URL

URL: https://www.zaun-idee.de/
Title: Zaun-Idee GmbH

Search URL Search Domain Scan URL

URL: https://lhlrtvx.com/click
Title: Apotheken-Ratgeber | Kollagen

Search URL Search Domain Scan URL

URL: https://apothekenaratgeber.de/was-selbst-kourtney-kardashian-nicht-uber-kollagen-weis-tb/
Title: Apotheken-Ratgeber

Search URL Search Domain Scan URL

URL: https://www.fensterversand.com/taboola-energiesparfenster.php
Title: fensterversand.com

Search URL Search Domain Scan URL

URL: https://apps.apple.com/my/app/new-straits-times/id1033411389

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.nstp.nst

Search URL Search Domain Scan URL

URL: https://appgallery5.huawei.com/#/app/C101980395

Search URL Search Domain Scan URL

URL: https://apps.apple.com/my/app/new-straits-times-epaper/id527144475

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=team.vc.nstnews

Search URL Search Domain Scan URL

URL: http://vouchers.nst.com.my/
Title: Voucher

Search URL Search Domain Scan URL

URL: http://digital.nstp.com.my/nst/includes/shop/list_products.jsp?testata=nstnews&id=nstnews&utm_source=subscription&utm_medium=klik&utm_term=hm&utm_campaign=nstnews
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=revmediagroup-newstraitstimes&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845503338/?random=1087990019&cv=11&fst=1719004925959&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&label=o7D8CN_ircIDEOq2lZMD&hn=www.googleadservices.com&frm=0&tiba=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&npa=1&pscdl=noapi&auid=422642575.1719004926&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CKG4sQIIscGxAgiwwbECCLnBsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI663wr9DthgMVWkYdCR0Ggwd6MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3Lm5zdC5jb20ubXkv HTTP 302
https://www.google.com/pagead/1p-conversion/845503338/?random=1087990019&cv=11&fst=1719004925959&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&label=o7D8CN_ircIDEOq2lZMD&hn=www.googleadservices.com&frm=0&tiba=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&npa=1&pscdl=noapi&auid=422642575.1719004926&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CKG4sQIIscGxAgiwwbECCLnBsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI663wr9DthgMVWkYdCR0Ggwd6MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3Lm5zdC5jb20ubXkv&is_vtc=1&cid=CAQSGwDaQooL2pD1fgH-O0xYD7j20az4ECwlK2VNpg&random=976428433 HTTP 302
https://www.google.de/pagead/1p-conversion/845503338/?random=1087990019&cv=11&fst=1719004925959&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&label=o7D8CN_ircIDEOq2lZMD&hn=www.googleadservices.com&frm=0&tiba=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&npa=1&pscdl=noapi&auid=422642575.1719004926&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CKG4sQIIscGxAgiwwbECCLnBsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI663wr9DthgMVWkYdCR0Ggwd6MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3Lm5zdC5jb20ubXkv&is_vtc=1&cid=CAQSGwDaQooL2pD1fgH-O0xYD7j20az4ECwlK2VNpg&random=976428433&ipr=y

Request Chain 108

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=676D2EFB63B54EA4A9DF95736393A46C&RedC=c.clarity.ms&MXFR=261FCEEF8CD46C00135FDA4A88D4620E HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=676D2EFB63B54EA4A9DF95736393A46C&MUID=1493AFAE0E966C2D2BAABB0B0F3A6D0D

Request Chain 119

https://region1.analytics.google.com/g/collect?v=2&tid=G-81X23X7WB2&gtm=45je46j0v9103255710z871326797za200zb71326797&_p=1719004925732&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&cid=272305809.1719004926&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719004926&sct=1&seg=0&dl=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&dt=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&en=page_view&_fv=2&_ss=2&_c=1&ep.login_status=not%20logged%20in&ep.editorial_type=editorial&ep.article_author=Najihah%20Borhan&ep.photographer_name=n%2Fa&ep.publication_date=2024-06-20&ep.publication_time=12%3A41%3A23%2B08%3A00&ep.number_of_words=n%2Fa&ep.content_category=nst-viral&ep.hit_timestamp=2024-06-21T23%3A22%3A06.155%2B02%3A00&ep.pagetype=article&ep.keyword_list_hit_scope=passengers%2C%20panic%2C%20inferno%2C%20Chan%20Sow%20Lin%2C%20nstviral%2C%20LRT%20ride&ep.article_id=n%2Fa&ep.site_name=NST%20Online&ep.modified_date=2024-06-20&ep.modified_time=13%3A13%3A07%2B08%3A00&ep.description=KUALA%20LUMPUR%3A%20Terrified%20passengers%20described%20it%20as%20%E2%80%9Ca%20ride%20through%20hell%E2%80%9D%2C%20when%20the%20Light%20Rail%20Transit%20(LRT)%20train%20they%20were%20in%20passed%20by%20a%20raging%20inferno%20in%20Pudu%20on%20Tuesday.&up.custom_user_id=n%2Fa&tfd=1856&_z=sendBeacon HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=272305809.1719004926&dbk=13219721623112967342&dma=1&dma_cps=sypham&en=page_view&gtm=45je46j0v9103255710z871326797za200zb71326797&npa=1&tid=G-81X23X7WB2&dl=https%3A%2F%2Fwww.nst.com.my%3F

Request Chain 135

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845503338/?random=901572646&cv=11&fst=1719004926472&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896z871326797za201zb71326797&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&label=rqiqCNqRqtsCEOq2lZMD&hn=www.googleadservices.com&frm=0&tiba=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&value=0&npa=1&pscdl=noapi&auid=422642575.1719004926&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&eitems=ChEI8MnUswYQlbq9t-fAoJPaARIdAGZsmNjoBYskl9y6psCu6g9DTn6j9WxzVHEpkrg&pscrd=IhMI39easNDthgMVPUYdCR3JcA2JMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3Lm5zdC5jb20ubXkv HTTP 302
https://www.google.com/pagead/1p-conversion/845503338/?random=901572646&cv=11&fst=1719004926472&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896z871326797za201zb71326797&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&label=rqiqCNqRqtsCEOq2lZMD&hn=www.googleadservices.com&frm=0&tiba=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&value=0&npa=1&pscdl=noapi&auid=422642575.1719004926&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI39easNDthgMVPUYdCR3JcA2JMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3Lm5zdC5jb20ubXkv&is_vtc=1&cid=CAQSKQDaQooLem0dLimIRgX87I91QHEZuupK_OO502h6wCKTUQMM0OnvilhY&eitems=ChEI8MnUswYQlbq9t-fAoJPaARIdAGZsmNix-EH40SbvQi-VCbeu6LBQWAvorTzTnlI&random=1295595439 HTTP 302
https://www.google.de/pagead/1p-conversion/845503338/?random=901572646&cv=11&fst=1719004926472&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896z871326797za201zb71326797&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&label=rqiqCNqRqtsCEOq2lZMD&hn=www.googleadservices.com&frm=0&tiba=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&value=0&npa=1&pscdl=noapi&auid=422642575.1719004926&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI39easNDthgMVPUYdCR3JcA2JMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3Lm5zdC5jb20ubXkv&is_vtc=1&cid=CAQSKQDaQooLem0dLimIRgX87I91QHEZuupK_OO502h6wCKTUQMM0OnvilhY&eitems=ChEI8MnUswYQlbq9t-fAoJPaARIdAGZsmNix-EH40SbvQi-VCbeu6LBQWAvorTzTnlI&random=1295595439&ipr=y

Request Chain 285

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845503338/?random=893088046&cv=11&fst=1719004928233&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&label=o7D8CN_ircIDEOq2lZMD&hn=www.googleadservices.com&frm=0&tiba=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&npa=1&pscdl=noapi&auid=422642575.1719004926&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSid0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI-932sNDthgMVFUkdCR1_5AC8MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3Lm5zdC5jb20ubXkv HTTP 302
https://www.google.com/pagead/1p-conversion/845503338/?random=893088046&cv=11&fst=1719004928233&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&label=o7D8CN_ircIDEOq2lZMD&hn=www.googleadservices.com&frm=0&tiba=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&npa=1&pscdl=noapi&auid=422642575.1719004926&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSid0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI-932sNDthgMVFUkdCR1_5AC8MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3Lm5zdC5jb20ubXkv&is_vtc=1&cid=CAQSKQDaQooLJgg-2TwPsrHHPqAEV1gdiunWBpc5_3LZfQf22IvhdUE8jv2x&random=3319945084 HTTP 302
https://www.google.de/pagead/1p-conversion/845503338/?random=893088046&cv=11&fst=1719004928233&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&label=o7D8CN_ircIDEOq2lZMD&hn=www.googleadservices.com&frm=0&tiba=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&npa=1&pscdl=noapi&auid=422642575.1719004926&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSid0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI-932sNDthgMVFUkdCR1_5AC8MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3Lm5zdC5jb20ubXkv&is_vtc=1&cid=CAQSKQDaQooLJgg-2TwPsrHHPqAEV1gdiunWBpc5_3LZfQf22IvhdUE8jv2x&random=3319945084&ipr=y

289 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request nstviral-panic-lrt-ride-takes-passengers-through-hell Show response
www.nst.com.my/news/nst-viral/2024/06/1065932/ 74 KB
16 KB 221ms
103ms Document
text/html 2606:4700::6812:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:51c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

364b1cd8e0f073cfdfe8e5af84684f28dfab5ab806b0f4c2501fb739f6849183

Security Headers

Name	Value
Strict-Transport-Security	max-age=1000
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 43
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=30
cf-cache-status: HIT
cf-ray: 89770d4d6b86bbef-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 21 Jun 2024 21:22:05 GMT
expires: Fri, 21 Jun 2024 21:22:35 GMT
last-modified: Fri, 21 Jun 2024 21:17:42 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=1000
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: ALLOW
x-frame-options: allow-from http://digital.nstp.com.my/
x-xss-protection: 1; mode=block

GET
H2 200 app.js Show response
assets.nst.com.my/assets/js/desktop/ 1 MB
355 KB 120ms
90ms Script
application/javascript 2606:4700::6812:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.nst.com.my/assets/js/desktop/app.js?id=4022ad2b98707f9801da

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:51c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12a4d8c651dafd0f200902ea15b70365e6b2107f56c126f705796b1d5ced6b80

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
content-encoding: br
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1718697360
age: 306982
x-guploader-uploadid: ACJd0NqMqr98prudVI2Alj_7n8DzIXHaWfIsJvaqUP-n0BSaATACq9popTdK7ECi08Ib8MMROpM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 18 Jun 2024 07:56:15 GMT
server: cloudflare
etag: W/"4022ad2b98707f9801da867d9b5eea47"
vary: Accept-Encoding
x-goog-generation: 1718697374946594
content-language: en
access-control-allow-origin: *
x-goog-hash: crc32c=y4/04Q==, md5=QCKtK5hwf5gB2oZ9m17qRw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-type: application/javascript
x-goog-stored-content-length: 1262511
x-frame-options: allow-from http://digital.nstp.com.my/
cf-ray: 89770d4e4cbcbbef-FRA
expires: Fri, 21 Jun 2024 22:22:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 18 KB
2 KB 142ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:500,500i|Roboto:400,400i,500,500i,700,700i&display=swap

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97ce8b766c7dc15d080e093d6f2199a830fe8fd55fb798b8a1d4c0f583cece04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jun 2024 21:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 21:22:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jun 2024 21:22:05 GMT

GET
H2 200 libraries.css
assets.nst.com.my/assets/css/ 92 KB
17 KB 104ms
74ms Stylesheet
text/css 2606:4700::6812:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.nst.com.my/assets/css/libraries.css?id=7979572225756f8aee4c

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:51c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eb5e61cae897b70f29ed1ae87775f171cd4c40bbb1d337086443b9bde31090a

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
content-encoding: br
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1715069638
age: 265093
x-guploader-uploadid: ABPtcPp7VLVEYobqSjwC4QCP8ikwomtqWvx3VUn4qyTPkXOPcHyPr1UN97KODTTKzi6vhetOMvM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 13 May 2024 07:31:43 GMT
server: cloudflare
etag: W/"0e735ddc863af455893937f6c53a4344"
vary: Accept-Encoding
x-goog-generation: 1715069645950113
content-language: en
content-type: text/css
x-goog-hash: crc32c=C86+YQ==, md5=DnNd3IY69FWJOTf2xTpDRA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 94124
access-control-allow-origin: *
x-frame-options: allow-from http://digital.nstp.com.my/
cf-ray: 89770d4e4cb7bbef-FRA
expires: Fri, 21 Jun 2024 22:22:05 GMT

GET
H2 200 app.css
assets.nst.com.my/assets/css/desktop/ 185 KB
32 KB 112ms
82ms Stylesheet
text/css 2606:4700::6812:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.nst.com.my/assets/css/desktop/app.css?id=c7bf67ca33173e26b2ad

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:51c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11fd42f60a17f097550a431f9156f12542e2916a77510b63bee66fe9d9ee2b03

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
content-encoding: br
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1715585493
age: 140378
x-guploader-uploadid: ABPtcPrBocDtKwllkVrpKk77phKBrL_Mo3lIKpJslt3aZi9Om_uaX-DNaKS3Kd0JqGqq44lM-z0CoJEOzg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 13 May 2024 07:31:43 GMT
server: cloudflare
etag: W/"c7bf67ca33173e26b2ada40fd3990842"
vary: Accept-Encoding
x-goog-generation: 1715585503032112
content-language: en
content-type: text/css
x-goog-hash: crc32c=zOXM0w==, md5=x79nyjMXPiayraQP05kIQg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 189877
access-control-allow-origin: *
x-frame-options: allow-from http://digital.nstp.com.my/
cf-ray: 89770d4e4cb9bbef-FRA
expires: Fri, 21 Jun 2024 22:22:05 GMT

GET
H2 200 tiktok-logo-white.png
assets.nst.com.my/assets/ 2 KB
3 KB 152ms
122ms Image
image/webp 2606:4700::6812:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/tiktok-logo-white.png?id=676e6b293a0a0f76083e

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:51c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fdafb36f6618424a5130b2b045d22f2b37fd35c312697d20003c025edecffee

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 278089
x-guploader-uploadid: ABPtcPpHxZ5glYsxStt2tnwNglwW0bDO_KSzZB5n_WNk4PE34wZLC-uSbxXIVXPW_S9Qymu1nCg
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="tiktok-logo-white.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "22523f214a81c3994df0ecc57594858d"
vary: Accept
x-goog-generation: 1718004253987461
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
content-language: en
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:05 GMT
date: Fri, 21 Jun 2024 21:22:05 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1718004240
cf-polished: origFmt=png, origSize=7939
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2194
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jun 2024 07:24:14 GMT
server: cloudflare
x-goog-hash: crc32c=uPLdXg==, md5=IlI/IUqBw5lN8OzFdZSFjQ==
x-goog-stored-content-length: 7939
accept-ranges: bytes
cf-ray: 89770d4e4cc1bbef-FRA

GET
H2 200 tiktok-logo-red.png
assets.nst.com.my/assets/ 2 KB
3 KB 102ms
72ms Image
image/webp 2606:4700::6812:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/tiktok-logo-red.png?id=4de7390a0eacca521dae

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:51c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d6be6eecf46c8be1a03339416200243d0c66be6b3fb207bed5b83015e531d40

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 264738
x-guploader-uploadid: ABPtcPpnWwWd0c3fFqS8tRIphNhJGJenoBYP0mNeBH9uUtprLYEEs_3X1HHMNAiwrx5GqnsHpKk
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="tiktok-logo-red.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "5cc8ba68ca69ba0e35ca3af2c8df732c"
vary: Accept
x-goog-generation: 1715945365736058
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-language: en
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:05 GMT
date: Fri, 21 Jun 2024 21:22:05 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1715945353
cf-polished: origFmt=png, origSize=9688
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2538
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jun 2024 07:24:14 GMT
server: cloudflare
x-goog-hash: crc32c=WQGcwg==, md5=XMi6aMppug41yjryyN9zLA==
x-goog-stored-content-length: 9688
accept-ranges: bytes
cf-ray: 89770d4e4cc0bbef-FRA

GET
H2 200 audio_plus_master.png
assets.nst.com.my/assets/ 3 KB
4 KB 93ms
78ms Image
image/webp 2606:4700::6812:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/audio_plus_master.png?id=633a170063b43a648dd8

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:51c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afd146370354db9e3469036cff6b86e485aeea7dc325e735439cf5921859c255

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 102946
x-guploader-uploadid: ABPtcPqLJ6z5d2wHs1VmwWcvLlPHQXPpqdq0H9JxGaIvJX0VyLnuF3MwhJgZbRyBfBYPGDvXOIk
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="audio_plus_master.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "9423eae53ed03a8ad614212851263f0e"
vary: Accept
x-goog-generation: 1718004249044417
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-language: en
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:05 GMT
date: Fri, 21 Jun 2024 21:22:05 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1718004240
cf-polished: origFmt=png, origSize=7844
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 3342
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jun 2024 07:24:09 GMT
server: cloudflare
x-goog-hash: crc32c=XuVcUg==, md5=lCPq5T7QOorWFCEoUSY/Dg==
x-goog-stored-content-length: 7844
accept-ranges: bytes
cf-ray: 89770d4e4cc3bbef-FRA

GET
H3 200 hotfm_red.png
assets.nst.com.my/assets/ 2 KB
3 KB 122ms
121ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/hotfm_red.png?id=7e2926041831b258e1a2

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6b09a57da998ffa35150ebb61ded622d790c12a83d49dbe8c39730842add77c

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 264136
x-guploader-uploadid: ABPtcPoiU8bFzzBRdSPviIXJLETZ3Zp2zcMsIhm1Ac4fn2GsNnyJn8KQw1UaVgDbaVcM5feoSVdA64NadQ
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="hotfm_red.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "4d0dac13cc9fbc9271e032635bcce3a1"
vary: Accept
x-goog-generation: 1715585504323789
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-language: en
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:05 GMT
date: Fri, 21 Jun 2024 21:22:05 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1715585493
cf-polished: origFmt=png, origSize=6584
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2406
x-xss-protection: 1; mode=block
last-modified: Mon, 13 May 2024 07:31:44 GMT
server: cloudflare
x-goog-hash: crc32c=ScwfzQ==, md5=TQ2sE8yfvJJx4DJjW8zjoQ==
x-goog-stored-content-length: 6584
accept-ranges: bytes
cf-ray: 89770d4ebb98bf2a-WAW

GET
H3 200 buletinfm_master.png
assets.nst.com.my/assets/ 3 KB
4 KB 76ms
75ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/buletinfm_master.png?id=4a791378ee779b0c2f13

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

922fd3b59f984f0cef887aec1f77060ca4cc20d9e521902bf25ab1ecd887b00d

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 36193
x-guploader-uploadid: ACJd0NpjWWyt8xUy_PcUrrurbtR2RRfTopBbJR-k4Ez2QvhSAhpY-Fi4iUpC4pL_Jzer7Oqn0b2yUO3ypg
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="buletinfm_master.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "a8ddde84ebe03db892a8a64f20f27c07"
vary: Accept
x-goog-generation: 1718004249676925
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-language: en
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:05 GMT
date: Fri, 21 Jun 2024 21:22:05 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1718004240
cf-polished: origFmt=png, origSize=7681
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2882
x-xss-protection: 1; mode=block
last-modified: Tue, 18 Jun 2024 07:56:12 GMT
server: cloudflare
x-goog-hash: crc32c=wxI8TQ==, md5=qN3ehOvgPbiSqKZPIPJ8Bw==
x-goog-stored-content-length: 7681
accept-ranges: bytes
cf-ray: 89770d4ebb9abf2a-WAW

GET
H3 200 logo_eightfm_master-01.png
assets.nst.com.my/assets/ 44 KB
45 KB 123ms
121ms Image
image/png 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/logo_eightfm_master-01.png?id=b62c250e1378c15a25b1

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0e659cd697a16b25a9e3302a599e98f454e45dc5ea20becde52e3db469a2120

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1715585493
age: 293910
cf-polished: origSize=98752, status=webp_bigger
x-guploader-uploadid: ABPtcPqdHAzhu4uEyH2jiFycFtr6DAL8_la2n4KyU2ePnUuIelIUC8S43n3hhWmGYiufA32EbAtYfwp_Xg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 44813
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 May 2024 07:31:45 GMT
server: cloudflare
etag: "2dd0556f64877ff03e7494d541657353"
vary: Accept-Encoding
x-goog-generation: 1715585505568270
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=zUP49w==, md5=LdBVb2SHf/A+dJTVQWVzUw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-language: en
x-goog-stored-content-length: 98752
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d4ebb9dbf2a-WAW
expires: Fri, 21 Jun 2024 22:22:05 GMT

GET
H3 200 flyfm_master.png
assets.nst.com.my/assets/ 5 KB
6 KB 123ms
122ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/flyfm_master.png?id=80f32289c944efe8d3af

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e431b90e5caf941cff2dc48cd72842dde4d48dd23002721ab88fb57ce3c88e50

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 16457
x-guploader-uploadid: ACJd0NreOtwRQiiRdVNY0Yf6go2xAV6mEKvFCsAob1zY8AVTX1mPxYuXcDcXT9M6QmgG2PlCOAgsCLxC5Q
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="flyfm_master.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "f1b273d4a13095845f2d78d401e4ca7b"
vary: Accept
x-goog-generation: 1718004250843113
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-language: en
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:05 GMT
date: Fri, 21 Jun 2024 21:22:05 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1718004240
cf-polished: origFmt=png, origSize=10522
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 5390
x-xss-protection: 1; mode=block
last-modified: Tue, 18 Jun 2024 07:56:14 GMT
server: cloudflare
x-goog-hash: crc32c=lm3s+w==, md5=8bJz1KEwlYRfLXjUAeTKew==
x-goog-stored-content-length: 10522
accept-ranges: bytes
cf-ray: 89770d4ebb9ebf2a-WAW

GET
H3 200 molekfm_master.png
assets.nst.com.my/assets/ 14 KB
15 KB 124ms
122ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/molekfm_master.png?id=5bee3440a1332d730f51

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73c3586bcb65622fb069a698756b5302981b05fa5623f47f38d001f9f591453a

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 293910
x-guploader-uploadid: ABPtcPrcrYkos0D4iV7I4SHFFDptSDX56lzHslgNAM-_5ZUI7UNQzshMeA3krAJOUC7WiH4KptA
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="molekfm_master.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "3368733a09b657e5c706f37ba3cc3263"
vary: Accept
x-goog-generation: 1718004252120457
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-language: en
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:05 GMT
date: Fri, 21 Jun 2024 21:22:05 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1718004240
cf-polished: origFmt=png, origSize=27993
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 14492
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jun 2024 07:24:12 GMT
server: cloudflare
x-goog-hash: crc32c=QfdPHg==, md5=M2hzOgm2V+XHBvN7o8wyYw==
x-goog-stored-content-length: 27993
accept-ranges: bytes
cf-ray: 89770d4ebba0bf2a-WAW

GET
H3 200 footer-logo.png
assets.nst.com.my/assets/ 3 KB
4 KB 77ms
76ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/footer-logo.png?id=ece9a04a00702b02644c

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36a40717c9e66d212c9a11f312c0a2f56a77bf497b1214433d2c846175724e35

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 293910
x-guploader-uploadid: ABPtcPqtuGgy4B2mmV9lot3c8ju82LS5tvkoJsZUIfUK5UsLwZXvy83Bav4Aavriv4njeuTWhK_S0tCbCQ
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="footer-logo.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "405025c65ccac784f8ff10c3c2f47936"
vary: Accept
x-goog-generation: 1715945362516544
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
content-language: en
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:05 GMT
date: Fri, 21 Jun 2024 21:22:05 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1715945353
cf-polished: origFmt=png, origSize=7268
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 3110
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jun 2024 07:24:11 GMT
server: cloudflare
x-goog-hash: crc32c=HA6VWg==, md5=QFAlxlzKx4T4/xDDwvR5Ng==
x-goog-stored-content-length: 7268
accept-ranges: bytes
cf-ray: 89770d4ebba2bf2a-WAW

GET
H3 200 NSTMobile.png
assets.nst.com.my/assets/ 5 KB
6 KB 128ms
127ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/NSTMobile.png?id=9fe622a75ca078d5fefd

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

164e25b728d69e104cff2679fdbe9f1bb302c63b0d48954316019b1901747bb0

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 33429
x-guploader-uploadid: ABPtcPpbIsre3OwmKeoGO3nhyilLNIQe7HhSZpYAd75lzAhC6040VpLLv6ddXTnJQUvbZVlsdwuUUEJq6Q
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="NSTMobile.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "4da7836aca91e22c5a5d55fc4679cd8c"
vary: Accept
x-goog-generation: 1713944234595569
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-language: en
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:05 GMT
date: Fri, 21 Jun 2024 21:22:05 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1713944226
cf-polished: origFmt=png, origSize=5940
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 4794
x-xss-protection: 1; mode=block
last-modified: Mon, 13 May 2024 07:31:41 GMT
server: cloudflare
x-goog-hash: crc32c=WLsoNw==, md5=TaeDasqR4ixaXVX8RnnNjA==
x-goog-stored-content-length: 5940
accept-ranges: bytes
cf-ray: 89770d4ebba3bf2a-WAW

GET
H3 200 icon-ios.png
assets.nst.com.my/assets/ 1 KB
2 KB 80ms
78ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/icon-ios.png?id=665d27c9e319c53c91c4

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbaaaac62efda76a2053d058c682c09fa801ecf1f7eb8967c3ea9c40c6375258

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 264136
x-guploader-uploadid: ABPtcPr71h_0UsgKyrkvGRLzo4lt23eZmj9hqLuCN6JP4lIJixJNXUAQpCzg64XNajBzyfcIGLiwUGDALw
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="icon-ios.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "6cc153bb0ef1523ef0372097becf2374"
vary: Accept
x-goog-generation: 1715945362875192
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-language: en
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:05 GMT
date: Fri, 21 Jun 2024 21:22:05 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1715945353
cf-polished: origFmt=png, origSize=4214
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1160
x-xss-protection: 1; mode=block
last-modified: Fri, 17 May 2024 11:29:23 GMT
server: cloudflare
x-goog-hash: crc32c=ZsGvHQ==, md5=bMFTuw7xUj7wNyCXvs8jdA==
x-goog-stored-content-length: 4214
accept-ranges: bytes
cf-ray: 89770d4ebba4bf2a-WAW

GET
H3 200 icon-android.png
assets.nst.com.my/assets/ 1 KB
2 KB 215ms
213ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/icon-android.png?id=0dba54f322386f13020e

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

762b993a82d1c3c930d86f222059b0bbcd0faba40f0e7d4b34799bcc3cca0e7a

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 601381
x-guploader-uploadid: ABPtcPrs8TMHzHj0TLxlYay3HlbvD3AsmsBEEPBTQnFsMyhWtcNRH1FF4X4moveJN1LKHW4APUAnd4Z6ew
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="icon-android.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "dbf7ab667897f3d44189ffc5843da36c"
vary: Accept
x-goog-generation: 1713944237140662
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-language: en
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:05 GMT
date: Fri, 21 Jun 2024 21:22:05 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1713944226
cf-polished: origFmt=png, origSize=3997
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1256
x-xss-protection: 1; mode=block
last-modified: Mon, 13 May 2024 07:31:44 GMT
server: cloudflare
x-goog-hash: crc32c=FL0LtA==, md5=2/erZniX89RBif/FhD2jbA==
x-goog-stored-content-length: 3997
accept-ranges: bytes
cf-ray: 89770d4ebba5bf2a-WAW

GET
H3 200 icon-appgallery.png
assets.nst.com.my/assets/ 2 KB
2 KB 215ms
213ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/icon-appgallery.png?id=d55a059ee197739a02c2

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca36f873de4179ff98881f5ffe29fab13c4a0327bc5539347bb4d671609b156d

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 264136
x-guploader-uploadid: ABPtcPo-QL-htbNmSqQe4SFfDvzS6NoAM-yqRUbH_iBxfxUy_V9v68y-u_EZpAYJc1nyRNsGbwOj2OuqPA
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="icon-appgallery.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "d783784cf464b5b735579a5c0ca3cb02"
vary: Accept
x-goog-generation: 1715945362865461
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-language: en
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:05 GMT
date: Fri, 21 Jun 2024 21:22:05 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1715945353
cf-polished: origFmt=png, origSize=3546
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1536
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jun 2024 07:24:11 GMT
server: cloudflare
x-goog-hash: crc32c=u47lFg==, md5=14N4TPRktbc1V5pcDKPLAg==
x-goog-stored-content-length: 3546
accept-ranges: bytes
cf-ray: 89770d4ebba6bf2a-WAW

GET
H3 200 NSTepaper.png
assets.nst.com.my/assets/ 4 KB
5 KB 81ms
79ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/NSTepaper.png?id=59aa315f4b824baf1640

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4325234993fd7fca892b655018e0f70a51582869cb038cfdebe0576bc4154fa8

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 264136
x-guploader-uploadid: ABPtcPppFIxXzzrP08eAsHSfTYtdD-FAeLNF_wW9uCJ6LJJUw86FxzCuKcHY-fTJ9aIBTmqP7Y0
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="NSTepaper.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "3c4ed95ab09b55b608264f3313031d04"
vary: Accept
x-goog-generation: 1715945359876531
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-language: en
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:05 GMT
date: Fri, 21 Jun 2024 21:22:05 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1715945353
cf-polished: origFmt=png, origSize=5475
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 4188
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jun 2024 07:24:08 GMT
server: cloudflare
x-goog-hash: crc32c=nISxHg==, md5=PE7ZWrCbVbYIJk8zEwMdBA==
x-goog-stored-content-length: 5475
accept-ranges: bytes
cf-ray: 89770d4ebba7bf2a-WAW

GET
H2 200 rocket-loader.min.js Show response
www.nst.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 45ms
44ms Script
application/javascript 2606:4700::6812:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nst.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:51c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Jun 2024 08:39:32 GMT
server: cloudflare
etag: W/"66729944-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 89770d4e2c91bbef-FRA
expires: Sun, 23 Jun 2024 21:22:05 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 208ms
115ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Origin: https://www.nst.com.my
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 89770d4ebebb18f7-FRA

GET
H2 200 css
fonts.googleapis.com/ 2 KB
623 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/css/desktop/app.css?id=c7bf67ca33173e26b2ad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab535a911215b95d5c4be7dc2858f6f2cdbfaa716f0395759092bd4d768485cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://assets.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jun 2024 21:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 19:22:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jun 2024 21:22:05 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 206 KB
46 KB 145ms
44ms Script
text/javascript 54.230.228.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-32.muc50.r.cloudfront.net

Software

Resource Hash

98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:16:47 GMT
content-encoding: gzip
via: 1.1 1457b39f2ccd71582289928342a87178.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P5
age: 318
etag: W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: O8pkSYUsyfc_rJALvY6T7meZ1jDDWWOoG3LounsVrnATcdfipizwTw==

GET index.js
podcast.mediaprimalabs.com/ 0
0

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/7270/ 62 KB
19 KB 134ms
45ms Script
text/javascript 18.239.18.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/7270/lt.min.js
Requested by: Host: www.nst.com.my
URL: https://www.nst.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-78.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 213d6561fb5f92bf4ae10fbddfbb86003461d23394f297d8aa2589d64a9d7173

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 18:42:41 GMT
content-encoding: gzip
via: 1.1 11e924fe383f6400148d019b996a5864.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 13:22:53 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P6
age: 9565
x-amz-server-side-encryption: AES256
etag: W/"b3b734f7e3ba861ae9a00cf05881ce27"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: s-qeM2_bVxFAJO2oCwPeVx0bMEX26uBQq32_PGWUSMk7LE_3dz_IBA==

GET
H2 200 tag Show response
btloader.com/ 55 KB
19 KB 140ms
53ms Script
application/javascript 2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5076032366837760&upapi=true
Requested by: Host: www.nst.com.my
URL: https://www.nst.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df23d2add48a1050a06835ec7001ea1b2a7d62ca1a011accbd7a1b96ed581c53

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 21 Jun 2024 20:29:53 GMT
server: cloudflare
age: 3114
etag: "93cee8a215f59df5c53b89447e5c977a"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 89770d4fafb33737-FRA
content-length: 18777

GET
H2 200 revac.min.js Show response
ad.mediaprimaplus.com.my/ 19 KB
8 KB 622ms
504ms Script
application/javascript 2606:4700::6812:10d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.mediaprimaplus.com.my/revac.min.js

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:10d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e233b50793fa7439ab4d682ca26652341687d50278fc435f4878706812c2dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-guploader-uploadid: ACJd0Np0DiJ8egC630Y9m4kQWE5iydzdhvPNaQC4c2f5BZNJTG5zPciR1pxyLbjOV9IHuM4qGKU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 29 Apr 2022 01:26:29 GMT
server: cloudflare
etag: W/"4c588091328575df9aa141fec9b135ea"
x-frame-options: SAMEORIGIN
x-goog-generation: 1651195589942021
content-type: application/javascript
x-goog-hash: crc32c=5ZKxvw==, md5=TFiAkTKFdd+aoUH+ybE16g==
cache-control: no-store
x-goog-stored-content-length: 19219
cf-ray: 89770d4fddfa382c-FRA
expires: Sat, 21 Jun 2025 21:22:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
87 KB 165ms
75ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-845503338

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51f53818eacca2a923cc3ebe11ed558a480681841253f1ba3a29cf29ce314390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88943
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 21:06:23 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jun 2024 21:22:05 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
32 KB 160ms
80ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

5897129076752089d01127b22014f31d71f78bc74c297823eae08df185c0d83a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32238
x-xss-protection: 0
server: cafe
etag: 220 / 19895 / 31084716 / config-hash: 994685364493883849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Jun 2024 21:22:05 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
52 KB 166ms
86ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7290637544752706

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

724a74d42f16c8ebec9346cd53593b9f32059b499473a8938bb7d5ec964c616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Origin: https://www.nst.com.my
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52850
x-xss-protection: 0
server: cafe
etag: 12872887431728518953
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 21 Jun 2024 21:22:05 GMT

GET
H3 200 icofont.woff2
assets.nst.com.my/assets/css/fonts/ 525 KB
526 KB 125ms
70ms Font
application/octet-stream 104.18.5.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.nst.com.my/assets/css/fonts/icofont.woff2

Requested by

Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/css/libraries.css?id=7979572225756f8aee4c

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.5.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://assets.nst.com.my/assets/css/libraries.css?id=7979572225756f8aee4c
Origin: https://www.nst.com.my
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1713944226
age: 138251
x-guploader-uploadid: ABPtcProQRM17fwrBL0Mk4RUOPSez9EXFdhf3NJYMFv1yn6aDPBiBVI1Udkyq9LJOvay2YxLL3ohVSy-oQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 537868
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 13 May 2024 07:31:43 GMT
server: cloudflare
etag: "50a4ab76e700a83e649be213f820fbbd"
vary: Accept-Encoding
x-goog-generation: 1713944236327332
content-type: application/octet-stream
content-language: en
x-goog-hash: crc32c=i3BDpQ==, md5=UKSrducAqD5km+IT+CD7vQ==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 537868
access-control-allow-origin: *
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d4f98b1bfd5-WAW
expires: Fri, 21 Jun 2024 22:22:05 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 178ms
83ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,500i|Roboto:400,400i,500,500i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b52de70853ed4bac82f0c4cc5d6c7da8d588de61d97e8c30b99e40eefcde5a44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.nst.com.my
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:44:43 GMT
x-content-type-options: nosniff
age: 283042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15100
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:45:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:44:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 146ms
52ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,500i|Roboto:400,400i,500,500i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.nst.com.my
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:43:19 GMT
x-content-type-options: nosniff
age: 283126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:43:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 135ms
41ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,500i|Roboto:400,400i,500,500i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.nst.com.my
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 19:32:50 GMT
x-content-type-options: nosniff
age: 6555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Jun 2025 19:32:50 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/revmediagroup-newstraitstimes/ 862 KB
216 KB 133ms
41ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/revmediagroup-newstraitstimes/loader.js
Requested by: Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccf209e14026261377324dcbd59c635bb682dd5dcc4b4e55393022a1d76590be

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: MrkkEvjEJKUiSVISMGDljgbxmNqDJ7Y0
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jun 2024 21:22:05 GMT
x-amz-request-id: Q157ZHTD2DNS4N6A
age: 24
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 220865
x-amz-id-2: RkE5ZIzs5/ckC+JDiNQx3QiQg+LXMlmRVnuQsyoUk4CBtEL4UBRnyU5p+4CE7OX2Ux0IPED4r28KtMKvCTv2vnEmsciZTZtlQ3jcn945K6E=
x-served-by: cache-fra-etou8220159-FRA
last-modified: Fri, 21 Jun 2024 09:05:43 GMT
server: AmazonS3
x-timer: S1719004926.841941,VS0,VE2
etag: "96ff5e8fd4002feed747cb860b35b2ad"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 43
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/121793/360/ 538 KB
172 KB 854ms
279ms Script
application/javascript 23.32.224.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Requested by: Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.224.239 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-224-239.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 783b5c486cc38a6049a49b3098f92752a7d0a22041fb111b78962a089f48f285

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
content-encoding: gzip
last-modified: Thu, 20 Jun 2024 07:29:05 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=36448
accept-ranges: bytes
content-length: 175732
expires: Sat, 22 Jun 2024 07:29:34 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 382 KB
118 KB 79ms
78ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TF3NG6

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16c655e2d9a706a8a0f109a5644ecfd4a200b16ca7734e25ea78573ef34cdce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121062
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jun 2024 21:22:05 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 123ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 21:22:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: HPaeL0EfEogHflscD3T1YJn7JQgErD8e5elttTN/ccwZBToglGUjLMNHDuAz9K7WPH9EsC+KhON+gzVUjKPxIA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406200101/ 431 KB
146 KB 189ms
110ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7290637544752706&plah=www.nst.com.my&aplac=true&bust=31084765

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7290637544752706

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

38e9e5fdd5b94e5984d595cd002166d5bff0796b950927d00c13913d33c44262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149071
x-xss-protection: 0
server: cafe
etag: 10960646325706235967
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Jun 2024 21:22:05 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/ 463 KB
144 KB 40ms
40ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js?cb=31084716

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 11:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34402
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147664
x-xss-protection: 0
server: cafe
etag: 1926151935331161023
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 21 Jun 2025 11:48:43 GMT

GET
H2 200 tag
btloader.com/ 55 KB
36 B 51ms
51ms Other
application/javascript 2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5076032366837760&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df23d2add48a1050a06835ec7001ea1b2a7d62ca1a011accbd7a1b96ed581c53

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Jun 2024 20:29:53 GMT
server: cloudflare
age: 3114
etag: "93cee8a215f59df5c53b89447e5c977a"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 89770d523ad53737-FRA
content-length: 18777

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 243ms
153ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5076032366837760&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 21 Jun 2024 21:22:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
917 B 134ms
48ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1552423
x-guploader-uploadid: ABPtcPoL0XC8KArbJKu6QSTO5pu3I7XO1ez8eat0_1lzuzKPQaVq7bmvAaf7dM4JhcAllFEoxdxPFL7-Zw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TVHpleYdqXW%2Flx46Zx6vEmF19zGRLoS%2FxrXunZ80gs9egIpLIvngibEaSSPoGtXa3ebn37NuKVJy8ThqqHHafhs%2BR7MvcUtCJIn9Bt6ddBtxJDjGgrHyYuMW3oFrif6Zy8WSAc2ZAm98iayUKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 89770d52c9cd929c-FRA
expires: Mon, 03 Jun 2024 22:33:32 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 90ms
39ms Image
image/x-icon 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 14:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jun 2024 14:45:33 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
341 B 139ms
54ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.7907139196137738
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1552423
x-guploader-uploadid: ABPtcPoL0XC8KArbJKu6QSTO5pu3I7XO1ez8eat0_1lzuzKPQaVq7bmvAaf7dM4JhcAllFEoxdxPFL7-Zw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eq2Kav2%2BTKHBs%2BmjzkoG5vfN%2Fy80UVMhS8jvLN1xEFYk6tqkfvcZiconsEQZm57hZj96BFv4mbD%2BQNo2Yh5StbNghbuLJixuHi7jE79r%2Bx2RQkSPnvTIY70tl1T0Gxu%2Fyz6vp2tjteG8iOwNJw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 89770d52c9cb929c-FRA
expires: Mon, 03 Jun 2024 22:33:32 GMT

OPTIONS
H2 200 _search
mp-bigdata.es.asia-southeast1.gcp.elastic-cloud.com/nst_branded_rec/ Frame 0
0 774ms
232ms Preflight 34.87.4.75
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mp-bigdata.es.asia-southeast1.gcp.elastic-cloud.com/nst_branded_rec/_search
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.87.4.75 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 75.4.87.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-csrf-token,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.nst.com.my
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: https://www.nst.com.my
access-control-max-age: 60
content-length: 0
date: Fri, 21 Jun 2024 21:22:06 GMT
vary: origin
x-cloud-request-id: J-tBjTVCS_i14bsjJB1u8Q
x-found-handling-cluster: 285432a8bd274cd2934b63e199a3ae11
x-found-handling-instance: instance-0000000006

GET
H3 200 NST-Logo.png
assets.nst.com.my/assets/ 4 KB
5 KB 79ms
78ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/NST-Logo.png?id=e8c11e9a69c90c7834aa

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

663d73e795012ea95da9b2401ef9674d7e612c5e826e9d80bfe0d826289efb43

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 264133
x-guploader-uploadid: ABPtcPo_TjLrMWYbWXfxVh03cC3Ll5YztcVFz2G8zg8h1kPy-qqrzoFoldv9IOI08ypoIo4hCpM
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="NST-Logo.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "db7b52f68a888c95e62b096dece48274"
vary: Accept
x-goog-generation: 1718004247924629
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-language: en
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:05 GMT
date: Fri, 21 Jun 2024 21:22:05 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1718004240
cf-polished: origFmt=png, origSize=7702
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 4112
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jun 2024 07:24:08 GMT
server: cloudflare
x-goog-hash: crc32c=SwKL7w==, md5=23tS9oqIjJXmKwlt7OSCdA==
x-goog-stored-content-length: 7702
accept-ranges: bytes
cf-ray: 89770d530a2bbf2a-WAW

GET
H3 200 Business-Times-Logo.png
assets.nst.com.my/assets/ 1 KB
2 KB 77ms
77ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/Business-Times-Logo.png?id=111ddd4a991cdcf4c14e

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c882583ca18b5e8a83982f3fbfead8982638ddc44b5a571591e5a86debab023

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 264133
x-guploader-uploadid: ABPtcPpTjcQDUDdpKZrc_S9ocLeAplHN3kO_xDW3ntq48-52fYuxjOaC_uGE-xy-NL5LrN0jfp0
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="Business-Times-Logo.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "f0a742e25a1ab17e4ebb6f84b88109ca"
vary: Accept
x-goog-generation: 1715945359402005
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-language: en
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:05 GMT
date: Fri, 21 Jun 2024 21:22:05 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1715945353
cf-polished: origFmt=png, origSize=1779
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1334
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jun 2024 07:24:08 GMT
server: cloudflare
x-goog-hash: crc32c=7uQ4Tg==, md5=8KdC4loasX5Ou2+EuIEJyg==
x-goog-stored-content-length: 1779
accept-ranges: bytes
cf-ray: 89770d530a2dbf2a-WAW

GET
H3 200 tweek2_1718858473.jpg
assets.nst.com.my/images/articles/ 54 KB
55 KB 134ms
133ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/tweek2_1718858473.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fadd9372d97ec00c15f8b51add6a2558706a2544486375b003bf48aa59d6ad86

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 41700
cf-polished: qual=85, origFmt=jpeg, origSize=144149
x-guploader-uploadid: ACJd0Np8mCA54-AF6Kg-q4etrPH3rkWvxPlyyt6InuXdXkd56044bLKjJLo3wLT9MnWCTLy-IWM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="tweek2_1718858473.webp"
alt-svc: h3=":443"; ma=86400
content-length: 55732
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Thu, 20 Jun 2024 04:41:13 GMT
server: cloudflare
etag: "e25fe4c8febf29026284740ff2c6f016"
vary: Accept
x-goog-generation: 1718858473703245
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=fbE/8A==, md5=4l/kyP6/KQJihHQP8sbwFg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 144149
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d530a2fbf2a-WAW
expires: Fri, 21 Jun 2024 22:22:05 GMT

GET
H2 200 _search Show response
mp-bigdata.es.asia-southeast1.gcp.elastic-cloud.com/nst_branded_rec/ 12 KB
4 KB 233ms
233ms XHR
application/json 34.87.4.75
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mp-bigdata.es.asia-southeast1.gcp.elastic-cloud.com/nst_branded_rec/_search
Requested by: Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4022ad2b98707f9801da
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.87.4.75 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 75.4.87.34.bc.googleusercontent.com
Software: /
Resource Hash: 24814a969a7644ab461e5bfea0e863b91c401fa85575da9048677151afc9b87b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-CSRF-TOKEN: 9Dfa3jx6nFCQBXIMFMy6CeUlweKphVv8rNPMGtWH
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: ApiKey bFVOOUVvNEJ4N283OXQyZndCRTU6OFNOVE5uNGJTbDI2ZjVhX1dScVFhZw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.nst.com.my/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
content-encoding: gzip
x-found-handling-instance: instance-0000000005
x-found-handling-cluster: 285432a8bd274cd2934b63e199a3ae11
vary: origin
x-elastic-product: Elasticsearch
access-control-allow-origin: https://www.nst.com.my
content-type: application/json
x-cloud-request-id: LTC7GfEKRACvzNqs7NQLdA
content-length: 3518

GET
H3 200 trending Show response
www.nst.com.my/api/ 123 KB
88 KB 85ms
85ms XHR
application/json 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nst.com.my/api/trending?limit=8

Requested by

Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4022ad2b98707f9801da

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36a2542573bb16037c4ec284b228e30c356f71f3a088209ee8922909c8e98bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-response-encrypted: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json;charset=utf-8
Accept: application/json, text/plain, */*
Referer: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell
x-request-encrypted: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:05 GMT
via: 1.1 google
x-content-type-options: ALLOW
strict-transport-security: max-age=31536000; includeSubDomains
x-response-encrypted: 1
cf-cache-status: HIT
age: 194
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 21 Jun 2024 21:16:55 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: allow-from http://digital.nstp.com.my/
content-type: application/json
cache-control: public, max-age=10
cf-ray: 89770d531a47bf2a-WAW
expires: Fri, 21 Jun 2024 21:22:15 GMT

GET
H3 200 1065932 Show response
www.nst.com.my/api/statistic/add/ 0
300 B 2167ms
2167ms XHR
text/html 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nst.com.my/api/statistic/add/1065932

Requested by

Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4022ad2b98707f9801da

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-response-encrypted: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json;charset=utf-8
Accept: application/json, text/plain, */*
Referer: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell
x-request-encrypted: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:08 GMT
via: 1.1 google
x-content-type-options: ALLOW
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 21 Jun 2024 21:09:46 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: allow-from http://digital.nstp.com.my/
content-type: text/html; charset=UTF-8
cache-control: private, max-age=30
cf-ray: 89770d531a4cbf2a-WAW

GET
H3 200 trending Show response
www.nst.com.my/api/ 88 KB
62 KB 181ms
180ms XHR
application/json 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nst.com.my/api/trending?limit=6

Requested by

Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4022ad2b98707f9801da

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21fb3a46a5410b6155db87541340d3e9de41cd12fd00692d4e92f94c533a244c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-response-encrypted: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json;charset=utf-8
Accept: application/json, text/plain, */*
Referer: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell
x-request-encrypted: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
via: 1.1 google
x-content-type-options: ALLOW
strict-transport-security: max-age=31536000; includeSubDomains
x-response-encrypted: 1
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 21 Jun 2024 21:21:56 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: allow-from http://digital.nstp.com.my/
content-type: application/json
cache-control: public, max-age=10
cf-ray: 89770d531a4fbf2a-WAW
expires: Fri, 21 Jun 2024 21:22:16 GMT

GET
H3 200 articles Show response
www.nst.com.my/api/ 156 KB
111 KB 230ms
229ms XHR
application/json 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nst.com.my/api/articles?sttl=true&page_size=7

Requested by

Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4022ad2b98707f9801da

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33b4a953f51f1db2ff9cfaf28f2cfff3a2ea4f2bf8e9ba2f967a610c3ab2899e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-response-encrypted: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json;charset=utf-8
Accept: application/json, text/plain, */*
Referer: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell
x-request-encrypted: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
via: 1.1 google
x-content-type-options: ALLOW
strict-transport-security: max-age=31536000; includeSubDomains
x-response-encrypted: 1
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 21 Jun 2024 21:21:14 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: allow-from http://digital.nstp.com.my/
content-type: application/json
cache-control: private, max-age=30
cf-ray: 89770d531a51bf2a-WAW

GET
H3 200 1065932 Show response
www.nst.com.my/api/related/ 169 KB
120 KB 1059ms
1059ms XHR
application/json 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nst.com.my/api/related/1065932?page_size=8

Requested by

Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4022ad2b98707f9801da

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71401ee292bb12136017228505f05856ac76e800fadee1e758462959ff9d2d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-response-encrypted: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json;charset=utf-8
Accept: application/json, text/plain, */*
Referer: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell
x-request-encrypted: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
via: 1.1 google
x-content-type-options: ALLOW
strict-transport-security: max-age=31536000; includeSubDomains
x-response-encrypted: 1
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 21 Jun 2024 21:11:30 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: allow-from http://digital.nstp.com.my/
content-type: application/json
cache-control: private, max-age=30
cf-ray: 89770d531a57bf2a-WAW

GET
H3 200 1065932 Show response
www.nst.com.my/api/related/ 74 KB
53 KB 872ms
872ms XHR
application/json 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nst.com.my/api/related/1065932?page_size=4

Requested by

Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4022ad2b98707f9801da

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127901a094d25099f4fe243d5536e6897a674fb96f0392223bf4933d45c09e73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-response-encrypted: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json;charset=utf-8
Accept: application/json, text/plain, */*
Referer: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell
x-request-encrypted: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
via: 1.1 google
x-content-type-options: ALLOW
strict-transport-security: max-age=31536000; includeSubDomains
x-response-encrypted: 1
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 21 Jun 2024 21:11:30 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: allow-from http://digital.nstp.com.my/
content-type: application/json
cache-control: private, max-age=30
cf-ray: 89770d531a59bf2a-WAW

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,500i|Roboto:400,400i,500,500i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.nst.com.my
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:21:51 GMT
x-content-type-options: nosniff
age: 280814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:21:51 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/845503338/ 3 KB
2 KB 125ms
60ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/845503338/?random=1719004925959&cv=11&fst=1719004925959&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&label=o7D8CN_ircIDEOq2lZMD&hn=www.googleadservices.com&frm=0&tiba=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&npa=1&pscdl=noapi&auid=422642575.1719004926&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-845503338

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1e434abe78389e9fb6743f2e6d22f2a148c1ce1b357cd20449ccb1559f3022c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 21:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1687
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 186ms
56ms XHR
application/json 52.19.165.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/7270/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.165.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-165-229.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: caca0ad15d602cbfdf4db636d9048bafb67e96ea6a414c956e0020265d45aadc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 21:22:06 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.nst.com.my
cache-control: no-cache
x-server: 10.45.12.199
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 favicon.ico
assets.nst.com.my/assets/ 1 KB
1 KB 174ms
174ms Other
image/vnd.microsoft.icon 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.nst.com.my/assets/favicon.ico?id=559349c1e90bff2b6724

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cee74aa6741401333a88a5e506360627999e4a298f3e03cf978a4e97497b3dc

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
content-encoding: br
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1715069633
age: 597028
x-guploader-uploadid: ABPtcPoGEMG67eJG7OPuCfSrI_hifdcW6ZWeo-UxJB9atOQtlYttpS-CtRWFkL8B9cqJFt4AuQbP5x9tAg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 13 May 2024 07:31:44 GMT
server: cloudflare
etag: W/"0d4a8c55bbfd7d2f743b9dec38ae59c3"
vary: Accept-Encoding
x-goog-generation: 1715069646645196
content-language: en
content-type: image/vnd.microsoft.icon
x-goog-hash: crc32c=F0W7Ag==, md5=DUqMVbv9fS90O53sOK5Zww==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1150
access-control-allow-origin: *
x-frame-options: allow-from http://digital.nstp.com.my/
cf-ray: 89770d537ac0bf2a-WAW
expires: Fri, 21 Jun 2024 22:22:06 GMT

GET
H2 200 64dcce8349be9c0019c45642.js Show response
buttons-config.sharethis.com/js/ 531 B
978 B 189ms
54ms Script
text/javascript 2600:9000:2729:800:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/64dcce8349be9c0019c45642.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2729:800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

888418ce4f0ed190174820173aa25934ef8b60c062626727cf57784eec9ab148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:21:56 GMT
via: 1.1 f0ff45e105821feb76f7404e065f9c6e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: CDG52-P3
age: 45
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 531
last-modified: Thu, 24 Aug 2023 04:37:59 GMT
server: AmazonS3
etag: "a5111763c9a7fbcb54060dd0c00ac64d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
x-amz-cf-id: Q1L2u5_kENvgR5mYgpFmWwF_Em9rBsdL9mr_GROjUCwmOPdK8VaqUA==

POST
H3 204 rum Show response
www.nst.com.my/cdn-cgi/ 0
141 B 156ms
156ms XHR
text/plain 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nst.com.my/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.nst.com.my
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 89770d539af3bf2a-WAW

HEAD
H3 200 conversion_async.js
www.googleadservices.com/pagead/ 0
0 74ms
74ms Fetch
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: ad.mediaprimaplus.com.my
URL: https://ad.mediaprimaplus.com.my/revac.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19406
x-xss-protection: 0
server: cafe
etag: 17450929679873186259
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 Jun 2024 21:22:06 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
401 B 188ms
43ms XHR
text/plain 18.156.64.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=www.nst.com.my&location=%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&product=sop&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&cms=unknown&publisher=64dcce8349be9c0019c45642&sop=true&version=st_sop.js&lang=en&description=KUALA%20LUMPUR%3A%20Terrified%20passengers%20described%20it%20as%20%E2%80%9Ca%20ride%20through%20hell%E2%80%9D%2C%20when%20the%20Light%20Rail%20Transit%20(LRT)%20train%20they%20were%20in%20passed%20by%20a%20raging%20inferno%20in%20Pudu%20on%20Tuesday.&ua=%22Google%20Chrome%22%3Bv%3D%22126%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22126%22&ua_mobile=false&ua_platform=Win32&ua_full_version_list=%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22126.0.6478.114%22%2C%20%22Google%20Chrome%22%3Bv%3D%22126.0.6478.114%22&ua_platform_version=10.0.0&uuid=4dc4e6d9-8ff6-48a0-bb3a-5ba42419261f

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.156.64.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-64-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 21:22:06 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://www.nst.com.my
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 1574304145947553 Show response
connect.facebook.net/signals/config/ 68 KB
14 KB 98ms
97ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1574304145947553?v=2.9.158&r=stable&domain=www.nst.com.my&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

02d66da36fd78a6a7c74c4a049dd5ca2f918d94b810f00959815dbd8e2a7f407

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 21:22:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=64, mss=1297, tbw=63563, tp=-1, tpl=-1, uplat=56, ullat=0
pragma: public
x-fb-debug: G1ah8T7Lfh5haWT9Om9R+SXVW59CInYJE3zPOLDsMmvBac+MU4b5IiCY80Jz1eiUd47twy8lcNKCQeKeyYjPbg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1009103 Show response
fundingchoicesmessages.google.com/i/ 197 KB
66 KB 189ms
90ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/1009103?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js?cb=31084716

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e033562ad304266f55c085f02062ed357fa363096f1ad154bc3382d32b9a40c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OyptS6GsWasEjb-zi8mbSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-OyptS6GsWasEjb-zi8mbSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtHikmJw1ZBiWMS_i-m80x2m60As8fUlkwYQO6XPYA0CYp_6GawxQNx68xzrVCD-_Pgc628gTvp3nrUIiJdEXGQ9lAjEjy-yngJiIW6Of3evb2YTePByVrGSRlJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalG8kYGRiYGZoaWegWl8gQEApaE74A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 50D0 0
0 123ms
39ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revmediagroup-newstraitstimes/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.nst.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

abp: 20
accept-ranges: bytes
access-control-allow-origin: *
age: 49431
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Fri, 21 Jun 2024 21:22:06 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: WJ7HUWSXwQk7466uNAlUKnkvOaQ+POcvqF9iHiQx6M6a4TrwqSMJNOtgmd6o8plWeZEczvb4/r4=
x-amz-replication-status: COMPLETED
x-amz-request-id: AKPH57N3AWSG1NJ9
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 31687
x-served-by: cache-fra-etou8220101-FRA
x-timer: S1719004926.209655,VS0,VE0

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
446 B 135ms
42ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revmediagroup-newstraitstimes/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 306645
expires: 60

GET
H2 200 impl.20240613-38-RELEASE.js Show response
cdn.taboola.com/libtrc/ 894 KB
182 KB 41ms
41ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revmediagroup-newstraitstimes/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 47e4dc7f1b1175872ccfd77af5f2b8deb9369da8bf33b126121ae25c5af845e6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: msOCgMp9Z6nbCXOpVpn0WquA3P6W4tu.
content-encoding: br
via: 1.1 varnish
date: Fri, 21 Jun 2024 21:22:06 GMT
x-amz-request-id: 08YYWEEW6XV5RQV4
age: 20865
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 185973
x-amz-id-2: Dk2r1nrhE2mfyxqUVYokSQlsqDdKHpx6kiet8bItjrDXaXGS/ysLXvcBi4VcUf1Hm0YYQBHa6zU=
x-served-by: cache-fra-etou8220159-FRA
last-modified: Sun, 16 Jun 2024 15:30:34 GMT
server: AmazonS3-br
x-timer: S1719004926.131615,VS0,VE0
etag: "042851c31b8a4c3431c8a5dc787dcb70"
vary: Accept-Encoding
content-type: application/javascript
abp: 93
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 32936

GET
H2 200 country Show response
api.btloader.com/ 37 B
162 B 153ms
152ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country?o=5076032366837760
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5076032366837760&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 321 KB
106 KB 76ms
75ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-81X23X7WB2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF3NG6

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3a7efde66e22853d02994c215a8fbbfbcdbfbfec3a7f22b4c637743b65451bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108380
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Jun 2024 21:22:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 131ms
39ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF3NG6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Jun 2024 19:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6063
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 21 Jun 2024 21:41:03 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 245 KB
87 KB 87ms
87ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-845503338&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF3NG6

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6a73e1bd815396a8050c245ca195d72fbd687528a8ee214b5b3604eea5d9840f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88984
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jun 2024 21:22:06 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 159ms
42ms Script
application/x-javascript 2600:9000:2394:d000:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF3NG6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:d000:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:30:20 GMT
content-encoding: gzip
via: 1.1 b3ca057e9cdd89c43806ec06db3b4046.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: AMS1-P2
age: 17505
etag: W/"6583925f-5f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: te7O5fBLo5_VVyyp4-W54d7MeQ9QWul5VBt1R-lnJp-Olb76WjQ-aQ==
expires: Sat, 22 Jun 2024 16:30:20 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 139ms
44ms Script
text/javascript 18.165.242.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.242.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-242-4.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 00:11:25 GMT
content-encoding: gzip
via: 1.1 83748dec2c3277a9909342c9aa22eb86.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 13:20:45 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P6
age: 76242
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: OOnexfeG5M6pH8zh1oVBkebmhVbEA0zvgMA5RL8xvCA3uTf0BW0Zrw==

GET
H2 200 56l9s1dacx Show response
www.clarity.ms/tag/ 718 B
1 KB 307ms
130ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/56l9s1dacx
Requested by: Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b995cd44d74c6ed0db1ed16d7650d33109b5fc50902ff44eaced2429f53ba1a5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Fri, 21 Jun 2024 21:22:06 GMT
x-azure-ref: 20240621T212206Z-17d856f5577q5r4r26wm4z31es00000004eg00000000ga69
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 718
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 heartbeat.min.js Show response
heartbeat.mediaprimaplus.com.my/ 110 KB
39 KB 452ms
399ms Script
application/javascript 2606:4700::6812:10d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heartbeat.mediaprimaplus.com.my/heartbeat.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF3NG6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:10d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

921e931d131b3e5df4cd700f147992c745398d7503938a1e73742fc0642a0a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-guploader-uploadid: ACJd0Nr_oKUnibn-VRe5a_zZbKX6HxYFdINg02qXV5Gu-bH3S4K4tm5oQS5JQMQg-cwob8e6ahY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 14 Aug 2023 04:04:50 GMT
server: cloudflare
etag: W/"5f725977c0ffda5b4f37aba4a56c9b6c"
x-frame-options: SAMEORIGIN
x-goog-generation: 1691985890041510
content-type: application/javascript
x-goog-hash: crc32c=JcAjSg==, md5=X3JZd8D/2ltPN6ukpWybbA==
cache-control: no-store
x-goog-stored-content-length: 112773
cf-ray: 89770d550d88382c-FRA
expires: Sat, 21 Jun 2025 21:22:06 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 1136ms
278ms Script
text/javascript 104.78.73.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF3NG6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.78.73.124 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-78-73-124.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 06ed0d809178333c4cc4e1442b50e1f2e076b947466c4a204202fc90df34f833

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: IwRCxZF1T4gMT4TMeNkDrOCkruVfKfAe
date: Fri, 21 Jun 2024 21:22:07 GMT
content-encoding: br
last-modified: Wed, 28 Feb 2024 14:26:38 GMT
x-amz-request-id: PKACZ36PC2GTBAH7
etag: "d86492df4bad2a485597bfa437c78ad2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3393
x-amz-id-2: tMfHJY5g+NS91s4n/4Okgv+A/htCevWvm786cVBL3p3A6FPwA2kOMA+YYpiWQFySvMzN5Meit1w=

POST
H2 200 json Show response
trc.taboola.com/revmediagroup-newstraitstimes/trc/3/ 98 KB
24 KB 652ms
651ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/revmediagroup-newstraitstimes/trc/3/json?llvl=2&tim=23%3A22%3A06.116&lti=trecs&pubit=i&t=1&data=%7B%22id%22%3A%2215638%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1719004926116%2C%22cv%22%3A%2220240613-38-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell%22%2C%22vpi%22%3A%22%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2415%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22cd%22%3A2061.64%2C%22mw%22%3A795%7D%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.114%22%7D%2C%22cacheKey%22%3A%22text%3D%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1718960740035%2C%22wc%22%3Atrue%2C%22pa%22%3A%7B%22en%22%3Atrue%2C%22su%22%3Atrue%7D%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revmediagroup-newstraitstimes/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0926f1edc8a63320c653332c2577bdbad5999456aa9017acf8902a72ffe871b3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 611
date: Fri, 21 Jun 2024 21:22:06 GMT
content-encoding: gzip
via: 1.1 varnish
x-datadome: protected
cpu: 0.6020833333333333
x-fastly-to-nlb-rtt: 7439
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-etou8220159-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1719004926.244438,VS0,VS0,VE611
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.nst.com.my
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 SCAM_NSTfield_image_listing_featured_v2.var_1718992353.jpg
assets.nst.com.my/images/articles/ 81 KB
81 KB 85ms
84ms Image
image/jpeg 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/SCAM_NSTfield_image_listing_featured_v2.var_1718992353.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0681e97e806a4985a44303cc0c27ae81454524cb04097d70b3420b8a59e9e266

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 8699
cf-polished: degrade=85, origSize=89213, status=webp_bigger
x-guploader-uploadid: ACJd0NrCok3xW7oYMIZyzqqhSyTpb5AgpBnyiKBUkDIq2Bs9bS1hYVrDwTB_W-kvQ0qa2oC2pDkn_5r2Ug
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 82441
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Fri, 21 Jun 2024 17:52:33 GMT
server: cloudflare
etag: "109babbd43e2f57e83893fd5470449d3"
vary: Accept-Encoding
x-goog-generation: 1718992353156824
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=oqqhaw==, md5=EJurvUPi9X6DiT/VRwRJ0w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 89213
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d552d50bf2a-WAW
expires: Fri, 21 Jun 2024 22:22:06 GMT

GET
H3 200 02immi210624sp_NSTfield_image_listing_featured_v2.var_1718984239.jpg
assets.nst.com.my/images/articles/ 41 KB
41 KB 73ms
71ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/02immi210624sp_NSTfield_image_listing_featured_v2.var_1718984239.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75932962593d42a9de6322fe349066fad1f7ae792eeb4c05bcc4a68fb0e19762

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 5489
cf-polished: qual=85, origFmt=jpeg, origSize=68014
x-guploader-uploadid: ACJd0NoC4qfRaUiDKBpiFKvVETjXbEQo2KagSC5FAhpvCWD_eiA4dNqYVKpmEXk6TjTpdeFo9qM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="02immi210624sp_NSTfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 41732
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Fri, 21 Jun 2024 15:37:19 GMT
server: cloudflare
etag: "e20d90ad8028a8c3f7dffff0eaca5dfe"
vary: Accept
x-goog-generation: 1718984239026902
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=R4bvhA==, md5=4g2QrYAoqMP33//w6spd/g==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 68014
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d552d55bf2a-WAW
expires: Fri, 21 Jun 2024 22:22:06 GMT

GET
H3 200 216FRAUD_NSTfield_image_listing_featured_v2.var_1718967786.jpg
assets.nst.com.my/images/articles/ 51 KB
52 KB 120ms
119ms Image
image/jpeg 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/216FRAUD_NSTfield_image_listing_featured_v2.var_1718967786.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f30f6d693df2d7b86700b7e2e60987e86ab144be9031b494c335032640bd856f

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 36190
cf-polished: origSize=56135, status=webp_bigger
x-guploader-uploadid: ACJd0Npl3rNeE5KbR24lySI1DbjR0USvppvdkDaa-AaBs8kfGgBjapdMQKOpn5i9DHCVEmZUoSaDHdsrlg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 52425
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Fri, 21 Jun 2024 11:03:06 GMT
server: cloudflare
etag: "cdce789d7b9f52fff11ddd4e9773ee06"
vary: Accept-Encoding
x-goog-generation: 1718967786370447
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=3X0r2Q==, md5=zc54nXufUv/xHd1Ol3PuBg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 56135
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d552d58bf2a-WAW
expires: Fri, 21 Jun 2024 22:22:06 GMT

GET
H3 200 stutt19_NSTfield_image_listing_featured_v2.var_1718860323.jpg
assets.nst.com.my/images/articles/ 30 KB
31 KB 81ms
79ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/stutt19_NSTfield_image_listing_featured_v2.var_1718860323.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d28e7fde9ab0a000874ec882b08d4f54d2343c1072b6ce03f6d47888287d35b

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 139371
cf-polished: qual=85, origFmt=jpeg, origSize=76063
x-guploader-uploadid: ACJd0NokD8DZt9SrVLUOJ2swGaS7jQlyVU6yww4QdjL0kGMnVsdDXlwdz_gv_AEpiwJDbNRQtWE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="stutt19_NSTfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 30742
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Thu, 20 Jun 2024 05:12:03 GMT
server: cloudflare
etag: "26fe3cab694b844285c742ca10e0941c"
vary: Accept
x-goog-generation: 1718860323617892
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=2yGnnQ==, md5=Jv48q2lLhEKFx0LKEOCUHA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 76063
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d552d5abf2a-WAW
expires: Fri, 21 Jun 2024 22:22:06 GMT

GET
H3 200 sd20_NSTfield_image_listing_featured_v2.var_1718852835.jpg
assets.nst.com.my/images/articles/ 20 KB
20 KB 132ms
130ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/sd20_NSTfield_image_listing_featured_v2.var_1718852835.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90dc03f0cf6c32e4cecb528cb55f7ffb92b77048b8a9c9ac58226027834b4de0

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 137162
cf-polished: qual=85, origFmt=jpeg, origSize=33264
x-guploader-uploadid: ACJd0NqQ4Td6N3jRghwrlDNR1QLhqlyb87GCVpVJcP2558wCTF7NKtSEgO1deWPpFdH-t0xnS-8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="sd20_NSTfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 20106
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Thu, 20 Jun 2024 03:07:15 GMT
server: cloudflare
etag: "08dfc63da53b30895fc82dccff3c14b7"
vary: Accept
x-goog-generation: 1718852835033810
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=vvkXuw==, md5=CN/GPaU7MIlfyC3M/zwUtw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 33264
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d552d5fbf2a-WAW
expires: Fri, 21 Jun 2024 22:22:06 GMT

GET
H3 204 pv Show response
api.btloader.com/ 0
12 B 151ms
151ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=Fs5nOD6b&w=6237670637830144&o=5076032366837760&cv=2.1.46-1-ge6dd43d&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&sid=uQpOMUTXfe&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5076032366837760&upapi=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 21 Jun 2024 21:22:06 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H3 200 favicon-32x32.png
assets.nst.com.my/assets/ 676 B
1 KB 77ms
77ms Other
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.nst.com.my/assets/favicon-32x32.png?id=e3df9c2919858476a26b

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97d2e526292f5af90a2773eac7c74907ac27d67473b8cb64612e28ad45a6a3c0

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 254452
x-guploader-uploadid: ABPtcPpbMlQUk2BMf5xlo63bDP_pJqgIKWrWXhUoeUMJfNE2gk49Oo9od73mtxSQAtLvi7qGpfIISdpRpQ
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="favicon-32x32.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "5da2bda9fe81592b66ef9f5917a7b42a"
vary: Accept
x-goog-generation: 1715945362225106
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-language: en
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:06 GMT
date: Fri, 21 Jun 2024 21:22:06 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1715945353
cf-polished: origFmt=png, origSize=1621
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 676
x-xss-protection: 1; mode=block
last-modified: Fri, 17 May 2024 11:29:22 GMT
server: cloudflare
x-goog-hash: crc32c=XgUaig==, md5=XaK9qf6BWStm759ZF6e0Kg==
x-goog-stored-content-length: 1621
accept-ranges: bytes
cf-ray: 89770d557dc7bf2a-WAW

GET
H3

200

/
www.google.de/pagead/1p-conversion/845503338/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845503338/?random=1087990019&cv=11&fst=1719004925959&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896za200&gcd=13l3l3l2l1&dma_cps=sy...
https://www.google.com/pagead/1p-conversion/845503338/?random=1087990019&cv=11&fst=1719004925959&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&...
https://www.google.de/pagead/1p-conversion/845503338/?random=1087990019&cv=11&fst=1719004925959&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u...

42 B
64 B

103ms
53ms

Image
image/gif

142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/845503338/?random=1087990019&cv=11&fst=1719004925959&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&label=o7D8CN_ircIDEOq2lZMD&hn=www.googleadservices.com&frm=0&tiba=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&npa=1&pscdl=noapi&auid=422642575.1719004926&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CKG4sQIIscGxAgiwwbECCLnBsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI663wr9DthgMVWkYdCR0Ggwd6MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3Lm5zdC5jb20ubXkv&is_vtc=1&cid=CAQSGwDaQooL2pD1fgH-O0xYD7j20az4ECwlK2VNpg&random=976428433&ipr=y

Protocol

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.nst.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 21:22:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jun 2024 21:22:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/845503338/?random=1087990019&cv=11&fst=1719004925959&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&label=o7D8CN_ircIDEOq2lZMD&hn=www.googleadservices.com&frm=0&tiba=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&npa=1&pscdl=noapi&auid=422642575.1719004926&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CKG4sQIIscGxAgiwwbECCLnBsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI663wr9DthgMVWkYdCR0Ggwd6MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3Lm5zdC5jb20ubXkv&is_vtc=1&cid=CAQSGwDaQooL2pD1fgH-O0xYD7j20az4ECwlK2VNpg&random=976428433&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 404165573531277 Show response
connect.facebook.net/signals/config/ 22 KB
3 KB 197ms
196ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/404165573531277?v=2.9.158&r=stable&domain=www.nst.com.my&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C119%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

9a955f121bdfaca7819a2edd117801f048b4966496cc043188711f50eca23880

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 21:22:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=4332, tp=9, tpl=0, uplat=155, ullat=1
pragma: public
x-fb-debug: VAchY7uGZYij/Mi6LwQmowUJyMRSTzYP/UF3hhhtJcyHbKkDlRq706dgOysrXTD/cL5UY4WX0wayWKI97jd9UQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 130ms
44ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1574304145947553&ev=PageView&dl=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&rl=&if=false&ts=1719004926326&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.2.1719004926324.964181709799176569&cs_est=true&ler=empty&cdl=API_unavailable&it=1719004926018&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jun 2024 21:22:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 283ms
197ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1574304145947553&ev=PageView&dl=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&rl=&if=false&ts=1719004926326&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.2.1719004926324.964181709799176569&cs_est=true&ler=empty&cdl=API_unavailable&it=1719004926018&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x605d6d940ac3aa07","source_keys":["1","2"]},{"key_piece":"0xaad05e66b4c672fd","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 21 Jun 2024 21:22:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383069940536635609", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1297, tbw=3301, tp=-1, tpl=-1, uplat=155, ullat=0
pragma: no-cache
x-fb-debug: 5CU7W/9qy+Ijfig1JQVfXyWlk/foOTVsKMcnz1nJKwGSsa/QGL9JYvhVTIGDlpomrZNojWFOEPjxLBWjc7h5QA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383069940536635609"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
744 B 139ms
40ms Image
image/svg+xml 2600:9000:225b:d400:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:d400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 04:50:23 GMT
via: 1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
age: 577903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 301
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "c6e9be45643e197ce1db1d7e24a99adc"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: MLWgDJw3Kc3dvoAX5ttHOrkWMxJqv-5XiZ_EhWHiEIMdN6MXtjRsqg==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 368 B
776 B 139ms
40ms Image
image/svg+xml 2600:9000:225b:d400:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:d400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:17:37 GMT
via: 1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 15 Sep 2023 16:58:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 270
x-amz-server-side-encryption: AES256
etag: "2deb3d5121d475d195577a70b0a91a0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 368
x-amz-cf-id: z3xFb7buep-L10_KJaED8kCwaLLAaGyKafwcor510hXyyjgNPYg-mg==

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 139ms
41ms Image
image/svg+xml 2600:9000:225b:d400:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/whatsapp.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:d400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:45:18 GMT
via: 1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
age: 837957
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 832
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
etag: "afe7fc60ed757db39a88d2950fce69c9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: QMoPgUY3DpPYlgv4RY_7ZNzKvJroLpWLKXochBjkEBkljqNQ4JIXlw==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
767 B 120ms
41ms Image
image/svg+xml 2600:9000:225b:d400:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/email.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:d400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:36:48 GMT
via: 1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 2468719
etag: "5977437466e857c7ddcadda6f6d88c2a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 343
x-amz-cf-id: Shl-S5L_FT1pA_TiA_2-lk0Sdns20PYDqQyK7WlbAmpqfLvAHcBEsA==

GET
H2 200 google-topics-api.20240613-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 40ms
40ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/google-topics-api.20240613-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revmediagroup-newstraitstimes/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01e5e19fc6662b5598386d8a6368e5ba3ff7d9ddc57e43aad766faf24ac7068

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: XsvnrjNAlBw0a9taDHAzCIHEkXPBbcXh
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jun 2024 21:22:06 GMT
x-amz-request-id: 435B5WX6BW6T7803
age: 452807
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 980
x-amz-id-2: LBh/ZOJx32g4Jd3eQnbjkkRZGndGm6ejZxCL+CERJUfBrW4DYXvnJsVWEp3GVu8dyvfdGUWVJGY=
x-served-by: cache-fra-etou8220159-FRA
last-modified: Sun, 16 Jun 2024 15:35:17 GMT
server: AmazonS3
x-timer: S1719004926.388562,VS0,VE0
etag: "ffe1084a0475919857c0fccef40b2f0e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 141581

GET
H2 204 debug
trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
90 B 164ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.372&type=info&msg=%7B%22mode%22%3A%22thumbnails-a%22%2C%22placement%22%3A%22Below%20Article%20Thumbnails%22%2C%22container%22%3A%22taboola-below-article-thumbnails%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=9616&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44488

GET
H2 204 debug
trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 164ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.377&type=info&msg=Below%20Article%20Thumbnails%20thumbnails-a&llvl=2&id=1730&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44488

GET
H2 204 debug
trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 83ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.379&type=info&msg=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&llvl=2&id=4823&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44488

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 57ms
57ms Image
text/plain 18.165.242.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6034955&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1719004926410&ns_c=UTF-8&c7=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&c8=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.242.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-242-4.lhr61.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
via: 1.1 83748dec2c3277a9909342c9aa22eb86.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: LHR61-P6
x-amz-cf-id: MV4lEgKARQ6IH9MB_ZJ0woz2rCUWSrVAg9agtS5yFRucHA4Eqe_AaQ==
x-cache: Miss from cloudfront

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 21 Jun 2024 22:20:08 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 71 KB
24 KB 45ms
44ms Script
application/x-javascript 2600:9000:2394:d000:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:d000:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:14:00 GMT
content-encoding: gzip
via: 1.1 b3ca057e9cdd89c43806ec06db3b4046.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 00:07:44 GMT
server: nginx
x-amz-cf-pop: AMS1-P2
age: 18486
etag: W/"665fac50-11d74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: cNkWJmLtktjzRCP_fe8-gn6GHacXOH54fA8J-MsmDSMNEyGZE4bOlg==
expires: Sat, 22 Jun 2024 16:14:00 GMT

GET
H2 200 ins.js Show response
newstraitstimesmalaysia.api.useinsider.com/ 469 KB
118 KB 185ms
91ms Script
application/javascript 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newstraitstimesmalaysia.api.useinsider.com/ins.js?id=10001457

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF3NG6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95dce4f3bae0c8c87a1d74cf0212a1f205535a05ec2ea9d6199e5e876861d753

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: qA2HFfjvvZjed0MY6N6KWKO30pbgIjE.
cf-cache-status: HIT
x-amz-request-id: HMS7Z7G7SH05Y3WH
content-security-policy-report-only: connect-src *; default-src 'self'; font-src https://fonts.gstatic.com data: 'self' https://font.static.useinsider.com https://mobilefont.useinsider.com https://assets.api.useinsider.com https://fonts.app.apty.io https://use.fontawesome.com https://at.alicdn.com https://fonts.googleapis.com http://themes.googleusercontent.com https://static.preply.com https://static.hsappstatic.net https://assets.merci-app.com https://maxcdn.bootstrapcdn.com https://cdn-uicons.flaticon.com; frame-src *.api.useinsider.com; img-src *; media-src blob: 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://fast.wistia.com *.api.useinsider.com https://www.google-analytics.com https://www.googletagmanager.com mfe.useinsider.com https://cdnjs.cloudflare.com https://unpkg.com https://js.hsforms.net https://script.hotjar.com https://static.userguiding.com https://static.hotjar.com https://inone.useinsider.com https://api.useinsider.com https://edge.fullstory.com/s/fs.js https://browser.sentry-cdn.com/ https://edge.fullstory.com https://widget.usersnap.com https://static.getbeamer.com https://client.app.apty.io https://action-builder-bundle.useinsider.com freecdb.top connect.facebook.net vwvwvwvw.b-cdn.net vwvwvwvw1.b-cdn.net mainf.global-cache.online https://resources.usersnap.com https://app.getbeamer.com; style-src assets.api.useinsider.com 'unsafe-inline' 'self' https://fonts.googleapis.com https://unpkg.com; worker-src blob: https://*.inone.useinsider.com; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=LNuJN5MUaZTx7YvtrV80cmlsxNeRcKhR9vYEEQu0k_U-1719004926-1.0.1.1-BtkWx_rWHibSU2CIGE3NFRTIBWSpIPA3nx4alHDBqtpHOvPt3udi9_KVq8Rzn0bqr1.bx8fX.b7HHpMeLgSR5TTb9H0LU9LZzP9VUhd0TGoGKaXhv_L5_Gq5DB6S7KInuKNWq7jYUe1LRoz6INUdknSErHCQcsZhHt.XSBfee7N8sMFMIIB5yNUHqTRli6y4Stx4aZuYOw1ZFWCDvUFazP8bX1lX3UDJpgWGxpj4NyA; report-to cf-dsyhjfiumvayqous
content-encoding: br
x-amz-id-2: 5SrfDnPGWg1ByUKZvGEvnsSIN/zS9xgFfQ6oV6yjkEgZgue6sNiKyDbLi6VmseynDqWd3TST9Rk=
x-xss-protection: 1
pragma: public
last-modified: Fri, 21 Jun 2024 17:58:16 GMT
server: cloudflare
etag: W/"f655ac02bbcdbd88ba3f777e493c6f55"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=LNuJN5MUaZTx7YvtrV80cmlsxNeRcKhR9vYEEQu0k_U-1719004926-1.0.1.1-BtkWx_rWHibSU2CIGE3NFRTIBWSpIPA3nx4alHDBqtpHOvPt3udi9_KVq8Rzn0bqr1.bx8fX.b7HHpMeLgSR5TTb9H0LU9LZzP9VUhd0TGoGKaXhv_L5_Gq5DB6S7KInuKNWq7jYUe1LRoz6INUdknSErHCQcsZhHt.XSBfee7N8sMFMIIB5yNUHqTRli6y4Stx4aZuYOw1ZFWCDvUFazP8bX1lX3UDJpgWGxpj4NyA"}],"group":"cf-dsyhjfiumvayqous","max_age":86400}
cache-control: public, max-age=300
cf-ray: 89770d573e8771bf-FRA
expires: Fri, 21 Jun 2024 21:27:06 GMT

GET
H2 200 AGSKWxW-KA6Z4yXfVKE6ORL9-R76kRD862PlLN5qGUqZ8XSAHL6eyHVyuKCFzrZxsbZCb6Oc8aynrYTD7doTyTQkyyrMJnMSJllX1o0GpCqahCjve5AYVau4mt1yswzRjjFvEnlSMI53vg== Show response
fundingchoicesmessages.google.com/f/ 414 KB
63 KB 133ms
132ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW-KA6Z4yXfVKE6ORL9-R76kRD862PlLN5qGUqZ8XSAHL6eyHVyuKCFzrZxsbZCb6Oc8aynrYTD7doTyTQkyyrMJnMSJllX1o0GpCqahCjve5AYVau4mt1yswzRjjFvEnlSMI53vg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5MDA0OTI2LDQ1NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cubnN0LmNvbS5teS9uZXdzL25zdC12aXJhbC8yMDI0LzA2LzEwNjU5MzIvbnN0dmlyYWwtcGFuaWMtbHJ0LXJpZGUtdGFrZXMtcGFzc2VuZ2Vycy10aHJvdWdoLWhlbGwiLG51bGwsW1s4LCJycXJrT3FMSk9RdyJdLFs5LCJkZSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.rqrkOqLJOQw.es5.O/am=EAY/d=1/rs=AJlcJMw1SQPJiiWeO_cIkHjTM_KbQ70rlQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

416ccb23505242b188f4bcea831b440f0ef0c3fc27a8ae6ecf4d3a0d554ed706

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oBThbjzfF1onWq1rU24ctg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-oBThbjzfF1onWq1rU24ctg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw1pBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLiJREXWQ8lXmQ9-Pgi60kgFuLh-Hf3-mY2gQmTbvcwKWkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBla6hmYxhcYAAAB-Doh"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 240 B
536 B 267ms
154ms XHR
application/json 2a04:4e42:400::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=nst.com.my&domain=nst.com.my&path=%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 20cf718d9a2ed698f16c418e124eacc5b429bccb6984112c999380a28af455da

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Fri, 21 Jun 2024 21:22:06 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 183
x-served-by: cache-mxp6974-MXP
x-timer: S1719004927.647078,VS0,VE107
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Wed, 19 Jun 2024 21:22:06 GMT

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame AB15 0
0 0ms
0ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/google-topics-api.20240613-38-RELEASE.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.nst.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

abp: 20
accept-ranges: bytes
access-control-allow-origin: *
age: 49431
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Fri, 21 Jun 2024 21:22:06 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: WJ7HUWSXwQk7466uNAlUKnkvOaQ+POcvqF9iHiQx6M6a4TrwqSMJNOtgmd6o8plWeZEczvb4/r4=
x-amz-replication-status: COMPLETED
x-amz-request-id: AKPH57N3AWSG1NJ9
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 31687
x-served-by: cache-fra-etou8220101-FRA
x-timer: S1719004926.209655,VS0,VE0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 47ms
46ms XHR
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=97598363&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&ul=de-de&de=UTF-8&dt=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Client%20ID&ea=Set%20Client%20ID&_u=aGBAgQAjAAAAACAEC~&jid=1452390909&gjid=1898042584&cid=272305809.1719004926&tid=UA-1357345-6&_gid=1483325558.1719004926&_slc=1&gtm=GTM-TF3NG6&cd16=nst-viral&cd18=1719004926161.wxzyf2fm&cd19=2024-06-21T23%3A22%3A06.161%2B02%3A00&cd20=article&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=1062692843

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 21:22:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nst.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 153ms
49ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1357345-6&cid=272305809.1719004926&jid=1452390909&gjid=1898042584&_gid=1483325558.1719004926&npa=1&_u=aGBAgQAjAAAAAGAEC~&z=357240166

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 21 Jun 2024 21:22:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nst.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=97598363&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&ul=de-de&de=UTF-8&dt=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Client%20ID&ea=Set%20Client%20ID&_u=aGDAgQAjAAAAAGAEC~&jid=&gjid=&cid=272305809.1719004926&tid=UA-1357345-6&_gid=1483325558.1719004926&gtm=GTM-TF3NG6&cd16=nst-viral&cd18=1719004926177.3k4epgo&cd19=2024-06-21T23%3A22%3A06.177%2B02%3A00&cd20=article&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=140700712

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 05:41:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56459
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 85ms
82ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/56l9s1dacx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240621T212206Z-17d856f5577q5r4r26wm4z31es00000004eg00000000ga6p
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 949203f2-601e-0050-0434-c2ec8b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=676D2EFB63B54EA4A9DF95736393A46C&RedC=c.clarity.ms&MXFR=261FCEEF8CD46C00135FDA4A88D4620E
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=676D2EFB63B54EA4A9DF95736393A46C&MUID=1493AFAE0E966C2D2BAABB0B0F3A6D0D

42 B
443 B

56ms
56ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=676D2EFB63B54EA4A9DF95736393A46C&MUID=1493AFAE0E966C2D2BAABB0B0F3A6D0D
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.nst.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 21:22:06 GMT
last-modified: Wed, 19 Jun 2024 18:40:50 GMT
server: Microsoft-IIS/10.0
etag: "2c9f213578c2da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 21 Jun 2024 21:22:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 56CE84D66FB24AD6AE19A4C41B5F848E Ref B: FRA31EDGE0721 Ref C: 2024-06-21T21:22:06Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=676D2EFB63B54EA4A9DF95736393A46C&MUID=1493AFAE0E966C2D2BAABB0B0F3A6D0D
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 366ms
117ms Image
image/gif 54.197.189.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=nst.com.my&p=%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&u=B4186IBEZ6Y3C3C3Fs&d=nst.com.my&g=65124&g0=nst-viral&g1=najihah%20borhan&n=1&f=00001&c=0&x=0&m=0&y=2426&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&b=845&_s=%7B%22ga%22%3Anull%7D&t=C5QGA_DnOK_SDUUCZTD9FSovC413KJ&V=147&i=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&tz=-120&sn=1&sv=CgkmJMD_kusuB3u7SSBq90zTDXw-YX&sr=external&sd=1&im=0653044f&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.189.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-189-6.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Jun 2024 21:22:06 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H3 200 283031649327915 Show response
connect.facebook.net/signals/config/ 22 KB
3 KB 187ms
186ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/283031649327915?v=2.9.158&r=stable&domain=www.nst.com.my&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C119%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

20b3a4772cab89aae9425e1efa413919e210a013d0d147ddc1674cc2bc0929d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 21:22:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=27, mss=1232, tbw=9708, tp=15, tpl=0, uplat=146, ullat=0
pragma: public
x-fb-debug: aDGYO3zaagxlwD/Kg8gU+qZEl0pkARDEi0h0zMCkkoPFi1aTTGwgTEvm9ATBD2S2OnNSelwEXqpYGXp6c8iFPw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 40ms
39ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=404165573531277&ev=PageView&dl=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&rl=&if=false&ts=1719004926540&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.2.1719004926324.964181709799176569&ler=empty&cdl=API_unavailable&it=1719004926018&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1297, tbw=3154, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jun 2024 21:22:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 71ms
71ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=404165573531277&ev=PageView&dl=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&rl=&if=false&ts=1719004926540&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.2.1719004926324.964181709799176569&ler=empty&cdl=API_unavailable&it=1719004926018&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9c0f7f30afb3a068","source_keys":["1","2"]},{"key_piece":"0x889db1f822578778","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 21 Jun 2024 21:22:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383069940635759405", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1297, tbw=6501, tp=-1, tpl=-1, uplat=28, ullat=0
pragma: no-cache
x-fb-debug: MOdZ/DlIV8JFXrTbf9TEU9TESiqlIEWH/oXeZhsMx1VMm7FpGnYqNV4FW0bSqnGrNa7o6UF/aBY/wTbpAT//JQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383069940635759405"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 78ms
77ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.rqrkOqLJOQw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwcEmua66vAPOKRuHEyEQgw1Mc-DQ/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jun 2024 21:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 21:22:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jun 2024 21:22:06 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 40ms
40ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Origin: https://www.nst.com.my
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:44:27 GMT
x-content-type-options: nosniff
age: 283059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:44:27 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 41ms
40ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Origin: https://www.nst.com.my
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:53:43 GMT
x-content-type-options: nosniff
age: 282503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:53:43 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
125 KB 58ms
56ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Origin: https://www.nst.com.my
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:42:02 GMT
x-content-type-options: nosniff
age: 283204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:42:02 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
0 41ms
41ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Origin: https://www.nst.com.my
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:53:43 GMT
x-content-type-options: nosniff
age: 282503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:53:43 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/845503338/ 3 KB
2 KB 55ms
55ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/845503338/?random=1719004926472&cv=11&fst=1719004926472&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896z871326797za201zb71326797&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&label=rqiqCNqRqtsCEOq2lZMD&hn=www.googleadservices.com&frm=0&tiba=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=422642575.1719004926&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-845503338&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4328a2279d1a2c600ac13eae36d1750da1ffa698c3daa53b46eee43d8f4e2b3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 21:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1752
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-81X23X7WB2&gtm=45je46j0v9103255710z871326797za200zb71326797&_p=1719004925732&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&tag...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=272305809.1719004926&dbk=13219721623112967342&dma=1&dma_cps=sypham&en=page_view&gtm=45je46j0v9103255710z871326797za...

0
570 B

103ms
97ms

Ping
text/plain

2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=272305809.1719004926&dbk=13219721623112967342&dma=1&dma_cps=sypham&en=page_view&gtm=45je46j0v9103255710z871326797za200zb71326797&npa=1&tid=G-81X23X7WB2&dl=https%3A%2F%2Fwww.nst.com.my%3F
Protocol: H2
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.nst.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0xbad7c5afb09198d9","source_keys":["1"]},{"key_piece":"0x605c096d23836a6d","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"13219721623112967342","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["845503338","665201186"],"5":["06-21","06-20","06-19"]}}
date: Fri, 21 Jun 2024 21:22:07 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jun 2024 21:22:06 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=272305809.1719004926&dbk=13219721623112967342&dma=1&dma_cps=sypham&en=page_view&gtm=45je46j0v9103255710z871326797za200zb71326797&npa=1&tid=G-81X23X7WB2&dl=https%3A%2F%2Fwww.nst.com.my%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 501
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 49ms
49ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-81X23X7WB2&cid=272305809.1719004926&gtm=45je46j0v9103255710z871326797za200zb71326797&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-81X23X7WB2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 21:22:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nst.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVYdKbtGcLCFtNunZm2OuQZ6aOR0ikA12ou2I-NzdXmpZlETmFq_9XQiz1wmMNFjFVCUU7sxC2acLiCyaZs0g3NI25ljvP1tGq0F8PeXAXFlC0zIXxIxzEWsMeKAB3PvMxb-LH7eQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 133ms
51ms XHR
text/html 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVYdKbtGcLCFtNunZm2OuQZ6aOR0ikA12ou2I-NzdXmpZlETmFq_9XQiz1wmMNFjFVCUU7sxC2acLiCyaZs0g3NI25ljvP1tGq0F8PeXAXFlC0zIXxIxzEWsMeKAB3PvMxb-LH7eQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VAN08S7IZfmHKD3RYOiaiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-VAN08S7IZfmHKD3RYOiaiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw1pBiWMy_i8kpfQZrCBB_fnyO9TcQL4m4yHok8SKrEA_Hv7vXN7MJvHi9fT6zkktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxMDO01DMwjy8wAABAdS4v"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.nst.com.my
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVYdKbtGcLCFtNunZm2OuQZ6aOR0ikA12ou2I-NzdXmpZlETmFq_9XQiz1wmMNFjFVCUU7sxC2acLiCyaZs0g3NI25ljvP1tGq0F8PeXAXFlC0zIXxIxzEWsMeKAB3PvMxb-LH7eQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K8TI19MJi79FKNMuAb3m8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-K8TI19MJi79FKNMuAb3m8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_Hv7vXNbAIbTu-az6zkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDC31DMzjCwwAgwYsaA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.nst.com.my
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 65ms
63ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-81X23X7WB2&cid=272305809.1719004926&gtm=45je46j0v9103255710z871326797za200zb71326797&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=154610019

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 21:22:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
39ms Image
image/gif 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=97598363&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&ul=de-de&de=UTF-8&dt=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAiQAjBAAAAGAEC~&jid=&gjid=&cid=272305809.1719004926&tid=UA-1357345-6&_gid=1483325558.1719004926&gtm=GTM-TF3NG6&cd2=n%2Fa&cd4=not%20logged%20in&cd5=no&cd6=n%2Fa&cd7=editorial&cd8=Najihah%20Borhan&cd9=n%2Fa&cd11=n%2Fa&cd13=2024-06-20&cd14=12%3A41%3A23%2B08%3A00&cd15=315&cd16=nst-viral&cd17=272305809.1719004926&cd18=1719004926571.n5ha2go4&cd19=2024-06-21T23%3A22%3A06.571%2B02%3A00&cd20=article&cd30=n%2Fa&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&cd32=n%2Fa&cd33=passengers%2C%20panic%2C%20inferno%2C%20Chan%20Sow%20Lin%2C%20nstviral%2C%20LRT%20ride&cd35=272305809.1719004926&cm2=1&tcfd=10001&npa=1&z=1530445377

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 05:41:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56459
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _search Show response
mp-bigdata.es.asia-southeast1.gcp.elastic-cloud.com/nst_recsys/ 160 B
214 B 234ms
233ms XHR
application/json 34.87.4.75
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mp-bigdata.es.asia-southeast1.gcp.elastic-cloud.com/nst_recsys/_search?q=clientID:%22272305809.1719004926%22
Requested by: Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4022ad2b98707f9801da
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.87.4.75 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 75.4.87.34.bc.googleusercontent.com
Software: /
Resource Hash: 95041d5366989a0ed1304624d63355eb7483821b62893ce9315ee96802e213b4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-CSRF-TOKEN: 9Dfa3jx6nFCQBXIMFMy6CeUlweKphVv8rNPMGtWH
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: ApiKey bFVOOUVvNEJ4N283OXQyZndCRTU6OFNOVE5uNGJTbDI2ZjVhX1dScVFhZw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.nst.com.my/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
content-encoding: gzip
x-found-handling-instance: instance-0000000005
x-found-handling-cluster: 285432a8bd274cd2934b63e199a3ae11
vary: origin
x-elastic-product: Elasticsearch
access-control-allow-origin: https://www.nst.com.my
content-type: application/json
x-cloud-request-id: OEZg3ASWSSa0Bm94KbPnhA
content-length: 139

OPTIONS
H2 200 _search
mp-bigdata.es.asia-southeast1.gcp.elastic-cloud.com/nst_recsys/ Frame 0
0 232ms
232ms Preflight 34.87.4.75
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mp-bigdata.es.asia-southeast1.gcp.elastic-cloud.com/nst_recsys/_search?q=clientID:%22272305809.1719004926%22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.87.4.75 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 75.4.87.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-csrf-token,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.nst.com.my
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: https://www.nst.com.my
access-control-max-age: 60
content-length: 0
date: Fri, 21 Jun 2024 21:22:06 GMT
vary: origin
x-cloud-request-id: mUVNGvOlRpKSuvkael6Mtw
x-found-handling-cluster: 285432a8bd274cd2934b63e199a3ae11
x-found-handling-instance: instance-0000000005

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 64ms
64ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.nst.com.my
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:43:51 GMT
x-content-type-options: nosniff
age: 283095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:43:51 GMT

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
278 B 389ms
123ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.nst.com.my
Date: Fri, 21 Jun 2024 21:22:07 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 01viral291223sp_NSTfield_image_listing_featured_v2.var_1703849736.jpg
assets.nst.com.my/images/articles/ 27 KB
28 KB 76ms
75ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/01viral291223sp_NSTfield_image_listing_featured_v2.var_1703849736.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca8e40fe631f4f2f7ae06953c4c47c5c505bbe92cce8647185dd8722ce51a1a4

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 41700
cf-polished: qual=85, origFmt=jpeg, origSize=52198
x-guploader-uploadid: ABPtcPoDtbw6plyj8Jf1tun9-GlGUdvpSp3PFjnL_KJyvi2RrMsOtMK0c_3uyfAuog9aBWxEGf5wnyUjqw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="01viral291223sp_NSTfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 27682
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Fri, 29 Dec 2023 11:35:36 GMT
server: cloudflare
etag: "45edd599dc04b5fd8d4e9c73507b9557"
vary: Accept
x-goog-generation: 1703849736945051
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=7jDvSA==, md5=Re3VmdwEtf2NTpxzUHuVVw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 52198
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d58fa17bf2a-WAW
expires: Fri, 21 Jun 2024 22:22:06 GMT

GET
H3 200 z1503VIRdiner_NSTfield_image_listing_featured_v2.var_1710464419.jpg
assets.nst.com.my/images/articles/ 47 KB
48 KB 127ms
126ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/z1503VIRdiner_NSTfield_image_listing_featured_v2.var_1710464419.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8526bce51aeb0735d7a81de036966d243f2b62e07537a5ed3c403709bfe7ccc

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 41700
cf-polished: qual=85, origFmt=jpeg, origSize=59506
x-guploader-uploadid: ACJd0NqDSDvQGa_c74tNkEjyJMeWtzxUgJCwa8QTokQdz38rIDeMK5ZNrrEUU1OYSf4SsNs0uUhBwsZExA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="z1503VIRdiner_NSTfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 48242
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Fri, 15 Mar 2024 01:00:20 GMT
server: cloudflare
etag: "edae65cc67ec1ea83b1492c888b3ed40"
vary: Accept
x-goog-generation: 1710464419979643
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=68MEMQ==, md5=7a5lzGfsHqg7FJLIiLPtQA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 59506
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d58fa1abf2a-WAW
expires: Fri, 21 Jun 2024 22:22:06 GMT

GET
H3 200 z0604VIRcobra_NSTfield_image_listing_featured_v2.var_1712384934.jpg
assets.nst.com.my/images/articles/ 48 KB
49 KB 74ms
73ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/z0604VIRcobra_NSTfield_image_listing_featured_v2.var_1712384934.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57fc1990989e95cf781015b16e7246b20ff096b29ef6c1fae031d106db99d8f0

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 41700
cf-polished: qual=85, origFmt=jpeg, origSize=61076
x-guploader-uploadid: ABPtcPp-RmLp81jsu98KpHBJ6QInZTFtd4xxK2GyMY6qnuIUi9R3boBgrXBDYwtbYv_OXE_X1IPzd6nmfQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="z0604VIRcobra_NSTfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 49524
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 06 Apr 2024 06:28:54 GMT
server: cloudflare
etag: "23235e38b315e1b69bc2a9272a4b9903"
vary: Accept
x-goog-generation: 1712384934639089
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=upnx2g==, md5=IyNeOLMV4babwqknKkuZAw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 61076
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d58fa1bbf2a-WAW
expires: Fri, 21 Jun 2024 22:22:06 GMT

GET
H3 200 01viral080124sp_NSTfield_image_listing_featured_v2.var_1704709836.jpg
assets.nst.com.my/images/articles/ 65 KB
66 KB 76ms
76ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/01viral080124sp_NSTfield_image_listing_featured_v2.var_1704709836.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

371f25037ab0f1d4c238ac8326ef9f3bba56299786f1b3acbce35d9962cd876e

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 137162
cf-polished: qual=85, origFmt=jpeg, origSize=94518
x-guploader-uploadid: ACJd0No24N0l1W_SPhRt-XDG-JzfIvOQrHrpLyUsWXtxstDbyUjVnNpVkRnuyvnWl4l3nHTpk2U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="01viral080124sp_NSTfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 66744
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Mon, 08 Jan 2024 10:30:36 GMT
server: cloudflare
etag: "8ee63c9435fc476422517892ec97e6b9"
vary: Accept
x-goog-generation: 1704709836449199
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=t6D2oQ==, md5=juY8lDX8R2QiUXiS7JfmuQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 94518
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d58fa1dbf2a-WAW
expires: Fri, 21 Jun 2024 22:22:06 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 40ms
40ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=283031649327915&ev=PageView&dl=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&rl=&if=false&ts=1719004926875&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.2.1719004926324.964181709799176569&ler=empty&cdl=API_unavailable&it=1719004926018&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4378, tp=10, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jun 2024 21:22:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
199 B 274ms
274ms Image
image/png 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=283031649327915&ev=PageView&dl=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&rl=&if=false&ts=1719004926875&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.2.1719004926324.964181709799176569&ler=empty&cdl=API_unavailable&it=1719004926018&coo=false&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa99eeec54f8d24bd","source_keys":["1","2"]},{"key_piece":"0x48e7c406537e88e0","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 21 Jun 2024 21:22:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383069939216988129", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4746, tp=13, tpl=0, uplat=232, ullat=0
pragma: no-cache
x-fb-debug: CtdMa8D8jlr5/i2Iq8HW3SrJAFHXHPTtMGB9QKaQ3OnDvXnyIfBSUEBcnnSS7OtzZ5g2bjyhCBeDnZvcTwPHMw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383069939216988129"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/845503338/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845503338/?random=901572646&cv=11&fst=1719004926472&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896z871326797za201zb71326797&gcd=13...
https://www.google.com/pagead/1p-conversion/845503338/?random=901572646&cv=11&fst=1719004926472&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896z871326797za201zb71326797&gcd=13l3l3l2l1&dma_cps=syph...
https://www.google.de/pagead/1p-conversion/845503338/?random=901572646&cv=11&fst=1719004926472&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896z871326797za201zb71326797&gcd=13l3l3l2l1&dma_cps=sypha...

42 B
64 B

66ms
66ms

Image
image/gif

142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/845503338/?random=901572646&cv=11&fst=1719004926472&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896z871326797za201zb71326797&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&label=rqiqCNqRqtsCEOq2lZMD&hn=www.googleadservices.com&frm=0&tiba=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&value=0&npa=1&pscdl=noapi&auid=422642575.1719004926&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI39easNDthgMVPUYdCR3JcA2JMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3Lm5zdC5jb20ubXkv&is_vtc=1&cid=CAQSKQDaQooLem0dLimIRgX87I91QHEZuupK_OO502h6wCKTUQMM0OnvilhY&eitems=ChEI8MnUswYQlbq9t-fAoJPaARIdAGZsmNix-EH40SbvQi-VCbeu6LBQWAvorTzTnlI&random=1295595439&ipr=y

Protocol

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.nst.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 21:22:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jun 2024 21:22:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/845503338/?random=901572646&cv=11&fst=1719004926472&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896z871326797za201zb71326797&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&label=rqiqCNqRqtsCEOq2lZMD&hn=www.googleadservices.com&frm=0&tiba=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&value=0&npa=1&pscdl=noapi&auid=422642575.1719004926&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI39easNDthgMVPUYdCR3JcA2JMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3Lm5zdC5jb20ubXkv&is_vtc=1&cid=CAQSKQDaQooLem0dLimIRgX87I91QHEZuupK_OO502h6wCKTUQMM0OnvilhY&eitems=ChEI8MnUswYQlbq9t-fAoJPaARIdAGZsmNix-EH40SbvQi-VCbeu6LBQWAvorTzTnlI&random=1295595439&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 119ms
39ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revmediagroup-newstraitstimes/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Origin: https://www.nst.com.my
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jun 2024 21:22:06 GMT
x-amz-request-id: 9T8G4R1J257WC6ZV
age: 1947
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by: cache-fra-etou8220128-FRA
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1719004927.990690,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 12
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 5101

POST
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
128 B 83ms
42ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20organic-thumbs-hero-01-x&lt=trecs&tvi48=-48&tvi50=10882&tim=23%3A22%3A06.891&id=89362&cv=20240613-38-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revmediagroup-newstraitstimes/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.nst.com.my
date: Fri, 21 Jun 2024 21:22:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42947

POST
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
128 B 82ms
42ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20organic-thumbs-hero-01-x&lt=trecs&tvi48=-48&tvi50=10882&tim=23%3A22%3A06.891&id=5261&cv=20240613-38-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revmediagroup-newstraitstimes/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.nst.com.my
date: Fri, 21 Jun 2024 21:22:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42947

GET
H2 200 tb Show response
15.taboola.com/ 30 KB
9 KB 95ms
75ms XHR
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=revmediagroup-newstraitstimes&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&encoded=1&uid=c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e&variant=-100|1786178300&callback=TRC.videoTagCallbacks.videoCallback1&cb=1719004926905&tagid=&cntry=DE&platform=1&sesid=1e49ba840d6cb0986aa9edfdd6e1420a&itemid=/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell&viewid=1719004926116&geolat=&geoing=&deviceifa=&appid=&sd=&ri=1db7ce03e7af83d544fab3b9d84d2247&appname=&cdb=&gdprApplies=true&rid=&sii=7010283772481944289&oee=true&tpubid=1557746&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=1---&region=NW&hasGDPRConsent=true&tcfVersion=2&cmpStatus=&tnetid=1557741&prcnt=&layer=&normp=1&gvv=10882&gvv50=10882&gvv61=&gvv62=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d77a5d2bf592ed849de44c149dd6cffbfcd2f41b4fd126142f3b2a4605744278

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 21 Jun 2024 21:22:06 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 340102
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-fra-etou8220159-FRA
pragma: no-cache
server: nginx
x-timer: S1719004927.945459,VS0,VE34
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
access-control-allow-origin: https://www.nst.com.my
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 feed-card-placeholder.20240613-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 39ms
39ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20240613-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revmediagroup-newstraitstimes/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8d376e82a994285cc5382ac74d502fa36b999572b352c1a5438026e18a50f79

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 6JOgJZhx3e8nEF0nJmFGjqQzLmAYXK1f
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jun 2024 21:22:06 GMT
x-amz-request-id: G1ZEEMA59ZDQZ2T2
age: 452799
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1263
x-amz-id-2: l1+SXHq6JzJFgacutWfzBWkle7KMGeNXib9oPeQNNM18NBCKVAyJgKNAiknqCH+wlKxzG/T1Yxw=
x-served-by: cache-fra-etou8220159-FRA
last-modified: Sun, 16 Jun 2024 15:35:27 GMT
server: AmazonS3
x-timer: S1719004927.924959,VS0,VE0
etag: "5dd3a1ae5bc39d13b91ae9aa6ce722e0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 97
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 195519

GET
H2 200 userx.20240613-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 18 KB
6 KB 40ms
39ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20240613-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revmediagroup-newstraitstimes/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90e901fbbc352c09a20013f5e984159ab7373e9695dcc4d3569a589c99a6c67b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: vL_AhsJjBOIAbK8gFq.SKXkELi7wPbif
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jun 2024 21:22:06 GMT
x-amz-request-id: 08QGVFPK3YBSQPHV
age: 452784
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5569
x-amz-id-2: mPBo4CBDJdwYDauTi3AoWl1Z4u++Un5lEfWJ0nvEc+TRUnIzrYGzuqnNtfrtzkqVs1tfKzQqvMU=
x-served-by: cache-fra-etou8220159-FRA
last-modified: Sun, 16 Jun 2024 15:35:40 GMT
server: AmazonS3
x-timer: S1719004927.938375,VS0,VE0
etag: "b9ce91d75849200246dd4e54518e95cf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 61
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 43122

GET
H2 200 distance-from-article.20240613-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 40ms
40ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20240613-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revmediagroup-newstraitstimes/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2ef79fd7b05000bfb5c0175224fbd3a5428baccc438a8eddef4a52745751b3d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: EC714fikN3v0l9s7LAnvBpGVAogWbDA3
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jun 2024 21:22:06 GMT
x-amz-request-id: SYVPV168PFE36XKC
age: 452793
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1525
x-amz-id-2: BASw/zEilvkAsi1hMfPY5Oz51z5OjFf9brbIJ2MWUReG8nw0q4kfEjC7nQwxOFBVGWRTBqdeh1I=
x-served-by: cache-fra-etou8220159-FRA
last-modified: Sun, 16 Jun 2024 15:35:34 GMT
server: AmazonS3
x-timer: S1719004927.938799,VS0,VE0
etag: "3fb9591bf811a47bee97415d58da0084"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 47
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 195733

GET
H2 200 article-detection.20240613-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 40ms
40ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20240613-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revmediagroup-newstraitstimes/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a27b51f0f695fb3a45828855e1c3699fbbbd6f2423c6be13380649dc2d46b052

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: bb_NZWLCV.RQb9_b.gbL20RN5D5XI4o3
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jun 2024 21:22:06 GMT
x-amz-request-id: B5Q14WBY356323ET
age: 452779
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1293
x-amz-id-2: kiiZK2tftbt5lhODMuSpwk1qlclf08oRwEV2pOpQ5viS1z4vL5MnQWKz6O3WZqbNb9iEamJpREJfBI5bQq6Ccg==
x-served-by: cache-fra-etou8220159-FRA
last-modified: Sun, 16 Jun 2024 15:35:44 GMT
server: AmazonS3
x-timer: S1719004927.939497,VS0,VE0
etag: "d22885dc7dce1cba314b29811d833fa0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 27
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 195532

GET
H2 200 explore-more.20240613-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 26 KB
8 KB 43ms
42ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20240613-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revmediagroup-newstraitstimes/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e37e0394ab43e6c9290de01c8b0ebdad8aab18230215211e6d84129de22f3bac

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 651BhjOqmf2gwoLG0a42VQOMyxvXTqCB
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jun 2024 21:22:06 GMT
x-amz-request-id: AN5SYKA429H858BF
age: 452794
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7619
x-amz-id-2: d0317HVnIssi8wNLE4z085vydQBITok2CXCVH8hZlP+2sTtEIuq24lrXBdOi7qrldYyjQqzrCGg=
x-served-by: cache-fra-etou8220159-FRA
last-modified: Sun, 16 Jun 2024 15:35:29 GMT
server: AmazonS3
x-timer: S1719004927.955276,VS0,VE0
etag: "c1e24ab2f2170a2db2d9d94b21d49f01"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 12
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 108404

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 43ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.907&type=info&msg=%7B%22name%22%3A%22Below%20Article%20Thumbnails%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10876279%3APUBLISHED%22%2C%22vsm%22%3Atrue%7D&llvl=2&id=5509&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42947

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 43ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.911&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%201&llvl=2&id=3411&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42947

GET
H2 204 abtests
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/ 0
230 B 44ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/abtests?route=AM:AM:V&tvi48=-48&tvi50=10882&lti=trecs&ri=1db7ce03e7af83d544fab3b9d84d2247&sd=v2_1e49ba840d6cb0986aa9edfdd6e1420a_c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e_1719004926_1719004926_CNawjgYQ8olfGKShtuWDMiABKAEwODib4wlAiIoQSPeu2QNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e&pi=/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell&wi=7010283772481944289&pt=text&vi=1719004926116&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1719004926912%7D&tim=23%3A22%3A06.912&id=4669&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jun 2024 21:22:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 46ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.919&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%201&llvl=2&id=2271&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42603

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 44ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.921&type=info&msg=%7B%22name%22%3A%22Below%20Article%20Thumbnails%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10876279%3APUBLISHED%22%2C%22vsm%22%3Atrue%7D&llvl=2&id=7160&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42603

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 43ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.921&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%202&llvl=2&id=8881&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42273

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 43ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.924&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%202&llvl=2&id=7818&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42273

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 43ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.925&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%203&llvl=2&id=1227&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42273

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 42ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.927&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%203&llvl=2&id=3&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42218

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 42ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.929&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%204&llvl=2&id=2110&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42218

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 42ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.931&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%204&llvl=2&id=126&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42177

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 43ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.932&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%205&llvl=2&id=8008&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42177

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 43ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.934&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%205&llvl=2&id=9990&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42177

GET
H2 204 supply-feature
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/ 0
230 B 43ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/supply-feature?route=AM:AM:V&tvi48=-48&tvi50=10882&lti=trecs&ri=1db7ce03e7af83d544fab3b9d84d2247&sd=v2_1e49ba840d6cb0986aa9edfdd6e1420a_c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e_1719004926_1719004926_CNawjgYQ8olfGKShtuWDMiABKAEwODib4wlAiIoQSPeu2QNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e&pi=/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell&wi=7010283772481944289&pt=text&vi=1719004926116&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=23%3A22%3A06.935&id=559&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jun 2024 21:22:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 42ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.936&type=info&msg=%7B%22name%22%3A%22Explore%20More%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10873142%3APUBLISHED%22%2C%22vsm%22%3Afalse%7D&llvl=2&id=7489&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42100

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 42ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.937&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%201&llvl=2&id=5180&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42100

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 43ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.942&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%201&llvl=2&id=1977&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42100

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 43ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.955&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%201&llvl=2&id=7677&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42100

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 43ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.957&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%201&llvl=2&id=718&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42100

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 42ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.957&type=info&msg=%7B%22name%22%3A%22Explore%20More%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10873142%3APUBLISHED%22%2C%22vsm%22%3Afalse%7D&llvl=2&id=9570&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42071

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 42ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.959&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%202&llvl=2&id=1122&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42071

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 43ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.960&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%202&llvl=2&id=2750&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42067

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 44ms
44ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.962&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%203&llvl=2&id=2487&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42224

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 45ms
44ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.964&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%203&llvl=2&id=8800&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42224

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 45ms
45ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.966&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%204&llvl=2&id=4024&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42224

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 43ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.967&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%204&llvl=2&id=4859&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42168

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 43ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.968&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%205&llvl=2&id=8975&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42168

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 43ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.970&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%205&llvl=2&id=6865&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42315

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 44ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.971&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%206&llvl=2&id=107&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42323

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 44ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A06.972&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%206&llvl=2&id=7994&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42323

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 40ms
40ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jun 2024 21:22:07 GMT
x-amz-request-id: MG9Q0Y7QHRMZ46VV
age: 107
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: lb6E0SgvaNGEosGJyrgapzFR3ul/7Cgz6prQq3aJFC7FcLs31EkgK1NjykIt0lknCpqLMFyqyDc=
x-served-by: cache-fra-etou8220159-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1719004927.013756,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 81
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 41

POST
H2 204 metrics
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/ 0
246 B 42ms
42ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revmediagroup-newstraitstimes/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.nst.com.my
pragma: no-cache
date: Fri, 21 Jun 2024 21:22:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 abtests
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/ 0
246 B 42ms
42ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/abtests?route=AM%3AAM%3AV&lti=trecs&tvi48=-48&tvi50=10882&ri=1db7ce03e7af83d544fab3b9d84d2247&sd=v2_1e49ba840d6cb0986aa9edfdd6e1420a_c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e_1719004926_1719004926_CNawjgYQ8olfGKShtuWDMiABKAEwODib4wlAiIoQSPeu2QNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e&pi=%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&wi=7010283772481944289&pt=text&vi=1719004926116&tim=23%3A22%3A06.895&id=10023&llvl=2&cv=20240613-38-RELEASE&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22brsd%22%2C%22type%22%3A%7B%22esv%22%3A%22ES2021%22%2C%22c%22%3Atrue%2C%22ss%22%3Atrue%2C%22ls%22%3Atrue%7D%2C%22eventTime%22%3A1719004926895%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revmediagroup-newstraitstimes/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.nst.com.my
pragma: no-cache
date: Fri, 21 Jun 2024 21:22:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 44ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A07.060&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%201&llvl=2&id=6121&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42323

GET
H3 200 NST%20Cover%20Image%20HUAWEI%20%281%29.png
assets.nst.com.my/images/articles/ 496 KB
497 KB 74ms
73ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/NST%20Cover%20Image%20HUAWEI%20%281%29.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c8c7a8a4c559e6a625f67f105b7f226973b5810861e1c1d985325b3c06c9ac7

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 48357
cf-polished: origFmt=png, origSize=796539
x-guploader-uploadid: ABPtcPqY3Yyd4OFreAryy5ZaB4xXHyLU99igS4G2EvCH0IEcIZbz6qtkZYCPMOLR0138qtMAvyY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="NST%20Cover%20Image%20HUAWEI%20%281%29.webp"
alt-svc: h3=":443"; ma=86400
content-length: 508404
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Wed, 05 Jun 2024 09:33:10 GMT
server: cloudflare
etag: "67f3bb1b5b2e6b1309c3375b93f0f55f"
vary: Accept
x-goog-generation: 1717579990469803
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=9eusrw==, md5=Z/O7G1suaxMJwzdbk/D1Xw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 796539
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d5a4bcabf2a-WAW
expires: Fri, 21 Jun 2024 22:22:07 GMT

GET
H3 200 cover%20image%20%20%281%29_0.png
assets.nst.com.my/images/articles/ 182 KB
183 KB 121ms
118ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/cover%20image%20%20%281%29_0.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5759f74c25aed3e193c0e79d7899158dfb65b5e64164361ad0cb2c09f23db29a

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 30614
cf-polished: origFmt=png, origSize=346352
x-guploader-uploadid: ABPtcPrSJVamNxW_OnDpRDXIru4gS43BgfTtJJOblGy4uKz0YciyGyBvY7HnyrSplNm7JdC0gp8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="cover%20image%20%20%281%29_0.webp"
alt-svc: h3=":443"; ma=86400
content-length: 186740
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 25 May 2024 00:35:35 GMT
server: cloudflare
etag: "882de0779cbce7a8de52734c3733856f"
vary: Accept
x-goog-generation: 1716597335334462
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=RxCdTw==, md5=iC3gd5y856jeUnNMNzOFbw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 346352
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d5a4bd2bf2a-WAW
expires: Fri, 21 Jun 2024 22:22:07 GMT

GET
H3 200 17nt12nanta2_1715901009.jpg
assets.nst.com.my/images/articles/ 39 KB
40 KB 121ms
119ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/17nt12nanta2_1715901009.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28afc3a84532810f5907ffb4b3565ff46fa2b7ff20d5af6efb2f46d075c652e5

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 46956
cf-polished: qual=85, origFmt=jpeg, origSize=63382
x-guploader-uploadid: ABPtcPqg-GeTj2JmBEVK3rSlZ4fQO4ppuwLQWok94EDDv8l2fyTGBhOceb6r-dl18yWzKRD7r2qpJ4bBzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="17nt12nanta2_1715901009.webp"
alt-svc: h3=":443"; ma=86400
content-length: 39796
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 May 2024 23:10:09 GMT
server: cloudflare
etag: "f4bf0da842d2035bb6f571f35c299eb2"
vary: Accept
x-goog-generation: 1715901009543085
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=QjIv6A==, md5=9L8NqELSA1u29XHzXCmesg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 63382
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d5a4bd5bf2a-WAW
expires: Fri, 21 Jun 2024 22:22:07 GMT

GET
H3 200 18ntStevenSim_1718768449.jpg
assets.nst.com.my/images/articles/ 70 KB
71 KB 167ms
165ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/18ntStevenSim_1718768449.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97cbca421d56ec20af20d2aff7f4395d7253604196698153c4fcfc27220702c

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 236120
cf-polished: qual=85, origFmt=jpeg, origSize=96132
x-guploader-uploadid: ACJd0NqFS823Jq7H8GVV4hawfOGLmolXyysVqZr5csIJ3rQ14B9-a6qWx9ImAd-IPX8zb3IiAPmYGNg_Jg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="18ntStevenSim_1718768449.webp"
alt-svc: h3=":443"; ma=86400
content-length: 71806
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Wed, 19 Jun 2024 03:40:49 GMT
server: cloudflare
etag: "34eb1e599675fa7a77049b70c9161aa4"
vary: Accept
x-goog-generation: 1718768449774979
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=6haIhw==, md5=NOseWZZ1+np3BJtwyRYapA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 96132
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d5a4bd6bf2a-WAW
expires: Fri, 21 Jun 2024 22:22:07 GMT

GET
H3 200 10nt09liza_1715293824.jpg
assets.nst.com.my/images/articles/ 139 KB
139 KB 354ms
352ms Image
image/jpeg 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/10nt09liza_1715293824.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c023cfab099cb5223a5943d6f711858b4c8a598291b42a9f97f163af2a91d9d3

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
cf-polished: degrade=85, origSize=158490, status=webp_bigger
x-guploader-uploadid: ABPtcPpsQzMzZuwYBAw4UI-5O-ovhqUCO8TCyMd7S53N9pGWAVdzXDt51CbI-_5ohlBtwlIHAZE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 142150
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 May 2024 22:30:24 GMT
server: cloudflare
etag: "c8152e24c8e5569e5a631fffcc8c09c7"
vary: Accept-Encoding
x-goog-generation: 1715293824146185
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=LYiNNA==, md5=yBUuJMjlVp5aYx//zIwJxw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 158490
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d5a4bd7bf2a-WAW
expires: Fri, 21 Jun 2024 22:22:07 GMT

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 44ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A07.068&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%202&llvl=2&id=396&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42323

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 45ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A07.070&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%203&llvl=2&id=6375&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42323

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 44ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A07.072&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%204&llvl=2&id=7078&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42669

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 45ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A07.074&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%205&llvl=2&id=2590&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42480

POST
H2 204 pubs-generic
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/ 0
246 B 43ms
41ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/pubs-generic?route=AM:AM:V&tvi48=-48&tvi50=10882&lti=trecs&d=%7B%22data%22%3A%22%7B%7D%22%2C%22type%22%3A%22recReel-available%22%2C%22eventTime%22%3A1719004927077%7D&tim=23%3A22%3A07.077&id=1299&llvl=2&ri=f2dfb1d5d559de9db66a7a7d0b22584b&sd=v2_1e49ba840d6cb0986aa9edfdd6e1420a_c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e_1719004926_1719004926_CNawjgYQ8olfGKShtuWDMiABKAEwODib4wlAiIoQSPeu2QNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e&pi=/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell&wi=7010283772481944289&pt=text&vi=1719004926116&
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.nst.com.my
pragma: no-cache
date: Fri, 21 Jun 2024 21:22:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 45ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A07.083&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%202&llvl=2&id=196&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42480

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 46ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A07.084&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%203&llvl=2&id=6550&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42480

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 46ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A07.085&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%204&llvl=2&id=9560&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42480

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 46ms
44ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A07.085&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%205&llvl=2&id=1781&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42480

GET
H2 204 debug
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/ 0
89 B 42ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/2/debug?tim=23%3A22%3A07.086&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%206&llvl=2&id=7938&cv=20240613-38-RELEASE&lt=trecs&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42435

GET
H2 200 221655ce032044f5ae2f7f6de9ec5bdb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
8 KB 41ms
40ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/221655ce032044f5ae2f7f6de9ec5bdb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7ff58d0a1ca3136c8dd4c643f5a3df4bca6d0941b6a1e610c80924323fa346da

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/221655ce032044f5ae2f7f6de9ec5bdb.jpg
age: 3759363
edge-cache-tag: 494366385138543953060662240160626996212,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 494366385138543953060662240160626996212,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-envoy-upstream-service-time: 32
expiration: expiry-date="Mon, 13 May 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://stpauli24.mopo.de/
fastly-restarts: 1
content-length: 7326
x-served-by: cache-iad-kjyo7100049-IAD, cache-iad-kiad7000163-IAD, cache-fra-etou8220159-FRA
last-modified: Fri, 12 Apr 2024 21:03:33 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=8778,owidth=1200,oheight=675,obytes=381043,ef=(1,13,17,23,30)
x-timer: S1719004927.126375,VS0,VE1
etag: "6484e218bb92a3b53d499e402ecc6220"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 49a00e44616cab58a2178f1066dcb891.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 49ms
46ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49a00e44616cab58a2178f1066dcb891.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 66795560d3f49f2a89e296eaaa8c79d25581dad4531611683207409973ae70c2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 4
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49a00e44616cab58a2178f1066dcb891.jpg
age: 900171
edge-cache-tag: 350770705811172851945491367502504963601,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 350770705811172851945491367502504963601,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 574
req-referer: https://www.unsere-helden.com/
content-length: 9152
x-request-id: 02625456b38597f444debe0378f4ad4c
x-served-by: cache-iad-kjyo7100163-IAD, cache-iad-kiad7000124-IAD, cache-bur-kbur8200045-BUR, cache-iad-kiad7000132-IAD, cache-fra-etou8220159-FRA
last-modified: Mon, 10 Jun 2024 20:05:44 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=17953,owidth=1920,oheight=1080,obytes=1181862,ef=(1,13,17,23,30)
x-timer: S1719004927.170103,VS0,VE4
etag: "762d35deab6618c8e2188b65551ff10c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 c169e09da8dffac4916b00c0fee587e5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
8 KB 44ms
44ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c169e09da8dffac4916b00c0fee587e5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ab6663c7bff04184721347a81cc38748e173b12f44737270331a8d5930cb8f06

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c169e09da8dffac4916b00c0fee587e5.jpg
age: 2130500
edge-cache-tag: 310165035180675793021928839638344283296,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 310165035180675793021928839638344283296,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 51
expiration: expiry-date="Sun, 02 Jun 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.lokalkompass.de/
fastly-restarts: 1
content-length: 7784
x-served-by: cache-iad-kjyo7100113-IAD, cache-iad-kcgs7200128-IAD, cache-lga21967-LGA, cache-fra-etou8220159-FRA
last-modified: Thu, 02 May 2024 00:04:32 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=10221,owidth=1000,oheight=600,obytes=93020,ef=(1,13,17,23,30)
x-timer: S1719004927.173915,VS0,VE1
etag: "d55fa88edb54771915d52002609fbaee"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 0

GET
H2 200 1b12c593a64860767bddf357de5c6ca3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 43ms
41ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1b12c593a64860767bddf357de5c6ca3.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c170c9ea93e182c54e85defd549ca6c05c371ef7c47880911eaf8f5e75054e25

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1b12c593a64860767bddf357de5c6ca3.jpg
age: 34249
edge-cache-tag: 475844375202923296797780500916045538167,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 475844375202923296797780500916045538167,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 439
req-referer: https://variety.com/
content-length: 15778
x-request-id: 391d2ac03caf1dfc413d78f508e82e10
x-served-by: cache-iad-kiad7000038-IAD, cache-iad-kiad7000038-IAD, cache-bur-kbur8200084-BUR, cache-iad-kcgs7200023-IAD, cache-fra-etou8220159-FRA
x-orig-request-id: 15087b17962dbc69c1236de16330e3a1
last-modified: Fri, 21 Jun 2024 11:13:35 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=29615,owidth=1200,oheight=675,obytes=384227,ef=(1,13,17,23,30)
x-timer: S1719004927.220082,VS0,VE1
etag: "26979dd67e8fac7d1291095be25172d6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 34f47cb903a8df3192618e3dd0de365d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 43ms
41ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34f47cb903a8df3192618e3dd0de365d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 24df275e07f79829e1a69afdfbf5453ace864534578837e1fa237d76d7c4753d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34f47cb903a8df3192618e3dd0de365d.jpg
age: 4560273
edge-cache-tag: 401194571202037701432577424229878662289,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 401194571202037701432577424229878662289,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 329
req-referer: https://variety.com/
content-length: 13516
x-request-id: f642bd63f02c70ec6b2f64fa8ccc3ae2
x-served-by: cache-iad-kcgs7200043-IAD, cache-iad-kcgs7200094-IAD, cache-lga21929-LGA, cache-iad-kjyo7100060-IAD, cache-fra-etou8220159-FRA
last-modified: Thu, 29 Feb 2024 16:12:35 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=20456,owidth=1200,oheight=675,obytes=151473,ef=(1,13,17,23,30)
x-timer: S1719004927.220188,VS0,VE0
etag: "c7844beda927b1dfa3f7ea3d280b486c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

GET
H2 200 de1fcb8e8184aa1949e144735f1bed1b.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1344%2Cx_0%2Cy_39/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
5 KB 42ms
40ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1344%2Cx_0%2Cy_39/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de1fcb8e8184aa1949e144735f1bed1b.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef656f7451def5d394d2784e70de4774c09af329574bb5be4ddb7eeb1ac6ff6c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1344%2Cx_0%2Cy_39/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de1fcb8e8184aa1949e144735f1bed1b.png
age: 2213241
edge-cache-tag: 621321138794329006462785856759759204455,490846216758000206110702442916452216638,29ecf9b93bbf306179626feeda1fab70
cache-tag: 621321138794329006462785856759759204455,490846216758000206110702442916452216638,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 18
expiration: expiry-date="Fri, 08 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://dl.gmx.net/
content-length: 4508
x-served-by: cache-iad-kcgs7200163-IAD, cache-iad-kiad7000136-IAD, cache-lax-kwhp1940092-LAX, cache-iad-kjyo7100020-IAD, cache-fra-etou8220159-FRA
last-modified: Tue, 06 Feb 2024 13:31:27 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=6062,owidth=1344,oheight=896,obytes=1939229,ef=(1,13,17,23,30)
x-timer: S1719004927.267045,VS0,VE1
etag: "bbc557e22df5317acdcafdcd2804f150"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 0

GET
H2 200 02c065e4201b9b369e34f4ead934c309.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1000%2Cx_0%2Cy_11/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 43ms
41ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1000%2Cx_0%2Cy_11/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02c065e4201b9b369e34f4ead934c309.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 17162d49ee44bcc3d66d3ae380e017f5cc229493aa849453d983183c74fb0680

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1000%2Cx_0%2Cy_11/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02c065e4201b9b369e34f4ead934c309.jpg
age: 962249
edge-cache-tag: 301186196121031063010811067903516874027,613086814954088697107889346913466001545,29ecf9b93bbf306179626feeda1fab70
cache-tag: 301186196121031063010811067903516874027,613086814954088697107889346913466001545,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 363
req-referer: https://dl.gmx.net/
content-length: 8554
x-request-id: 2e71ba5ef3812b50a140d083630e831a
x-served-by: cache-iad-kcgs7200070-IAD, cache-iad-kjyo7100153-IAD, cache-iad-kjyo7100162-IAD, cache-fra-etou8220159-FRA
last-modified: Tue, 30 Apr 2024 09:43:12 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=13579,owidth=1000,oheight=600,obytes=255634,ef=(1,13,17,23,30)
x-timer: S1719004927.266989,VS0,VE1
etag: "9c0f653e9f3961721fd5b783b7bcdac1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0

GET
H2 200 3d2dedeb5580d29f5bdb183768bf3db7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
13 KB 42ms
41ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3d2dedeb5580d29f5bdb183768bf3db7.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dc1cbbea1c81b64091090366bdc01c4766c81a34f96c258bbfde112674cb1354

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3d2dedeb5580d29f5bdb183768bf3db7.png
age: 2346479
edge-cache-tag: 460107995788955158908202469206672941411,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 460107995788955158908202469206672941411,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 379
req-referer: https://www.krone.at/
content-length: 12454
x-request-id: 698156aaa76926a003be023e5f64150a
x-served-by: cache-iad-kiad7000146-IAD, cache-iad-kcgs7200172-IAD, cache-lax-kwhp1940095-LAX, cache-iad-kcgs7200175-IAD, cache-fra-etou8220159-FRA
last-modified: Fri, 12 Jan 2024 17:44:13 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=16108,owidth=1200,oheight=800,obytes=1668997,ef=(1,13,17,23,30)
x-timer: S1719004927.307622,VS0,VE1
etag: "5e62bacf488004d709ad31580475736c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 0

GET
H2 200 0c39a4b0b8af99230b5772a87ad79168.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 3 KB
4 KB 44ms
42ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0c39a4b0b8af99230b5772a87ad79168.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 95a3996914459858c0809a519a69adf1c0b08b6fd79bdff4cf3a3dc2434ad335

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0c39a4b0b8af99230b5772a87ad79168.jpg
age: 2057899
edge-cache-tag: 384046819964366238620002347513433637666,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 384046819964366238620002347513433637666,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 39
req-referer: https://www.kicker.de/
content-length: 3332
x-request-id: b2e6fe068a2931a48de103f4817ca7dc
x-served-by: cache-iad-kjyo7100097-IAD, cache-iad-kiad7000082-IAD, cache-iad-kjyo7100149-IAD, cache-fra-etou8220159-FRA
last-modified: Thu, 14 Sep 2023 19:36:03 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=5174,owidth=855,oheight=573,obytes=44600
x-timer: S1719004927.312941,VS0,VE1
etag: "53b025bb1ffbb85189a99155562ffd8d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2, 0

GET
H2 200 1408229371__EezIBs3F.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1928%2Cx_96%2Cy_264/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/... 7 KB
8 KB 45ms
44ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1928%2Cx_96%2Cy_264/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/1408229371__EezIBs3F.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0560772a745172f82640079373826cd6acf25980519848de400ccb3359da20c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1928%2Cx_96%2Cy_264/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/1408229371__EezIBs3F.jpg
age: 1414788
edge-cache-tag: 486683553736198209957674247014814470688,464018085027286602903325450355951300564,29ecf9b93bbf306179626feeda1fab70
cache-tag: 486683553736198209957674247014814470688,464018085027286602903325450355951300564,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 765
req-referer: https://dl.web.de/
content-length: 6826
x-request-id: d51156c97dfbfaf0bf14bb2d43ff678b
x-served-by: cache-iad-kiad7000171-IAD, cache-iad-kjyo7100030-IAD, cache-ewr18160-EWR, cache-iad-kiad7000171-IAD, cache-fra-etou8220159-FRA
last-modified: Tue, 04 Jun 2024 19:15:43 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=8464,owidth=2121,oheight=1414,obytes=1065536,ef=(1,13,17,23,30)
x-timer: S1719004927.313394,VS0,VE1
etag: "af152e97cfbcf6c692b96306e72e563c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 f5f76471bcec980d351b5595e54a5aed.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1000%2Cx_0%2Cy_37/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 43ms
42ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1000%2Cx_0%2Cy_37/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f5f76471bcec980d351b5595e54a5aed.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d5236d4fd7724371f395de35bdc8e51d46f8bb37da4c0a177b4cf096901811ac

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1000%2Cx_0%2Cy_37/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f5f76471bcec980d351b5595e54a5aed.png
age: 374024
edge-cache-tag: 356120155214528323411455428548689134790,347737373900171140551620461094582248200,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356120155214528323411455428548689134790,347737373900171140551620461094582248200,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 506
req-referer: https://www.sport1.de/news/fussball/em/2024/06/em-2024-kroos-macht-verletzungs-gestandnis
content-length: 9108
x-request-id: 7a58199a0b75874ce235f248ff3bda31
x-served-by: cache-iad-kiad7000129-IAD, cache-iad-kiad7000129-IAD, cache-ewr18161-EWR, cache-iad-kcgs7200070-IAD, cache-fra-etou8220159-FRA
x-orig-request-id: b9d765ced4df96b59cf8efadd6600b1c
last-modified: Mon, 17 Jun 2024 12:51:27 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=15176,owidth=1000,oheight=600,obytes=1119770,ef=(1,13,17,23,30)
x-timer: S1719004927.313248,VS0,VE1
etag: "a32aeac41e019751ee8595eaf3a96fe0"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 1

GET
H2 200 f23d7438ebf93814b90446dd1f124112.jpeg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1116%2Cx_22%2Cy_0/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
7 KB 43ms
41ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1116%2Cx_22%2Cy_0/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f23d7438ebf93814b90446dd1f124112.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 30bf806524022ea71d9a9fc524b7b572f38b97a27613e17542031a74f62644fb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1116%2Cx_22%2Cy_0/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f23d7438ebf93814b90446dd1f124112.jpeg
age: 2345948
edge-cache-tag: 436856578952603683077908782542781900734,545181647489206698269372048536122559267,29ecf9b93bbf306179626feeda1fab70
cache-tag: 436856578952603683077908782542781900734,545181647489206698269372048536122559267,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 331
req-referer: https://www.unnuetzes.com/
content-length: 6840
x-request-id: c4e1d4eab32a18e12dfea5e7e94bc3ba
x-served-by: cache-iad-kjyo7100123-IAD, cache-iad-kiad7000129-IAD, cache-lga21931-LGA, cache-iad-kiad7000175-IAD, cache-fra-etou8220159-FRA
last-modified: Wed, 15 May 2024 13:17:11 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=11785,owidth=1200,oheight=628,obytes=159498,ef=(1,13,17,23,30)
x-timer: S1719004927.313281,VS0,VE1
etag: "f001d591e429b5932c092547087e1ed5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 0

GET
H2 200 d746ceb9-2c79-48ff-b452-8fdf26e03e72__Jt9f0dFx.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION_OUTCROP/ESD/ 7 KB
8 KB 45ms
44ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION_OUTCROP/ESD/d746ceb9-2c79-48ff-b452-8fdf26e03e72__Jt9f0dFx.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b9d3aaf65468f0f2f8f9f20835ce829e7c7c3d3d7c500ba3d381a0d9ff3bfca

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION_OUTCROP/ESD/d746ceb9-2c79-48ff-b452-8fdf26e03e72__Jt9f0dFx.jpg
age: 1844650
edge-cache-tag: 577383101218444607830083008469862066611,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 577383101218444607830083008469862066611,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 351
req-referer: https://www.theweathernetwork.com/
content-length: 7226
x-request-id: f1750a09a68979de4d21f81e6705c99d
x-served-by: cache-iad-kiad7000135-IAD, cache-iad-kiad7000048-IAD, cache-bur-kbur8200079-BUR, cache-iad-kjyo7100100-IAD, cache-fra-etou8220159-FRA
last-modified: Fri, 31 May 2024 09:32:07 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=12145,owidth=1333,oheight=750,obytes=353298,ef=(1,13,17,23,30)
x-timer: S1719004927.313489,VS0,VE1
etag: "61f5c0bfa4b8fbf71964ee73351ec5c7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 1cebfad62e42d121c38cf515afc20b72.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 40ms
40ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1cebfad62e42d121c38cf515afc20b72.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a96845ced1367c129411e6a870126f316702a8b8a31e7162a4a47355b3264a2f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1cebfad62e42d121c38cf515afc20b72.png
age: 1215734
edge-cache-tag: 619151401227437030386404073562298358090,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 619151401227437030386404073562298358090,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 48
req-referer: https://www.skai.gr/
content-length: 11124
x-request-id: 8a0542db4833a982d13036fd43df34e8
x-served-by: cache-iad-kjyo7100038-IAD, cache-iad-kjyo7100065-IAD, cache-lga21926-LGA, cache-iad-kcgs7200029-IAD, cache-fra-etou8220159-FRA
last-modified: Wed, 31 Jan 2024 14:36:04 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=17994,owidth=1067,oheight=600,obytes=1020510,ef=(1,13,17,23,30)
x-timer: S1719004927.349810,VS0,VE1
etag: "7dfb4d1327a1d7e9daa01dd28e6ad570"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 8, 0

GET
H2 200 48531d7a-41a7-4586-b44c-6fa31446a255__t75wqBGL.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1344%2Cx_0%2Cy_0/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION... 6 KB
7 KB 48ms
45ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1344%2Cx_0%2Cy_0/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/48531d7a-41a7-4586-b44c-6fa31446a255__t75wqBGL.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6717a0d63fb9f05b2ec8d7b64c40ccf92769f2ee940b17b7691b1a2741f12db8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1344%2Cx_0%2Cy_0/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/48531d7a-41a7-4586-b44c-6fa31446a255__t75wqBGL.jpg
age: 389486
edge-cache-tag: 437074984196429959829161826647263379957,470835588405733475393238284874777635051,29ecf9b93bbf306179626feeda1fab70
cache-tag: 437074984196429959829161826647263379957,470835588405733475393238284874777635051,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 364
req-referer: https://dl.gmx.net/
content-length: 6120
x-request-id: 4dd2f0484e0f20e0ed0277b3cedf435d
x-served-by: cache-iad-kjyo7100128-IAD, cache-iad-kcgs7200158-IAD, cache-bur-kbur8200030-BUR, cache-iad-kcgs7200044-IAD, cache-fra-etou8220159-FRA
last-modified: Thu, 23 May 2024 09:00:35 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=7964,owidth=1344,oheight=768,obytes=150863,ef=(1,13,17,23,30)
x-timer: S1719004927.359383,VS0,VE1
etag: "cbadfe34491f1915854b5b031ce7a5e5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 460635c93b4697a127cea8a16306f72c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 41ms
40ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/460635c93b4697a127cea8a16306f72c.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 39ad9e93ddba662a98a80d5bede81ff874fcad990ab38d3c47f00c0254787c52

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/460635c93b4697a127cea8a16306f72c.png
age: 95934
edge-cache-tag: 363964238170897171755361884948468772735,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 363964238170897171755361884948468772735,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 655
req-referer: https://www.nst.com.my/
content-length: 6370
x-request-id: b4eb6e756f3f89e132e3c7970eef307d
x-served-by: cache-iad-kjyo7100030-IAD, cache-iad-kiad7000147-IAD, cache-lga21957-LGA, cache-iad-kiad7000099-IAD, cache-fra-etou8220159-FRA
last-modified: Fri, 31 May 2024 09:10:53 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=8934,owidth=1200,oheight=800,obytes=1225944,ef=(1,13,17,23,30)
x-timer: S1719004927.359369,VS0,VE1
etag: "6a923a94798deae45c9d7272a2b9374f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 b43786930fe02d1fb05defa1b0e191f2.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 48ms
47ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b43786930fe02d1fb05defa1b0e191f2.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 01223667ba7790734d38e4ad097ff53875bb15d25f021721fe361553a365a0bb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b43786930fe02d1fb05defa1b0e191f2.jpeg
age: 1699701
edge-cache-tag: 345570655284746550747596462500596749373,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 345570655284746550747596462500596749373,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-envoy-upstream-service-time: 61
expiration: expiry-date="Sat, 11 May 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://hsv24.mopo.de/
fastly-restarts: 1
content-length: 9592
x-served-by: cache-iad-kiad7000121-IAD, cache-iad-kiad7000075-IAD, cache-fra-etou8220159-FRA
last-modified: Wed, 10 Apr 2024 12:32:58 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=20613,owidth=1200,oheight=628,obytes=259923,ef=(1,13,17,23,30)
x-timer: S1719004927.359508,VS0,VE1
etag: "3be3f7718e9993237c65f592e63f6f6f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 d98cbd12e491dc71c99e1033e448e484.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1200%2Cx_0%2Cy_33/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
5 KB 47ms
46ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1200%2Cx_0%2Cy_33/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d98cbd12e491dc71c99e1033e448e484.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c9aff5b52742803a1a46ddc9f332dc79d7bf3429f32d184f929d809d032d6e1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1200%2Cx_0%2Cy_33/c_fill%2Cw_240%2Ch_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d98cbd12e491dc71c99e1033e448e484.png
age: 869972
edge-cache-tag: 528205373070996970518681305553316432509,345382819396679186330900157108965151750,29ecf9b93bbf306179626feeda1fab70
cache-tag: 528205373070996970518681305553316432509,345382819396679186330900157108965151750,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 304
req-referer: https://dl.gmx.net/
content-length: 4832
x-request-id: f9acca04387055058e469418c4628c14
x-served-by: cache-iad-kiad7000148-IAD, cache-iad-kjyo7100062-IAD, cache-lga21961-LGA, cache-iad-kiad7000166-IAD, cache-fra-etou8220159-FRA
last-modified: Thu, 16 May 2024 14:40:05 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=6661,owidth=1200,oheight=800,obytes=1440924,ef=(1,13,17,23,30)
x-timer: S1719004927.359502,VS0,VE1
etag: "d70194df3c1266f65bf21acda0b9bf10"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 62103152ac597d9e67c903a74b66d815.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 3 KB
3 KB 48ms
48ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/62103152ac597d9e67c903a74b66d815.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f0e97bde738452ae5ad171ff4237291dfc7fe9a58d28337af67f93af9e5bca28

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/62103152ac597d9e67c903a74b66d815.jpg
age: 1949920
edge-cache-tag: 461771562911642958526425760047770177224,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461771562911642958526425760047770177224,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 301
req-referer: https://www.laopiniondemalaga.es/internacional/2024/05/30/mueren-24-presos-carceles-ecuatorianas-103101895.html
content-length: 2694
x-request-id: c991da6b831f9ca149f219299554d865
x-served-by: cache-iad-kiad7000121-IAD, cache-iad-kjyo7100044-IAD, cache-bur-kbur8200163-BUR, cache-iad-kjyo7100065-IAD, cache-fra-etou8220159-FRA
last-modified: Wed, 29 May 2024 14:25:02 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=3850,owidth=1067,oheight=600,obytes=204009,ef=(1,13,17,23,30)
x-timer: S1719004927.359814,VS0,VE1
etag: "8cf5ac099b393ef9724708b4b04774f6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 d07ff2f1-db4c-425b-a364-600c5244f9a9__V2DUNDay.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 6 KB
7 KB 41ms
41ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d07ff2f1-db4c-425b-a364-600c5244f9a9__V2DUNDay.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dd1f2cb5340e9688c37d736224888f5a010e460bfff92d0e2140e71cb4bf7d70

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d07ff2f1-db4c-425b-a364-600c5244f9a9__V2DUNDay.jpg
age: 1003548
edge-cache-tag: 517965424896712386059454489759023947797,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 517965424896712386059454489759023947797,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 389
req-referer: https://www.ynet.co.il/
content-length: 6178
x-request-id: 11033fc965c472af453f997bd60f7a92
x-served-by: cache-iad-kjyo7100116-IAD, cache-iad-kjyo7100151-IAD, cache-lga21977-LGA, cache-iad-kiad7000151-IAD, cache-fra-etou8220159-FRA
last-modified: Tue, 28 May 2024 08:33:34 GMT
server: nginx
surrogate-reporting: width=240,height=134,bytes=9151,owidth=1999,oheight=1444,obytes=177884,ef=(1,13,17,23,30)
x-timer: S1719004927.391997,VS0,VE1
etag: "af0b77fd972ea5490dda7631e05fbdec"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 0

GET
H2 200 dog0811a_NSTfield_image_socialmedia.var_1604832460.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/ 21 KB
22 KB 43ms
43ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/dog0811a_NSTfield_image_socialmedia.var_1604832460.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 544e7a4b62f2401fe27c744f5695c4a2c84bbebfa81981209e88b9a125809a22

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/dog0811a_NSTfield_image_socialmedia.var_1604832460.jpg
age: 214063
edge-cache-tag: 314754004698301728722733020671943737292,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 314754004698301728722733020671943737292,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 416
expiration: expiry-date="Sat, 22 Jun 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nst.com.my/
content-length: 21658
x-served-by: cache-iad-kiad7000115-IAD, cache-iad-kiad7000115-IAD, cache-ewr18131-EWR, cache-iad-kjyo7100157-IAD, cache-fra-etou8220159-FRA
last-modified: Wed, 22 May 2024 02:19:07 GMT
server: nginx
surrogate-reporting: width=1200,height=600,bytes=38404,owidth=1200,oheight=629,obytes=46243,ef=(1,13,17,23,30)
x-timer: S1719004927.402652,VS0,VE1
etag: "20cf80a72528613a2a58d56ed349da7e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 6, 0

GET
H2 200 seve65_field_image_socialmedia.var_1508948403.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/ 71 KB
72 KB 44ms
41ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/seve65_field_image_socialmedia.var_1508948403.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e972c8e4156221a6350a490c3148c9449555491b62d053724ade58f94cf885e0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/seve65_field_image_socialmedia.var_1508948403.jpg
age: 2728610
edge-cache-tag: 583097387209289226719759088008637971633,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 583097387209289226719759088008637971633,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 359
expiration: expiry-date="Wed, 05 Jun 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nst.com.my/
content-length: 72530
x-served-by: cache-iad-kcgs7200127-IAD, cache-iad-kcgs7200142-IAD, cache-bur-kbur8200064-BUR, cache-iad-kjyo7100155-IAD, cache-fra-etou8220159-FRA
last-modified: Sun, 05 May 2024 12:20:14 GMT
server: nginx
surrogate-reporting: width=1200,height=600,bytes=87980,owidth=1200,oheight=630,obytes=111790,ef=(1,13,17,23,30)
x-timer: S1719004927.411470,VS0,VE1
etag: "8f02c12515071b9bb580e547540bf9fb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 15, 0

GET
H2 200 meg40-MS1102_NSTfield_image_socialmedia.var_1707642910.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/ 105 KB
106 KB 46ms
43ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/meg40-MS1102_NSTfield_image_socialmedia.var_1707642910.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f8c0429c332f0e605f926be57d4bca19f7c1e62dd4e5a34fb733b4f15b8ad87d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/meg40-MS1102_NSTfield_image_socialmedia.var_1707642910.jpg
age: 2674848
edge-cache-tag: 510597414988712614631997622504758305695,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 510597414988712614631997622504758305695,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 534
req-referer: https://www.nst.com.my/
content-length: 107520
x-request-id: 64721c05f70ce17d85e908787ca964e7
x-served-by: cache-iad-kjyo7100062-IAD, cache-iad-kjyo7100062-IAD, cache-lga21938-LGA, cache-iad-kcgs7200158-IAD, cache-fra-etou8220159-FRA
last-modified: Tue, 16 Apr 2024 10:56:55 GMT
server: nginx
surrogate-reporting: width=1200,height=600,bytes=112632,owidth=1200,oheight=630,obytes=144186,ef=(1,13,17,23,30)
x-timer: S1719004927.411614,VS0,VE1
etag: "d926341925f389c2b012ada0265c7e37"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 10, 0

GET
H2 200 hawa21_NSTfield_image_socialmedia.var_1653659254.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/ 22 KB
23 KB 130ms
128ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/hawa21_NSTfield_image_socialmedia.var_1653659254.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 730292af006c08a85645959b5c6e0f2d7c02d779c228626df1d20d0c693cde15

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 89
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/hawa21_NSTfield_image_socialmedia.var_1653659254.jpg
age: 1156274
edge-cache-tag: 366872773046582234889039302272090892143,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 366872773046582234889039302272090892143,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 320
expiration: expiry-date="Sat, 29 Jun 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nst.com.my/
content-length: 22466
x-served-by: cache-iad-kiad7000126-IAD, cache-iad-kjyo7100155-IAD, cache-bur-kbur8200067-BUR, cache-iad-kcgs7200146-IAD, cache-fra-etou8220159-FRA
last-modified: Wed, 29 May 2024 21:47:02 GMT
server: nginx
surrogate-reporting: width=1200,height=600,bytes=36420,owidth=1200,oheight=630,obytes=39536,ef=(1,13,17,23,30)
x-timer: S1719004927.411592,VS0,VE89
etag: "c04d2ca94536238aefbda16c3d0fe58a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 0, 6, 0

GET
H2 200 jumper_1228_NSTfield_image_socialmedia.var_1545989370.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/ 23 KB
24 KB 44ms
41ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/jumper_1228_NSTfield_image_socialmedia.var_1545989370.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f584b0768763b8798537762d7db42355b719d6161d37704548cd5fcd934a7f3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/jumper_1228_NSTfield_image_socialmedia.var_1545989370.jpg
age: 2395731
edge-cache-tag: 346538635394741772953033035411160822840,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 346538635394741772953033035411160822840,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 302
req-referer: https://www.nst.com.my/
content-length: 23866
x-request-id: 024f4524e08b692409fe89c79f74eca4
x-served-by: cache-iad-kiad7000077-IAD, cache-iad-kcgs7200167-IAD, cache-ewr18166-EWR, cache-iad-kiad7000098-IAD, cache-fra-etou8220159-FRA
last-modified: Sat, 11 May 2024 15:46:00 GMT
server: nginx
surrogate-reporting: width=1200,height=600,bytes=65688,owidth=1200,oheight=630,obytes=83277,ef=(1,13,17,23,30)
x-timer: S1719004927.411805,VS0,VE1
etag: "edff5f7dd8534ea0281fec52eb49a019"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 0, 4, 0

GET
H2 200 221655ce032044f5ae2f7f6de9ec5bdb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 41 KB
42 KB 45ms
45ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/221655ce032044f5ae2f7f6de9ec5bdb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d36f5f47bc353cee74bc88ebc2b1ecf97de2f0de394a6a60478c975c3e793b93

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/221655ce032044f5ae2f7f6de9ec5bdb.jpg
age: 1708078
edge-cache-tag: 494366385138543953060662240160626996212,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 494366385138543953060662240160626996212,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 248
expiration: expiry-date="Mon, 18 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.caughtoffside.com/
content-length: 42142
x-served-by: cache-iad-kcgs7200138-IAD, cache-iad-kcgs7200138-IAD, cache-lga21942-LGA, cache-iad-kjyo7100069-IAD, cache-fra-etou8220159-FRA
last-modified: Fri, 16 Feb 2024 12:16:32 GMT
server: nginx
surrogate-reporting: width=1200,height=666,bytes=75280,owidth=1200,oheight=675,obytes=381043,ef=(1,13,17,23,30)
x-timer: S1719004927.432535,VS0,VE1
etag: "a4759fbce71c7d52bd6ba4dd7a96399b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 43, 1

GET
H2 200 49a00e44616cab58a2178f1066dcb891.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 63 KB
64 KB 48ms
48ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49a00e44616cab58a2178f1066dcb891.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6369ed5dffb6ada7cb550878b932cd9a974b42fa2f94baf15678dc8425aa5e7d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49a00e44616cab58a2178f1066dcb891.jpg
age: 901791
edge-cache-tag: 350770705811172851945491367502504963601,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 350770705811172851945491367502504963601,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 904
req-referer: https://www.t-online.de/
content-length: 64182
x-request-id: 56def6842fb9c70e897484605d1a9038
x-served-by: cache-iad-kcgs7200028-IAD, cache-iad-kcgs7200138-IAD, cache-lga21973-LGA, cache-iad-kjyo7100059-IAD, cache-fra-etou8220159-FRA
last-modified: Mon, 10 Jun 2024 20:05:44 GMT
server: nginx
surrogate-reporting: width=1920,height=1066,bytes=275932,owidth=1920,oheight=1080,obytes=1181862,ef=(1,13,17,23,30)
x-timer: S1719004927.445831,VS0,VE1
etag: "a103b90980cf955006208f8b3702e716"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 10OrgansST_NSTfield_image_socialmedia.var_1549786450.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/ 10 KB
10 KB 41ms
40ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/10OrgansST_NSTfield_image_socialmedia.var_1549786450.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e291baf1ca3347fb6481fc3e7c32210ba1f9d18cc9926ef2083d021ba8ad1ebd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/10OrgansST_NSTfield_image_socialmedia.var_1549786450.jpg
age: 3240989
edge-cache-tag: 391232373914503087558052592908320585185,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 391232373914503087558052592908320585185,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 209
expiration: expiry-date="Fri, 26 Apr 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nst.com.my/
fastly-restarts: 1
content-length: 9890
x-served-by: cache-iad-kcgs7200081-IAD, cache-iad-kcgs7200092-IAD, cache-ewr18162-EWR, cache-fra-etou8220159-FRA
last-modified: Tue, 26 Mar 2024 17:10:21 GMT
server: nginx
surrogate-reporting: width=1133,height=630,bytes=52853,owidth=1200,oheight=630,obytes=50905,ef=(1,13,17,23,30)
x-timer: S1719004927.455583,VS0,VE1
etag: "d5e34914b5690437ec44c4888b605043"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 122, 0, 0

GET
H2 200 rosm7_NSTfield_image_socialmedia.var_1662020590.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/ 67 KB
68 KB 40ms
40ms Image
image/jpeg 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/rosm7_NSTfield_image_socialmedia.var_1662020590.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c63a81a573144371e8b67858025def42f1c1a641cf04c654e8ca48d911828c26

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/rosm7_NSTfield_image_socialmedia.var_1662020590.jpg
age: 4950701
edge-cache-tag: 600685560929981091882450991031888925695,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 600685560929981091882450991031888925695,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 78
expiration: expiry-date="Wed, 08 May 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nst.com.my/
content-length: 68370
x-served-by: cache-iad-kcgs7200071-IAD, cache-iad-kiad7000107-IAD, cache-iad-kiad7000025-IAD, cache-fra-etou8220159-FRA
last-modified: Sun, 07 Apr 2024 22:15:03 GMT
server: nginx
surrogate-reporting: width=1133,height=630,bytes=68370,owidth=1200,oheight=630,obytes=83659,ef=(1,13,17,23,30)
x-timer: S1719004927.467208,VS0,VE1
etag: "8fe8d6c0d92ca3099566f1ecc9558737"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 52, 0

GET
H2 200 01dream210624sp_NSTfield_image_socialmedia.var_1718960574.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/ 32 KB
33 KB 131ms
131ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/01dream210624sp_NSTfield_image_socialmedia.var_1718960574.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 64dbf2b9d02e098ba9a339e6b1cdab2cd938cfd13677b5c4172c176bc23f18f3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 92
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/01dream210624sp_NSTfield_image_socialmedia.var_1718960574.jpg
age: 43537
edge-cache-tag: 385844254092569648401048433389109545129,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 385844254092569648401048433389109545129,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 153
req-referer: https://www.nst.com.my/
content-length: 32632
x-request-id: c90978797b1317c2fbabed7162099a4f
x-served-by: cache-iad-kjyo7100036-IAD, cache-iad-kjyo7100036-IAD, cache-lga21953-LGA, cache-iad-kcgs7200131-IAD, cache-fra-etou8220159-FRA
x-orig-request-id: 5d393198d260783309a276fbfd1c9558
last-modified: Fri, 21 Jun 2024 09:06:06 GMT
server: nginx
surrogate-reporting: width=1133,height=630,bytes=80928,owidth=1200,oheight=630,obytes=106933,ef=(1,13,17,23,30)
x-timer: S1719004927.479310,VS0,VE92
etag: "ba5561cb249960a51f35a9c4d0c8f009"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 10, 0

GET
H2 200 kas6-KMS1902_NSTfield_image_socialmedia.var_1708339326.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/ 62 KB
63 KB 40ms
40ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/kas6-KMS1902_NSTfield_image_socialmedia.var_1708339326.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2386f0f773fb35120222e056418c24c4993829b5f57d0e9f2ed7b17e7beb931b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/kas6-KMS1902_NSTfield_image_socialmedia.var_1708339326.jpg
age: 4580655
edge-cache-tag: 420242213168353665597922898433795410914,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 420242213168353665597922898433795410914,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 355
req-referer: https://www.nst.com.my/
content-length: 63868
x-request-id: 639a0e75da57a0605dac0243d36815a6
x-served-by: cache-iad-kcgs7200080-IAD, cache-iad-kcgs7200080-IAD, cache-lga21928-LGA, cache-iad-kiad7000097-IAD, cache-fra-etou8220159-FRA
last-modified: Sun, 28 Apr 2024 16:38:54 GMT
server: nginx
surrogate-reporting: width=1133,height=630,bytes=89298,owidth=1200,oheight=630,obytes=110079,ef=(1,13,17,23,30)
x-timer: S1719004927.484561,VS0,VE1
etag: "37352a021b8939d6bb0bc926d4397d55"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 16, 0, 8, 0

GET
H2 200 01tree210624sp_NSTfield_image_socialmedia.var_1718985715.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/ 99 KB
100 KB 493ms
485ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/01tree210624sp_NSTfield_image_socialmedia.var_1718985715.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4bad13c22c738c2b09ae700a54a63926c1b29fd70791edc1939e9f1304111419

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 445
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/01tree210624sp_NSTfield_image_socialmedia.var_1718985715.jpg
age: 16582
edge-cache-tag: 393091348835813124388686745064522114892,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 393091348835813124388686745064522114892,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, MISS, MISS
x-envoy-upstream-service-time: 316
req-referer: https://www.nst.com.my/
content-length: 101424
x-request-id: 20efd2a480a53654696b46284edaeb64
x-served-by: cache-iad-kiad7000051-IAD, cache-iad-kiad7000051-IAD, cache-lga21920-LGA, cache-iad-kiad7000119-IAD, cache-fra-etou8220159-FRA
x-orig-request-id: 64e799a80906871407a383819550ada2
last-modified: Fri, 21 Jun 2024 16:06:35 GMT
server: nginx
surrogate-reporting: width=1133,height=630,bytes=120289,owidth=1200,oheight=630,obytes=153541,ef=(1,13,17,23,30)
x-timer: S1719004928.507491,VS0,VE445
etag: "4817a5df90f23fbe1cd91185c13a9d38"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 34f47cb903a8df3192618e3dd0de365d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 143 KB
144 KB 53ms
46ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34f47cb903a8df3192618e3dd0de365d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 68fab4c3ca76c9b4af93f981ca4e2b104a4c5e162765087649afc460c6589602

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 2
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34f47cb903a8df3192618e3dd0de365d.jpg
age: 5721663
edge-cache-tag: 401194571202037701432577424229878662289,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 401194571202037701432577424229878662289,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 169
expiration: expiry-date="Tue, 05 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.express.de/
content-length: 146820
x-served-by: cache-iad-kjyo7100127-IAD, cache-iad-kiad7000142-IAD, cache-lax-kwhp1940050-LAX, cache-iad-kjyo7100142-IAD, cache-fra-etou8220159-FRA
last-modified: Sat, 03 Feb 2024 09:46:49 GMT
server: nginx
surrogate-reporting: width=1200,height=666,bytes=163843,owidth=1200,oheight=675,obytes=151473,ef=(1,13,17,23,30)
x-timer: S1719004928.507617,VS0,VE2
etag: "5e64252689da37b0af9562dd1181db6d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 1

GET
H2 200 c169e09da8dffac4916b00c0fee587e5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 53 KB
53 KB 81ms
81ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c169e09da8dffac4916b00c0fee587e5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ed7b388f4d1c08b88cb7625d5338bd641be610c1676980ef3413a65f8307ccf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c169e09da8dffac4916b00c0fee587e5.jpg
age: 3235104
edge-cache-tag: 310165035180675793021928839638344283296,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 310165035180675793021928839638344283296,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 178
expiration: expiry-date="Thu, 19 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sueddeutsche.de/
content-length: 53854
x-served-by: cache-iad-kiad7000050-IAD, cache-iad-kiad7000166-IAD, cache-iad-kcgs7200035-IAD, cache-fra-etou8220159-FRA
last-modified: Mon, 18 Sep 2023 18:54:37 GMT
server: nginx
surrogate-reporting: width=1000,height=555,bytes=69288,owidth=1000,oheight=600,obytes=93020
x-timer: S1719004928.516388,VS0,VE1
etag: "21e58512af24f414e9013fe99a9053b6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 96, 0

GET
H2 200 horror-MS0111_NSTfield_image_socialmedia.var_1604233526.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/ 33 KB
34 KB 71ms
70ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/horror-MS0111_NSTfield_image_socialmedia.var_1604233526.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f99a9d532ec496f046853e80d4f94aefa03d511c25a7ffc262379690bf5f4ae0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/horror-MS0111_NSTfield_image_socialmedia.var_1604233526.jpg
age: 1484004
edge-cache-tag: 376447473194268906621546721086122594595,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 376447473194268906621546721086122594595,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 264
expiration: expiry-date="Sun, 09 Jun 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nst.com.my/
content-length: 34046
x-served-by: cache-iad-kjyo7100038-IAD, cache-iad-kiad7000109-IAD, cache-lga21929-LGA, cache-iad-kcgs7200099-IAD, cache-fra-etou8220159-FRA
last-modified: Thu, 09 May 2024 12:04:23 GMT
server: nginx
surrogate-reporting: width=1133,height=630,bytes=60897,owidth=1200,oheight=630,obytes=76517,ef=(1,13,17,23,30)
x-timer: S1719004928.533759,VS0,VE1
etag: "2b29e0b486949d02bce9dbc1c7115d47"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 9, 0

GET
H2 200 01worker210624sp_NSTfield_image_socialmedia.var_1718974398.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/ 21 KB
22 KB 129ms
129ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/01worker210624sp_NSTfield_image_socialmedia.var_1718974398.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 82e5f89db70b6d0ecc31b5b472ba5b029f46d37f0efb43a051ee4b637a688390

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 89
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//assets.nst.com.my/images/articles/01worker210624sp_NSTfield_image_socialmedia.var_1718974398.jpg
age: 29559
edge-cache-tag: 517868104382515934384641921190066872426,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 517868104382515934384641921190066872426,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 237
req-referer: https://www.nst.com.my/
content-length: 21892
x-request-id: 1a116aec119d5ae142024c62807bc1e1
x-served-by: cache-iad-kcgs7200141-IAD, cache-iad-kcgs7200141-IAD, cache-lga21945-LGA, cache-iad-kjyo7100146-IAD, cache-fra-etou8220159-FRA
last-modified: Fri, 21 Jun 2024 13:00:41 GMT
server: nginx
surrogate-reporting: width=1133,height=630,bytes=42203,owidth=1200,oheight=630,obytes=66915,ef=(1,13,17,23,30)
x-timer: S1719004928.542127,VS0,VE89
etag: "40a4a70f347280d95f9cb7830a6063dd"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 3, 0

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.9.6/ 121 KB
34 KB 40ms
39ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.9.6/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 336b818d1e24fd3353db49a4358fe03a8ec7cd8ce1e364ba947fd78f3d6b5cbb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Origin: https://www.nst.com.my
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 4da7673e847e4fe66842083693a9c2e0.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: BOM78-P8
age: 1772446
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 34354
x-served-by: cache-fra-etou8220128-FRA
last-modified: Sat, 01 Jun 2024 09:01:09 GMT
server: AmazonS3
x-timer: S1719004927.313533,VS0,VE0
etag: "baa3c52e53c9a98ab28000e870aff288"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: pFbs2zOullw7OdGg3_D3-uWnTB15eP1ZrF2KV7-mWuq1mViarPhW4A==
x-cache-hits: 131223

GET
H2 200 / Show response
pips.taboola.com/ 4 B
122 B 59ms
39ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220128-FRA
date: Fri, 21 Jun 2024 21:22:07 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.nst.com.my
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 204 supply-feature
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/ 0
230 B 43ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/supply-feature?route=AM:AM:V&tvi48=-48&tvi50=10882&lti=trecs&ri=1db7ce03e7af83d544fab3b9d84d2247&sd=v2_1e49ba840d6cb0986aa9edfdd6e1420a_c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e_1719004926_1719004926_CNawjgYQ8olfGKShtuWDMiABKAEwODib4wlAiIoQSPeu2QNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e&pi=/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell&wi=7010283772481944289&pt=text&vi=1719004926116&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%222415.15625%22%2C%22event_msg%22%3A%220%22%2C%22event_key%22%3A%22%22%7D&tim=23%3A22%3A07.207&id=2057&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jun 2024 21:22:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 spa-detector.20240613-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 39ms
38ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20240613-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revmediagroup-newstraitstimes/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c556f9d3641830200b35038bf7df0f8485602111032cc186fc35d912dd63eee

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: APWM7o746A3vkro4I6NARwrOPlm5ZKfq
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jun 2024 21:22:07 GMT
x-amz-request-id: PFD5EENR2QWQ53BR
age: 452802
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 781
x-amz-id-2: 3rK6TjUJXP3ZPGCBy80LBiLd+PUO9Go3NhkPwFEczRrUBAx1/DZsUb1Mm9/qPEITjxvj/Pz8knomsfa8JNSjxLJCY+7Y/WCv
x-served-by: cache-fra-etou8220159-FRA
last-modified: Sun, 16 Jun 2024 15:35:22 GMT
server: AmazonS3
x-timer: S1719004927.237981,VS0,VE0
etag: "a16357c31dbfcfc39310562f9f44a36c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 35
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 110003

GET
H2 204 supply-feature
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/ 0
230 B 43ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/supply-feature?route=AM:AM:V&tvi48=-48&tvi50=10882&lti=trecs&ri=1db7ce03e7af83d544fab3b9d84d2247&sd=v2_1e49ba840d6cb0986aa9edfdd6e1420a_c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e_1719004926_1719004926_CNawjgYQ8olfGKShtuWDMiABKAEwODib4wlAiIoQSPeu2QNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e&pi=/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell&wi=7010283772481944289&pt=text&vi=1719004926116&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=23%3A22%3A07.210&id=6639&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jun 2024 21:22:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/ 0
230 B 44ms
44ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/abtests?route=AM:AM:V&tvi48=-48&tvi50=10882&lti=trecs&ri=1db7ce03e7af83d544fab3b9d84d2247&sd=v2_1e49ba840d6cb0986aa9edfdd6e1420a_c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e_1719004926_1719004926_CNawjgYQ8olfGKShtuWDMiABKAEwODib4wlAiIoQSPeu2QNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e&pi=/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell&wi=7010283772481944289&pt=text&vi=1719004926116&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1719004927210%7D&tim=23%3A22%3A07.211&id=3887&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jun 2024 21:22:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/ 0
230 B 42ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/supply-feature?route=AM:AM:V&tvi48=-48&tvi50=10882&lti=trecs&ri=1db7ce03e7af83d544fab3b9d84d2247&sd=v2_1e49ba840d6cb0986aa9edfdd6e1420a_c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e_1719004926_1719004926_CNawjgYQ8olfGKShtuWDMiABKAEwODib4wlAiIoQSPeu2QNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e&pi=/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell&wi=7010283772481944289&pt=text&vi=1719004926116&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=23%3A22%3A07.215&id=930&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jun 2024 21:22:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 tiktok-logo-white.png
assets.nst.com.my/assets/ 2 KB
3 KB 260ms
258ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/tiktok-logo-white.png?id=676e6b293a0a0f76083e

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fdafb36f6618424a5130b2b045d22f2b37fd35c312697d20003c025edecffee

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 36195
x-guploader-uploadid: ACJd0Nozz7H5c8ggKGLEetSfNa980KLd8FfndNdM6nO7nHtptRy5RdZRltubdRwXe-HyI4fxHnT-FdMupA
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="tiktok-logo-white.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "22523f214a81c3994df0ecc57594858d"
vary: Accept
x-goog-generation: 1715945365734709
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-language: en
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:07 GMT
date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1715945353
cf-polished: origFmt=png, origSize=7939
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2194
x-xss-protection: 1; mode=block
last-modified: Tue, 18 Jun 2024 07:56:17 GMT
server: cloudflare
x-goog-hash: crc32c=uPLdXg==, md5=IlI/IUqBw5lN8OzFdZSFjQ==
x-goog-stored-content-length: 7939
accept-ranges: bytes
cf-ray: 89770d5b3cf5bf2a-WAW

GET
H2 200 tiktok-logo-red.png
assets.nst.com.my/assets/ 2 KB
695 B 264ms
261ms Image
image/webp 2606:4700::6812:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/tiktok-logo-red.png?id=4de7390a0eacca521dae

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:51c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d6be6eecf46c8be1a03339416200243d0c66be6b3fb207bed5b83015e531d40

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 264138
x-guploader-uploadid: ABPtcPpnWwWd0c3fFqS8tRIphNhJGJenoBYP0mNeBH9uUtprLYEEs_3X1HHMNAiwrx5GqnsHpKk
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="tiktok-logo-red.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "5cc8ba68ca69ba0e35ca3af2c8df732c"
vary: Accept
x-goog-generation: 1715945365736058
content-language: en
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-type: image/webp
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:07 GMT
date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1715945353
cf-polished: origFmt=png, origSize=9688
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2538
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jun 2024 07:24:14 GMT
server: cloudflare
x-goog-hash: crc32c=WQGcwg==, md5=XMi6aMppug41yjryyN9zLA==
x-goog-stored-content-length: 9688
accept-ranges: bytes
cf-ray: 89770d5b3cf7bf2a-WAW

GET
H3 200 NST-Logo.png
assets.nst.com.my/assets/ 4 KB
690 B 264ms
262ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/NST-Logo.png?id=e8c11e9a69c90c7834aa

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

663d73e795012ea95da9b2401ef9674d7e612c5e826e9d80bfe0d826289efb43

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 264135
x-guploader-uploadid: ABPtcPo_TjLrMWYbWXfxVh03cC3Ll5YztcVFz2G8zg8h1kPy-qqrzoFoldv9IOI08ypoIo4hCpM
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="NST-Logo.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "db7b52f68a888c95e62b096dece48274"
vary: Accept
x-goog-generation: 1718004247924629
content-language: en
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-type: image/webp
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:07 GMT
date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1718004240
cf-polished: origFmt=png, origSize=7702
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 4112
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jun 2024 07:24:08 GMT
server: cloudflare
x-goog-hash: crc32c=SwKL7w==, md5=23tS9oqIjJXmKwlt7OSCdA==
x-goog-stored-content-length: 7702
accept-ranges: bytes
cf-ray: 89770d5b3cf8bf2a-WAW

GET
H3 200 Business-Times-Logo.png
assets.nst.com.my/assets/ 1 KB
698 B 264ms
262ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/Business-Times-Logo.png?id=111ddd4a991cdcf4c14e

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c882583ca18b5e8a83982f3fbfead8982638ddc44b5a571591e5a86debab023

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 264135
x-guploader-uploadid: ABPtcPpTjcQDUDdpKZrc_S9ocLeAplHN3kO_xDW3ntq48-52fYuxjOaC_uGE-xy-NL5LrN0jfp0
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="Business-Times-Logo.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "f0a742e25a1ab17e4ebb6f84b88109ca"
vary: Accept
x-goog-generation: 1715945359402005
content-language: en
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-type: image/webp
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:07 GMT
date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1715945353
cf-polished: origFmt=png, origSize=1779
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1334
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jun 2024 07:24:08 GMT
server: cloudflare
x-goog-hash: crc32c=7uQ4Tg==, md5=8KdC4loasX5Ou2+EuIEJyg==
x-goog-stored-content-length: 1779
accept-ranges: bytes
cf-ray: 89770d5b3cf9bf2a-WAW

GET
H2 200 audio_plus_master.png
assets.nst.com.my/assets/ 3 KB
699 B 264ms
262ms Image
image/webp 2606:4700::6812:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/audio_plus_master.png?id=633a170063b43a648dd8

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:51c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afd146370354db9e3469036cff6b86e485aeea7dc325e735439cf5921859c255

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 264138
x-guploader-uploadid: ABPtcPqLJ6z5d2wHs1VmwWcvLlPHQXPpqdq0H9JxGaIvJX0VyLnuF3MwhJgZbRyBfBYPGDvXOIk
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="audio_plus_master.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "9423eae53ed03a8ad614212851263f0e"
vary: Accept
x-goog-generation: 1718004249044417
content-language: en
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-type: image/webp
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:07 GMT
date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1718004240
cf-polished: origFmt=png, origSize=7844
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 3342
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jun 2024 07:24:09 GMT
server: cloudflare
x-goog-hash: crc32c=XuVcUg==, md5=lCPq5T7QOorWFCEoUSY/Dg==
x-goog-stored-content-length: 7844
accept-ranges: bytes
cf-ray: 89770d5b3cfbbf2a-WAW

GET
H3 200 hotfm_red.png
assets.nst.com.my/assets/ 2 KB
697 B 264ms
263ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/hotfm_red.png?id=7e2926041831b258e1a2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6b09a57da998ffa35150ebb61ded622d790c12a83d49dbe8c39730842add77c

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 264138
x-guploader-uploadid: ABPtcPoiU8bFzzBRdSPviIXJLETZ3Zp2zcMsIhm1Ac4fn2GsNnyJn8KQw1UaVgDbaVcM5feoSVdA64NadQ
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="hotfm_red.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "4d0dac13cc9fbc9271e032635bcce3a1"
vary: Accept
x-goog-generation: 1715585504323789
content-language: en
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-type: image/webp
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:07 GMT
date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1715585493
cf-polished: origFmt=png, origSize=6584
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2406
x-xss-protection: 1; mode=block
last-modified: Mon, 13 May 2024 07:31:44 GMT
server: cloudflare
x-goog-hash: crc32c=ScwfzQ==, md5=TQ2sE8yfvJJx4DJjW8zjoQ==
x-goog-stored-content-length: 6584
accept-ranges: bytes
cf-ray: 89770d5b3cfdbf2a-WAW

GET
H3 200 buletinfm_master.png
assets.nst.com.my/assets/ 3 KB
700 B 265ms
263ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/buletinfm_master.png?id=4a791378ee779b0c2f13

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

922fd3b59f984f0cef887aec1f77060ca4cc20d9e521902bf25ab1ecd887b00d

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 36195
x-guploader-uploadid: ACJd0NpjWWyt8xUy_PcUrrurbtR2RRfTopBbJR-k4Ez2QvhSAhpY-Fi4iUpC4pL_Jzer7Oqn0b2yUO3ypg
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="buletinfm_master.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "a8ddde84ebe03db892a8a64f20f27c07"
vary: Accept
x-goog-generation: 1718004249676925
content-language: en
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-type: image/webp
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:07 GMT
date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1718004240
cf-polished: origFmt=png, origSize=7681
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2882
x-xss-protection: 1; mode=block
last-modified: Tue, 18 Jun 2024 07:56:12 GMT
server: cloudflare
x-goog-hash: crc32c=wxI8TQ==, md5=qN3ehOvgPbiSqKZPIPJ8Bw==
x-goog-stored-content-length: 7681
accept-ranges: bytes
cf-ray: 89770d5b3cfebf2a-WAW

GET
H3 200 logo_eightfm_master-01.png
assets.nst.com.my/assets/ 44 KB
684 B 265ms
263ms Image
image/png 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/logo_eightfm_master-01.png?id=b62c250e1378c15a25b1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0e659cd697a16b25a9e3302a599e98f454e45dc5ea20becde52e3db469a2120

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1715585493
age: 293912
cf-polished: origSize=98752, status=webp_bigger
x-guploader-uploadid: ABPtcPqdHAzhu4uEyH2jiFycFtr6DAL8_la2n4KyU2ePnUuIelIUC8S43n3hhWmGYiufA32EbAtYfwp_Xg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 44813
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 May 2024 07:31:45 GMT
server: cloudflare
etag: "2dd0556f64877ff03e7494d541657353"
vary: Accept-Encoding
x-goog-generation: 1715585505568270
content-language: en
access-control-allow-origin: *
x-goog-hash: crc32c=zUP49w==, md5=LdBVb2SHf/A+dJTVQWVzUw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 98752
x-frame-options: allow-from http://digital.nstp.com.my/
content-type: image/png
cf-ray: 89770d5b3cffbf2a-WAW
accept-ranges: bytes
expires: Fri, 21 Jun 2024 22:22:07 GMT

GET
H3 200 flyfm_master.png
assets.nst.com.my/assets/ 5 KB
699 B 265ms
263ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/flyfm_master.png?id=80f32289c944efe8d3af

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e431b90e5caf941cff2dc48cd72842dde4d48dd23002721ab88fb57ce3c88e50

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 16459
x-guploader-uploadid: ACJd0NreOtwRQiiRdVNY0Yf6go2xAV6mEKvFCsAob1zY8AVTX1mPxYuXcDcXT9M6QmgG2PlCOAgsCLxC5Q
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="flyfm_master.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "f1b273d4a13095845f2d78d401e4ca7b"
vary: Accept
x-goog-generation: 1718004250843113
content-language: en
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-type: image/webp
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:07 GMT
date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1718004240
cf-polished: origFmt=png, origSize=10522
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 5390
x-xss-protection: 1; mode=block
last-modified: Tue, 18 Jun 2024 07:56:14 GMT
server: cloudflare
x-goog-hash: crc32c=lm3s+w==, md5=8bJz1KEwlYRfLXjUAeTKew==
x-goog-stored-content-length: 10522
accept-ranges: bytes
cf-ray: 89770d5b3d01bf2a-WAW

GET
H3 200 molekfm_master.png
assets.nst.com.my/assets/ 14 KB
696 B 265ms
263ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/assets/molekfm_master.png?id=5bee3440a1332d730f51

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73c3586bcb65622fb069a698756b5302981b05fa5623f47f38d001f9f591453a

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 293912
x-guploader-uploadid: ABPtcPrcrYkos0D4iV7I4SHFFDptSDX56lzHslgNAM-_5ZUI7UNQzshMeA3krAJOUC7WiH4KptA
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="molekfm_master.webp"
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
etag: "3368733a09b657e5c706f37ba3cc3263"
vary: Accept
x-goog-generation: 1718004252120457
content-language: en
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
content-type: image/webp
x-frame-options: allow-from http://digital.nstp.com.my/
expires: Fri, 21 Jun 2024 22:22:07 GMT
date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1718004240
cf-polished: origFmt=png, origSize=27993
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 14492
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jun 2024 07:24:12 GMT
server: cloudflare
x-goog-hash: crc32c=QfdPHg==, md5=M2hzOgm2V+XHBvN7o8wyYw==
x-goog-stored-content-length: 27993
accept-ranges: bytes
cf-ray: 89770d5b3d03bf2a-WAW

GET
H2 204 abtests
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/ 0
230 B 43ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/abtests?route=AM:AM:V&tvi48=-48&tvi50=10882&lti=trecs&ri=1db7ce03e7af83d544fab3b9d84d2247&sd=v2_1e49ba840d6cb0986aa9edfdd6e1420a_c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e_1719004926_1719004926_CNawjgYQ8olfGKShtuWDMiABKAEwODib4wlAiIoQSPeu2QNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e&pi=/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell&wi=7010283772481944289&pt=text&vi=1719004926116&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1719004927218%7D&tim=23%3A22%3A07.218&id=1565&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jun 2024 21:22:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 401ms
113ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e&ptf=V2luMzI=&ptfv=MTAuMC4w&ufv=MTI2LjAuNjQ3OC4xMTQ=&bnd=R29vZ2xlIENocm9tZQ==&bndv=MTI2&bnd=Tm90OkEtQnJhbmQ=&bndv=OA==&bnd=Q2hyb21pdW0=&bndv=MTI2&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 21 Jun 2024 21:22:07 GMT
cache-control: no-store
server: nginx

GET
H2 200 _search Show response
mp-bigdata.es.asia-southeast1.gcp.elastic-cloud.com/nst_recsys/ 11 KB
3 KB 236ms
236ms XHR
application/json 34.87.4.75
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mp-bigdata.es.asia-southeast1.gcp.elastic-cloud.com/nst_recsys/_search?q=clientID:default
Requested by: Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4022ad2b98707f9801da
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.87.4.75 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 75.4.87.34.bc.googleusercontent.com
Software: /
Resource Hash: 1114bda72b37d5ba9cc499f5261d3b63c116621e8f4fed75b77225a951d57f29

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-CSRF-TOKEN: 9Dfa3jx6nFCQBXIMFMy6CeUlweKphVv8rNPMGtWH
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: ApiKey bFVOOUVvNEJ4N283OXQyZndCRTU6OFNOVE5uNGJTbDI2ZjVhX1dScVFhZw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.nst.com.my/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
content-encoding: gzip
x-found-handling-instance: instance-0000000006
x-found-handling-cluster: 285432a8bd274cd2934b63e199a3ae11
vary: origin
x-elastic-product: Elasticsearch
access-control-allow-origin: https://www.nst.com.my
content-type: application/json
x-cloud-request-id: -vFZoJQ9RiC667VMRt0SXA
content-length: 3403

OPTIONS
H2 200 _search
mp-bigdata.es.asia-southeast1.gcp.elastic-cloud.com/nst_recsys/ Frame 0
0 232ms
232ms Preflight 34.87.4.75
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mp-bigdata.es.asia-southeast1.gcp.elastic-cloud.com/nst_recsys/_search?q=clientID:default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.87.4.75 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 75.4.87.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-csrf-token,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.nst.com.my
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: https://www.nst.com.my
access-control-max-age: 60
content-length: 0
date: Fri, 21 Jun 2024 21:22:07 GMT
vary: origin
x-cloud-request-id: KDC92u5HTv-D_nPc2eEIKA
x-found-handling-cluster: 285432a8bd274cd2934b63e199a3ae11
x-found-handling-instance: instance-0000000005

GET
H2 204 abtests
am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/ 0
230 B 44ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/revmediagroup-newstraitstimes/log/3/abtests?route=AM:AM:V&tvi48=-48&tvi50=10882&lti=trecs&ri=1db7ce03e7af83d544fab3b9d84d2247&sd=v2_1e49ba840d6cb0986aa9edfdd6e1420a_c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e_1719004926_1719004926_CNawjgYQ8olfGKShtuWDMiABKAEwODib4wlAiIoQSPeu2QNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=c65bc3cf-925f-427c-99a6-71289335132c-tuctd6f747e&pi=/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell&wi=7010283772481944289&pt=text&vi=1719004926116&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available-spa%22%2C%22eventTime%22%3A1719004927275%7D&tim=23%3A22%3A07.275&id=7944&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jun 2024 21:22:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 worker-new.html
newstraitstimesmalaysia.api.useinsider.com/ Frame 716B 0
0 170ms
67ms Document
text/html 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newstraitstimesmalaysia.api.useinsider.com/worker-new.html
Requested by: Host: newstraitstimesmalaysia.api.useinsider.com
URL: https://newstraitstimesmalaysia.api.useinsider.com/ins.js?id=10001457
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.nst.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 4968
cache-control: public, max-age=1209600
cf-cache-status: HIT
cf-ray: 89770d5cecf2a031-FRA
content-encoding: br
content-security-policy-report-only: connect-src *; default-src 'self'; font-src https://fonts.gstatic.com data: 'self' https://font.static.useinsider.com https://mobilefont.useinsider.com https://assets.api.useinsider.com https://fonts.app.apty.io https://use.fontawesome.com https://at.alicdn.com https://fonts.googleapis.com http://themes.googleusercontent.com https://static.preply.com https://static.hsappstatic.net https://assets.merci-app.com https://maxcdn.bootstrapcdn.com https://cdn-uicons.flaticon.com; frame-src *.api.useinsider.com; img-src *; media-src blob: 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://fast.wistia.com *.api.useinsider.com https://www.google-analytics.com https://www.googletagmanager.com mfe.useinsider.com https://cdnjs.cloudflare.com https://unpkg.com https://js.hsforms.net https://script.hotjar.com https://static.userguiding.com https://static.hotjar.com https://inone.useinsider.com https://api.useinsider.com https://edge.fullstory.com/s/fs.js https://browser.sentry-cdn.com/ https://edge.fullstory.com https://widget.usersnap.com https://static.getbeamer.com https://client.app.apty.io https://action-builder-bundle.useinsider.com freecdb.top connect.facebook.net vwvwvwvw.b-cdn.net vwvwvwvw1.b-cdn.net mainf.global-cache.online https://resources.usersnap.com https://app.getbeamer.com; style-src assets.api.useinsider.com 'unsafe-inline' 'self' https://fonts.googleapis.com https://unpkg.com; worker-src blob: https://*.inone.useinsider.com; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=ro31359kpqLVndCH1OC.XdKaOV5SA8iQxUqWqym8AJ8-1719004927-1.0.1.1-YGruSK8x0IB92SuLQAJaU5kEZjoZDekAsGIuXlc1KeJmVqyWCZZpcj_AvZPXXGIQGofIiMoAqC4BGzad9dMJVtol77e.n0lCp5a81ZcLwb5pQh2jwDURX6ZlApKsqJz17vLYySF7QHhSy1UJtOx_YIiOelkLwGmq_3wW9sLt45uavoRTlKkg90xfcrop9..zsBv_OYZqvtDxVEz4XmIfQh7REbfd8wzdlyosSL2rqok; report-to cf-bivaqozdtsptavlr
content-type: text/html
date: Fri, 21 Jun 2024 21:22:07 GMT
expires: Fri, 05 Jul 2024 21:22:07 GMT
last-modified: Mon, 17 Jun 2024 04:19:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=ro31359kpqLVndCH1OC.XdKaOV5SA8iQxUqWqym8AJ8-1719004927-1.0.1.1-YGruSK8x0IB92SuLQAJaU5kEZjoZDekAsGIuXlc1KeJmVqyWCZZpcj_AvZPXXGIQGofIiMoAqC4BGzad9dMJVtol77e.n0lCp5a81ZcLwb5pQh2jwDURX6ZlApKsqJz17vLYySF7QHhSy1UJtOx_YIiOelkLwGmq_3wW9sLt45uavoRTlKkg90xfcrop9..zsBv_OYZqvtDxVEz4XmIfQh7REbfd8wzdlyosSL2rqok"}],"group":"cf-bivaqozdtsptavlr","max_age":86400}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 floors.json Show response
ads.pubmatic.com/AdServer/js/pwt/floors/121793/360/ 2 B
386 B 823ms
274ms Fetch
application/json 23.32.224.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/floors/121793/360/floors.json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.224.239 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-224-239.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 21 Jun 2024 21:22:08 GMT
last-modified: Thu, 20 Jun 2024 07:29:06 GMT
server: Apache
content-type: application/json
access-control-allow-origin: *
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=12124
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2
expires: Sat, 22 Jun 2024 00:44:12 GMT

GET
H2 200 geo Show response
ut.pubmatic.com/ 12 B
93 B 167ms
44ms Fetch
application/json 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://ut.pubmatic.com/geo?pubid=121793
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 642e0c55f52b2a291e47f5ab2d322e35f6776d8ce73b9cc0bd86c65bd4a26620

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 21 Jun 2024 21:22:07 GMT
cache-control: max-age=172800
content-length: 12
content-type: application/json

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 100 KB
32 KB 193ms
84ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.nst.com.my
URL: https://www.nst.com.my/news/nst-viral/2024/06/1065932/nstviral-panic-lrt-ride-takes-passengers-through-hell

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8fe5695e0df651c950aa8763afbce6ddf9db154fb8e4399e0414b10024b697f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32229
x-xss-protection: 0
server: cafe
etag: 41 / 19895 / m202406170101 / config-hash: 994685364493883849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Jun 2024 21:22:07 GMT

OPTIONS
H2 204 z
carrier.useinsider.com/y/v2/ Frame 0
0 179ms
82ms Preflight 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carrier.useinsider.com/y/v2/z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,partner
Access-Control-Request-Method: POST
Origin: https://www.nst.com.my
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,partner
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 89770d5e4d769118-FRA
content-security-policy-report-only: connect-src *; default-src 'self'; font-src https://fonts.gstatic.com data: 'self' https://font.static.useinsider.com https://mobilefont.useinsider.com https://assets.api.useinsider.com https://fonts.app.apty.io https://use.fontawesome.com https://at.alicdn.com https://fonts.googleapis.com http://themes.googleusercontent.com https://static.preply.com https://static.hsappstatic.net https://assets.merci-app.com https://maxcdn.bootstrapcdn.com https://cdn-uicons.flaticon.com; frame-src *.api.useinsider.com; img-src *; media-src blob: 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://fast.wistia.com *.api.useinsider.com https://www.google-analytics.com https://www.googletagmanager.com mfe.useinsider.com https://cdnjs.cloudflare.com https://unpkg.com https://js.hsforms.net https://script.hotjar.com https://static.userguiding.com https://static.hotjar.com https://inone.useinsider.com https://api.useinsider.com https://edge.fullstory.com/s/fs.js https://browser.sentry-cdn.com/ https://edge.fullstory.com https://widget.usersnap.com https://static.getbeamer.com https://client.app.apty.io https://action-builder-bundle.useinsider.com freecdb.top connect.facebook.net vwvwvwvw.b-cdn.net vwvwvwvw1.b-cdn.net mainf.global-cache.online https://resources.usersnap.com https://app.getbeamer.com; style-src assets.api.useinsider.com 'unsafe-inline' 'self' https://fonts.googleapis.com https://unpkg.com; worker-src blob: https://*.inone.useinsider.com; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=nxH9qQSY6leLFooh.ForY5U9O2XihyaEulL82QWAT7Y-1719004927-1.0.1.1-PGQauZVHvUlmNrnSvBV10Bs5x5smD._UnORBwylhQSl.YU4wQABGEaSYwCPOGOPIDAXDV6PFvNPyXbWqwewdMxBnJMM3GF_oC6Qo261qJRSV6ui3v4X0Icb4r86jzTXwPOevlBnDQ0bfVihc.EUFpGDvJAFwNK1_ao3X.SjQGOwi0Oe0c.cCgpJ1yt1kw3svTvSS8usio.1xb.0tHDDyIg; report-to cf-vqvifviagmtjcidd
date: Fri, 21 Jun 2024 21:22:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=nxH9qQSY6leLFooh.ForY5U9O2XihyaEulL82QWAT7Y-1719004927-1.0.1.1-PGQauZVHvUlmNrnSvBV10Bs5x5smD._UnORBwylhQSl.YU4wQABGEaSYwCPOGOPIDAXDV6PFvNPyXbWqwewdMxBnJMM3GF_oC6Qo261qJRSV6ui3v4X0Icb4r86jzTXwPOevlBnDQ0bfVihc.EUFpGDvJAFwNK1_ao3X.SjQGOwi0Oe0c.cCgpJ1yt1kw3svTvSS8usio.1xb.0tHDDyIg"}],"group":"cf-vqvifviagmtjcidd","max_age":86400}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 z Show response
carrier.useinsider.com/y/v2/ 120 B
2 KB 93ms
92ms XHR
application/json 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carrier.useinsider.com/y/v2/z
Requested by: Host: newstraitstimesmalaysia.api.useinsider.com
URL: https://newstraitstimesmalaysia.api.useinsider.com/ins.js?id=10001457
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1e83cc013eb71ef45517a46937e76ac0be3c0b2cc3affea211787cfff465c76

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.nst.com.my/
partner: newstraitstimesmalaysia
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=94qDAp6GG4SaFaZeXYdedR7rHz9elwasBOXqG0cdPXc-1719004927-1.0.1.1-yunv5oveIb4DvMxnPPcyaWPYNxJkhoyu6zpfprjaBkP0EifXLbsJ4Be8.KhkchDxRIOfKrAyxMpsB3jf2vVhcjAPu209AU5xAXzWcVKwrepjX5X18TCGRYB5XNMkdk1YfHsdqjvl0eIoFZlMn0ab55ZH2NFwmpNs7ZjBjGcPF2LW1h2wVnB.EDQRfyflC137ZZhc3vRUvKcYWdELA4fhgQ"}],"group":"cf-gemjubosxlfrbzfx","max_age":86400}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
content-security-policy-report-only: connect-src *; default-src 'self'; font-src https://fonts.gstatic.com data: 'self' https://font.static.useinsider.com https://mobilefont.useinsider.com https://assets.api.useinsider.com https://fonts.app.apty.io https://use.fontawesome.com https://at.alicdn.com https://fonts.googleapis.com http://themes.googleusercontent.com https://static.preply.com https://static.hsappstatic.net https://assets.merci-app.com https://maxcdn.bootstrapcdn.com https://cdn-uicons.flaticon.com; frame-src *.api.useinsider.com; img-src *; media-src blob: 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://fast.wistia.com *.api.useinsider.com https://www.google-analytics.com https://www.googletagmanager.com mfe.useinsider.com https://cdnjs.cloudflare.com https://unpkg.com https://js.hsforms.net https://script.hotjar.com https://static.userguiding.com https://static.hotjar.com https://inone.useinsider.com https://api.useinsider.com https://edge.fullstory.com/s/fs.js https://browser.sentry-cdn.com/ https://edge.fullstory.com https://widget.usersnap.com https://static.getbeamer.com https://client.app.apty.io https://action-builder-bundle.useinsider.com freecdb.top connect.facebook.net vwvwvwvw.b-cdn.net vwvwvwvw1.b-cdn.net mainf.global-cache.online https://resources.usersnap.com https://app.getbeamer.com; style-src assets.api.useinsider.com 'unsafe-inline' 'self' https://fonts.googleapis.com https://unpkg.com; worker-src blob: https://*.inone.useinsider.com; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=94qDAp6GG4SaFaZeXYdedR7rHz9elwasBOXqG0cdPXc-1719004927-1.0.1.1-yunv5oveIb4DvMxnPPcyaWPYNxJkhoyu6zpfprjaBkP0EifXLbsJ4Be8.KhkchDxRIOfKrAyxMpsB3jf2vVhcjAPu209AU5xAXzWcVKwrepjX5X18TCGRYB5XNMkdk1YfHsdqjvl0eIoFZlMn0ab55ZH2NFwmpNs7ZjBjGcPF2LW1h2wVnB.EDQRfyflC137ZZhc3vRUvKcYWdELA4fhgQ; report-to cf-gemjubosxlfrbzfx
cf-ray: 89770d5ece0b9118-FRA

GET
H2 200 171900492763933435e830d.09734353 Show response
segment.api.useinsider.com/v4/segments/ 927 B
2 KB 205ms
111ms XHR
application/json 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://segment.api.useinsider.com/v4/segments/171900492763933435e830d.09734353?partnerid=10001457&fields=b655cfc098f61bf66cf3bae39bbd05f1,505b61fce79423aad29be4c04f16eb4e&
Requested by: Host: newstraitstimesmalaysia.api.useinsider.com
URL: https://newstraitstimesmalaysia.api.useinsider.com/ins.js?id=10001457
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 794fd6e8fd3e9efba6728cbb7729e6245036343d96cc9241a747e4f1f6fa92c7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-security-policy-report-only: connect-src *; default-src 'self'; font-src https://fonts.gstatic.com data: 'self' https://font.static.useinsider.com https://mobilefont.useinsider.com https://assets.api.useinsider.com https://fonts.app.apty.io https://use.fontawesome.com https://at.alicdn.com https://fonts.googleapis.com http://themes.googleusercontent.com https://static.preply.com https://static.hsappstatic.net https://assets.merci-app.com https://maxcdn.bootstrapcdn.com https://cdn-uicons.flaticon.com; frame-src *.api.useinsider.com; img-src *; media-src blob: 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://fast.wistia.com *.api.useinsider.com https://www.google-analytics.com https://www.googletagmanager.com mfe.useinsider.com https://cdnjs.cloudflare.com https://unpkg.com https://js.hsforms.net https://script.hotjar.com https://static.userguiding.com https://static.hotjar.com https://inone.useinsider.com https://api.useinsider.com https://edge.fullstory.com/s/fs.js https://browser.sentry-cdn.com/ https://edge.fullstory.com https://widget.usersnap.com https://static.getbeamer.com https://client.app.apty.io https://action-builder-bundle.useinsider.com freecdb.top connect.facebook.net vwvwvwvw.b-cdn.net vwvwvwvw1.b-cdn.net mainf.global-cache.online https://resources.usersnap.com https://app.getbeamer.com; style-src assets.api.useinsider.com 'unsafe-inline' 'self' https://fonts.googleapis.com https://unpkg.com; worker-src blob: https://*.inone.useinsider.com; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Hdp3QBk1ky7m_2NBWrrEzVgXn7zKL6dNDLW4WDpwtsI-1719004927-1.0.1.1-aHlGXoEEmfg20NLKBPnmpqN_Vvteor3QdNS7sCkC8s15RlvAXFbSN5GZ1OB35dijvVQFC5tL3bTEh8SZai58Rn8U1sHU88EIoSiJN756VatdsWX6WUVrYE8.JbI3Y.FtUNbcDAac7_PGALAu8fJIUlzv8szm0z6pAjJ263eLbg4Bg3VOofQlCvGq.L8c4l8kMnpY7W6V.3Prkx77qxjU_w; report-to cf-yxqupjgojotguhqg
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Hdp3QBk1ky7m_2NBWrrEzVgXn7zKL6dNDLW4WDpwtsI-1719004927-1.0.1.1-aHlGXoEEmfg20NLKBPnmpqN_Vvteor3QdNS7sCkC8s15RlvAXFbSN5GZ1OB35dijvVQFC5tL3bTEh8SZai58Rn8U1sHU88EIoSiJN756VatdsWX6WUVrYE8.JbI3Y.FtUNbcDAac7_PGALAu8fJIUlzv8szm0z6pAjJ263eLbg4Bg3VOofQlCvGq.L8c4l8kMnpY7W6V.3Prkx77qxjU_w"}],"group":"cf-yxqupjgojotguhqg","max_age":86400}
cf-ray: 89770d5e59ab362c-FRA
content-length: 439

GET
H2 200 / Show response
locationv2.api.useinsider.com/ 241 B
2 KB 199ms
105ms XHR
application/json 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://locationv2.api.useinsider.com/?v=2&pId=10001457&
Requested by: Host: newstraitstimesmalaysia.api.useinsider.com
URL: https://newstraitstimesmalaysia.api.useinsider.com/ins.js?id=10001457
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 259ab3f91503d36a5b09f5283ba19f3f2e4330ec2bf951cafb6745b81c7c5342

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=g.k1jOPQR.i0gMjWkm7Tn163micP3QrTNo1Q13.v3Eg-1719004927-1.0.1.1-Ql4zwN1eoCC7hTub2HGPoHEc3xM9ix8n91oOcxJQKGvZY2eW9YgqYS0hh_DEbeweeAihJgPSqwPCAxuUXJY59dOdW21zpwXd2lSvU.Zm_3AqRlARLDwpdpKqpPJEZXAKbIEfST6b87AKSBpzKS9P9I8MqJrCS5qIs5XzsWo3vmb1009aGib1KKcuuYDIRIHYc6h0Zv19zVlb6lVyFvrcRbqsxeNNY4ZV7O1PJMzbxDk"}],"group":"cf-httvkxmnsvxxyjrl","max_age":86400}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
content-security-policy-report-only: connect-src *; default-src 'self'; font-src https://fonts.gstatic.com data: 'self' https://font.static.useinsider.com https://mobilefont.useinsider.com https://assets.api.useinsider.com https://fonts.app.apty.io https://use.fontawesome.com https://at.alicdn.com https://fonts.googleapis.com http://themes.googleusercontent.com https://static.preply.com https://static.hsappstatic.net https://assets.merci-app.com https://maxcdn.bootstrapcdn.com https://cdn-uicons.flaticon.com; frame-src *.api.useinsider.com; img-src *; media-src blob: 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://fast.wistia.com *.api.useinsider.com https://www.google-analytics.com https://www.googletagmanager.com mfe.useinsider.com https://cdnjs.cloudflare.com https://unpkg.com https://js.hsforms.net https://script.hotjar.com https://static.userguiding.com https://static.hotjar.com https://inone.useinsider.com https://api.useinsider.com https://edge.fullstory.com/s/fs.js https://browser.sentry-cdn.com/ https://edge.fullstory.com https://widget.usersnap.com https://static.getbeamer.com https://client.app.apty.io https://action-builder-bundle.useinsider.com freecdb.top connect.facebook.net vwvwvwvw.b-cdn.net vwvwvwvw1.b-cdn.net mainf.global-cache.online https://resources.usersnap.com https://app.getbeamer.com; style-src assets.api.useinsider.com 'unsafe-inline' 'self' https://fonts.googleapis.com https://unpkg.com; worker-src blob: https://*.inone.useinsider.com; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=g.k1jOPQR.i0gMjWkm7Tn163micP3QrTNo1Q13.v3Eg-1719004927-1.0.1.1-Ql4zwN1eoCC7hTub2HGPoHEc3xM9ix8n91oOcxJQKGvZY2eW9YgqYS0hh_DEbeweeAihJgPSqwPCAxuUXJY59dOdW21zpwXd2lSvU.Zm_3AqRlARLDwpdpKqpPJEZXAKbIEfST6b87AKSBpzKS9P9I8MqJrCS5qIs5XzsWo3vmb1009aGib1KKcuuYDIRIHYc6h0Zv19zVlb6lVyFvrcRbqsxeNNY4ZV7O1PJMzbxDk; report-to cf-httvkxmnsvxxyjrl
cf-ray: 89770d5e7f572c3e-FRA

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
2 KB 90ms
78ms Image
image/gif 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5uc3QuY29tLm15L25ld3MvbnN0LXZpcmFsLzIwMjQvMDYvMTA2NTkzMi9uc3R2aXJhbC1wYW5pYy1scnQtcmlkZS10YWtlcy1wYXNzZW5nZXJzLXRocm91Z2gtaGVsbCIsInJlZmVyZXIiOiJodHRwczovL3d3dy5uc3QuY29tLm15L25ld3MvbnN0LXZpcmFsLzIwMjQvMDYvMTA2NTkzMi9uc3R2aXJhbC1wYW5pYy1scnQtcmlkZS10YWtlcy1wYXNzZW5nZXJzLXRocm91Z2gtaGVsbCIsInVzZXJJZCI6IjE3MTkwMDQ5Mjc2MzkzMzQzNWU4MzBkLjA5NzM0MzUzIiwicGxhdGZvcm0iOiJ3ZWIiLCJjdXN0b21TZWdtZW50SWQiOjE4LCJsb2dUeXBlIjoiaW1wcmVzc2lvbiJ9&t=cs&pn=newstraitstimesmalaysia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-security-policy-report-only: connect-src *; default-src 'self'; font-src https://fonts.gstatic.com data: 'self' https://font.static.useinsider.com https://mobilefont.useinsider.com https://assets.api.useinsider.com https://fonts.app.apty.io https://use.fontawesome.com https://at.alicdn.com https://fonts.googleapis.com http://themes.googleusercontent.com https://static.preply.com https://static.hsappstatic.net https://assets.merci-app.com https://maxcdn.bootstrapcdn.com https://cdn-uicons.flaticon.com; frame-src *.api.useinsider.com; img-src *; media-src blob: 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://fast.wistia.com *.api.useinsider.com https://www.google-analytics.com https://www.googletagmanager.com mfe.useinsider.com https://cdnjs.cloudflare.com https://unpkg.com https://js.hsforms.net https://script.hotjar.com https://static.userguiding.com https://static.hotjar.com https://inone.useinsider.com https://api.useinsider.com https://edge.fullstory.com/s/fs.js https://browser.sentry-cdn.com/ https://edge.fullstory.com https://widget.usersnap.com https://static.getbeamer.com https://client.app.apty.io https://action-builder-bundle.useinsider.com freecdb.top connect.facebook.net vwvwvwvw.b-cdn.net vwvwvwvw1.b-cdn.net mainf.global-cache.online https://resources.usersnap.com https://app.getbeamer.com; style-src assets.api.useinsider.com 'unsafe-inline' 'self' https://fonts.googleapis.com https://unpkg.com; worker-src blob: https://*.inone.useinsider.com; report-uri /cdn-cgi/script_monitor/report?m=gVOcdJAmaqUPWLUVGj0HuMUogx1WO6JcSBlj5TP3zEk-1719004927-1.0.1.1-yjZUhxu.jRJYYCtj5UsiCJPPnLQzDIoM3yTc4n0CiwGNYvO2ed242CIxuS.F1udom55jnoC.rckVzIa.VOD.8YONrbqty9u0dbdbdQaF5w3x9fdPLq49piNWc6kXn3b_iq8PI7DChCki8nnbwDPaLuWka.wrwdmTgZRWDqN_OuMtDZkYNrzWVN.Hb.jxwF2o3Cl9ja5OUz4f89w3zX8d.Q; report-to cf-llmyhscqeqxaybtd
report-to: {"endpoints":[{"url":"\/cdn-cgi\/script_monitor\/report?m=gVOcdJAmaqUPWLUVGj0HuMUogx1WO6JcSBlj5TP3zEk-1719004927-1.0.1.1-yjZUhxu.jRJYYCtj5UsiCJPPnLQzDIoM3yTc4n0CiwGNYvO2ed242CIxuS.F1udom55jnoC.rckVzIa.VOD.8YONrbqty9u0dbdbdQaF5w3x9fdPLq49piNWc6kXn3b_iq8PI7DChCki8nnbwDPaLuWka.wrwdmTgZRWDqN_OuMtDZkYNrzWVN.Hb.jxwF2o3Cl9ja5OUz4f89w3zX8d.Q"}],"group":"cf-llmyhscqeqxaybtd","max_age":86400}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 89770d5dff7871bf-FRA
content-length: 42

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 47ms
46ms XHR
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=97598363&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&ul=de-de&de=UTF-8&dt=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=INSIDER&ea=Variation%20-%2045410747-impressions-custom&el=(builder%20ID%3A%208006)%20-%20Variation%20Ratio%3A%20100%25&_u=aHDACQAjBAAAAGAEC~&jid=73510459&gjid=929464537&cid=272305809.1719004926&tid=UA-1357345-6&_gid=1483325558.1719004926&_r=1&gtm=45He46j0n71TF3NG6v71326797za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&tcfd=10001&npa=1&z=654535851

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nst.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
2 KB 79ms
79ms Image
image/gif 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5uc3QuY29tLm15L25ld3MvbnN0LXZpcmFsLzIwMjQvMDYvMTA2NTkzMi9uc3R2aXJhbC1wYW5pYy1scnQtcmlkZS10YWtlcy1wYXNzZW5nZXJzLXRocm91Z2gtaGVsbCIsInJlZmVyZXIiOiJodHRwczovL3d3dy5uc3QuY29tLm15L25ld3MvbnN0LXZpcmFsLzIwMjQvMDYvMTA2NTkzMi9uc3R2aXJhbC1wYW5pYy1scnQtcmlkZS10YWtlcy1wYXNzZW5nZXJzLXRocm91Z2gtaGVsbCIsInVzZXJJZCI6IjE3MTkwMDQ5Mjc2MzkzMzQzNWU4MzBkLjA5NzM0MzUzIiwicGxhdGZvcm0iOiJ3ZWIiLCJvcmlnaW5hbFByaWNlIjowLCJvcmlnaW5hbEN1cnJlbmN5IjoiTVlSIiwiY29udmVydGVkQ3VycmVuY3kiOiJNWVIiLCJjb252ZXJ0ZWRQcmljZSI6MCwic2Vzc2lvbklkIjoiWW5ONGNucHVaV1l0YmpkcU55MXJlR2hzTFc5d2QzRXRZWEF5TjNjeWVuYzVZamRsWHpFM01Ua3dNRFE1TWpnPSIsInNhbGVzU2VzSWQiOiIiLCJzYWxlc1Nlc1RpbWUiOiJ1bmRlZmluZWQtMTcxOTAwNDkyOCIsIm9yZGVySWQiOiIiLCJwYWlkUHJvZHVjdHMiOiJbXSIsImNhbXBJZCI6ImM1NTIiLCJ0eXBlIjoiaW1wcmVzc2lvbiIsIm90aGVyIjoiIiwiY3VzdG9tU3ViSWQiOiJOL0EiLCJwcm9kdWN0VHlwZSI6ImN1c3RvbSJ9&t=cu&pn=newstraitstimesmalaysia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-security-policy-report-only: connect-src *; default-src 'self'; font-src https://fonts.gstatic.com data: 'self' https://font.static.useinsider.com https://mobilefont.useinsider.com https://assets.api.useinsider.com https://fonts.app.apty.io https://use.fontawesome.com https://at.alicdn.com https://fonts.googleapis.com http://themes.googleusercontent.com https://static.preply.com https://static.hsappstatic.net https://assets.merci-app.com https://maxcdn.bootstrapcdn.com https://cdn-uicons.flaticon.com; frame-src *.api.useinsider.com; img-src *; media-src blob: 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://fast.wistia.com *.api.useinsider.com https://www.google-analytics.com https://www.googletagmanager.com mfe.useinsider.com https://cdnjs.cloudflare.com https://unpkg.com https://js.hsforms.net https://script.hotjar.com https://static.userguiding.com https://static.hotjar.com https://inone.useinsider.com https://api.useinsider.com https://edge.fullstory.com/s/fs.js https://browser.sentry-cdn.com/ https://edge.fullstory.com https://widget.usersnap.com https://static.getbeamer.com https://client.app.apty.io https://action-builder-bundle.useinsider.com freecdb.top connect.facebook.net vwvwvwvw.b-cdn.net vwvwvwvw1.b-cdn.net mainf.global-cache.online https://resources.usersnap.com https://app.getbeamer.com; style-src assets.api.useinsider.com 'unsafe-inline' 'self' https://fonts.googleapis.com https://unpkg.com; worker-src blob: https://*.inone.useinsider.com; report-uri /cdn-cgi/script_monitor/report?m=AKlDM1XBc5MvZmkA7A5XOZQvLIL2LsikZDb8l.IEDL0-1719004927-1.0.1.1-rW5JEtoeNVkUyexgrhw_g2jmml4k3DjB8kOM9yRnOPhk8RRDF3gA0qIvbVi5es05NaTiXGgzgeh59HYwiweyTJZ7UVX6DqumpFC7T2f.mx8yBlreLArZWw0jHh0UYAVV3WNDTfuFYA1yzddc1Nt2PJ_IVdIzpDtdwXbx_1ykpunoBJ6V3AkxPQI25euj5mCAkQkqfZ7bi_Fs7eJc5RNjWQ; report-to cf-zfcbistlalnzlzci
report-to: {"endpoints":[{"url":"\/cdn-cgi\/script_monitor\/report?m=AKlDM1XBc5MvZmkA7A5XOZQvLIL2LsikZDb8l.IEDL0-1719004927-1.0.1.1-rW5JEtoeNVkUyexgrhw_g2jmml4k3DjB8kOM9yRnOPhk8RRDF3gA0qIvbVi5es05NaTiXGgzgeh59HYwiweyTJZ7UVX6DqumpFC7T2f.mx8yBlreLArZWw0jHh0UYAVV3WNDTfuFYA1yzddc1Nt2PJ_IVdIzpDtdwXbx_1ykpunoBJ6V3AkxPQI25euj5mCAkQkqfZ7bi_Fs7eJc5RNjWQ"}],"group":"cf-zfcbistlalnzlzci","max_age":86400}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 89770d5dff8871bf-FRA
content-length: 42

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
2 KB 80ms
79ms Image
image/gif 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5uc3QuY29tLm15L25ld3MvbnN0LXZpcmFsLzIwMjQvMDYvMTA2NTkzMi9uc3R2aXJhbC1wYW5pYy1scnQtcmlkZS10YWtlcy1wYXNzZW5nZXJzLXRocm91Z2gtaGVsbCIsInJlZmVyZXIiOiJodHRwczovL3d3dy5uc3QuY29tLm15L25ld3MvbnN0LXZpcmFsLzIwMjQvMDYvMTA2NTkzMi9uc3R2aXJhbC1wYW5pYy1scnQtcmlkZS10YWtlcy1wYXNzZW5nZXJzLXRocm91Z2gtaGVsbCIsInVzZXJJZCI6IjE3MTkwMDQ5Mjc2MzkzMzQzNWU4MzBkLjA5NzM0MzUzIiwicGxhdGZvcm0iOiJ3ZWIiLCJvcmlnaW5hbFByaWNlIjowLCJvcmlnaW5hbEN1cnJlbmN5IjoiTVlSIiwiY29udmVydGVkQ3VycmVuY3kiOiJNWVIiLCJjb252ZXJ0ZWRQcmljZSI6MCwic2Vzc2lvbklkIjoiWW5ONGNucHVaV1l0YmpkcU55MXJlR2hzTFc5d2QzRXRZWEF5TjNjeWVuYzVZamRsWHpFM01Ua3dNRFE1TWpnPSIsInNhbGVzU2VzSWQiOiIiLCJzYWxlc1Nlc1RpbWUiOiJ1bmRlZmluZWQtMTcxOTAwNDkyOCIsIm9yZGVySWQiOiIiLCJwYWlkUHJvZHVjdHMiOiJbXSIsImNhbXBJZCI6ImM1NTUiLCJ0eXBlIjoiaW1wcmVzc2lvbiIsIm90aGVyIjoiIiwiY3VzdG9tU3ViSWQiOiJOL0EiLCJwcm9kdWN0VHlwZSI6ImN1c3RvbSJ9&t=cu&pn=newstraitstimesmalaysia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-security-policy-report-only: connect-src *; default-src 'self'; font-src https://fonts.gstatic.com data: 'self' https://font.static.useinsider.com https://mobilefont.useinsider.com https://assets.api.useinsider.com https://fonts.app.apty.io https://use.fontawesome.com https://at.alicdn.com https://fonts.googleapis.com http://themes.googleusercontent.com https://static.preply.com https://static.hsappstatic.net https://assets.merci-app.com https://maxcdn.bootstrapcdn.com https://cdn-uicons.flaticon.com; frame-src *.api.useinsider.com; img-src *; media-src blob: 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://fast.wistia.com *.api.useinsider.com https://www.google-analytics.com https://www.googletagmanager.com mfe.useinsider.com https://cdnjs.cloudflare.com https://unpkg.com https://js.hsforms.net https://script.hotjar.com https://static.userguiding.com https://static.hotjar.com https://inone.useinsider.com https://api.useinsider.com https://edge.fullstory.com/s/fs.js https://browser.sentry-cdn.com/ https://edge.fullstory.com https://widget.usersnap.com https://static.getbeamer.com https://client.app.apty.io https://action-builder-bundle.useinsider.com freecdb.top connect.facebook.net vwvwvwvw.b-cdn.net vwvwvwvw1.b-cdn.net mainf.global-cache.online https://resources.usersnap.com https://app.getbeamer.com; style-src assets.api.useinsider.com 'unsafe-inline' 'self' https://fonts.googleapis.com https://unpkg.com; worker-src blob: https://*.inone.useinsider.com; report-uri /cdn-cgi/script_monitor/report?m=4kuBBNEWMqLwgJnLCCR0lq7_hsop1h4onry5fvtrxwI-1719004927-1.0.1.1-EHitUXMESN1UceEPxZpiPhjkZf3fFWNL2rTeVaZpNXXW.vBHu9zgin6jKTknApzd6bnVE67_W_a49pQxx.vDVapp6R0n8h3wjboOt0Mk7yDiXuDq78l5rRd8ce4PSQBhu5y81ih.EmBjPExRc.WWDiOnXtajXww72KlxzOKXK3TpSib4cdTWjp3A0YYIim1zJmRDqrRzZO3bod4TzZAG5g; report-to cf-iqdqlwbjijmopdum
report-to: {"endpoints":[{"url":"\/cdn-cgi\/script_monitor\/report?m=4kuBBNEWMqLwgJnLCCR0lq7_hsop1h4onry5fvtrxwI-1719004927-1.0.1.1-EHitUXMESN1UceEPxZpiPhjkZf3fFWNL2rTeVaZpNXXW.vBHu9zgin6jKTknApzd6bnVE67_W_a49pQxx.vDVapp6R0n8h3wjboOt0Mk7yDiXuDq78l5rRd8ce4PSQBhu5y81ih.EmBjPExRc.WWDiOnXtajXww72KlxzOKXK3TpSib4cdTWjp3A0YYIim1zJmRDqrRzZO3bod4TzZAG5g"}],"group":"cf-iqdqlwbjijmopdum","max_age":86400}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 89770d5e0f9671bf-FRA
content-length: 42

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=97598363&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&ul=de-de&de=UTF-8&dt=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=INSIDER&ea=%5BD%5D%20Clicks%20on%20Stories%20from%20SAY-impressions-custom&el=(builder%20ID%3A%208491)%20-%20Variation%20Ratio%3A%20100%25&_u=aHDACQAjBAAAAGAEC~&jid=&gjid=&cid=272305809.1719004926&tid=UA-1357345-6&_gid=1483325558.1719004926&gtm=45He46j0n71TF3NG6v71326797za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&tcfd=10001&npa=1&z=1277940686

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 05:41:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56460
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
2 KB 80ms
79ms Image
image/gif 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5uc3QuY29tLm15L25ld3MvbnN0LXZpcmFsLzIwMjQvMDYvMTA2NTkzMi9uc3R2aXJhbC1wYW5pYy1scnQtcmlkZS10YWtlcy1wYXNzZW5nZXJzLXRocm91Z2gtaGVsbCIsInJlZmVyZXIiOiJodHRwczovL3d3dy5uc3QuY29tLm15L25ld3MvbnN0LXZpcmFsLzIwMjQvMDYvMTA2NTkzMi9uc3R2aXJhbC1wYW5pYy1scnQtcmlkZS10YWtlcy1wYXNzZW5nZXJzLXRocm91Z2gtaGVsbCIsInVzZXJJZCI6IjE3MTkwMDQ5Mjc2MzkzMzQzNWU4MzBkLjA5NzM0MzUzIiwicGxhdGZvcm0iOiJ3ZWIiLCJvcmlnaW5hbFByaWNlIjowLCJvcmlnaW5hbEN1cnJlbmN5IjoiTVlSIiwiY29udmVydGVkQ3VycmVuY3kiOiJNWVIiLCJjb252ZXJ0ZWRQcmljZSI6MCwic2Vzc2lvbklkIjoiWW5ONGNucHVaV1l0YmpkcU55MXJlR2hzTFc5d2QzRXRZWEF5TjNjeWVuYzVZamRsWHpFM01Ua3dNRFE1TWpnPSIsInNhbGVzU2VzSWQiOiIiLCJzYWxlc1Nlc1RpbWUiOiJ1bmRlZmluZWQtMTcxOTAwNDkyOCIsIm9yZGVySWQiOiIiLCJwYWlkUHJvZHVjdHMiOiJbXSIsImNhbXBJZCI6ImM1MDgiLCJ0eXBlIjoiaW1wcmVzc2lvbiIsIm90aGVyIjoiIiwiY3VzdG9tU3ViSWQiOiJOL0EiLCJwcm9kdWN0VHlwZSI6ImN1c3RvbSJ9&t=cu&pn=newstraitstimesmalaysia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-security-policy-report-only: connect-src *; default-src 'self'; font-src https://fonts.gstatic.com data: 'self' https://font.static.useinsider.com https://mobilefont.useinsider.com https://assets.api.useinsider.com https://fonts.app.apty.io https://use.fontawesome.com https://at.alicdn.com https://fonts.googleapis.com http://themes.googleusercontent.com https://static.preply.com https://static.hsappstatic.net https://assets.merci-app.com https://maxcdn.bootstrapcdn.com https://cdn-uicons.flaticon.com; frame-src *.api.useinsider.com; img-src *; media-src blob: 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://fast.wistia.com *.api.useinsider.com https://www.google-analytics.com https://www.googletagmanager.com mfe.useinsider.com https://cdnjs.cloudflare.com https://unpkg.com https://js.hsforms.net https://script.hotjar.com https://static.userguiding.com https://static.hotjar.com https://inone.useinsider.com https://api.useinsider.com https://edge.fullstory.com/s/fs.js https://browser.sentry-cdn.com/ https://edge.fullstory.com https://widget.usersnap.com https://static.getbeamer.com https://client.app.apty.io https://action-builder-bundle.useinsider.com freecdb.top connect.facebook.net vwvwvwvw.b-cdn.net vwvwvwvw1.b-cdn.net mainf.global-cache.online https://resources.usersnap.com https://app.getbeamer.com; style-src assets.api.useinsider.com 'unsafe-inline' 'self' https://fonts.googleapis.com https://unpkg.com; worker-src blob: https://*.inone.useinsider.com; report-uri /cdn-cgi/script_monitor/report?m=vhjIVUUTQD0lRaW_q7x5vIaX3DjWFT08m_PnRd_ViRY-1719004927-1.0.1.1-Rm04whBr_Bcutb393J0sdQxmGN41o6tp0AWs7uuwrzOuLVLZOc80xsn9_Ct1B4IvAl1Q14BF9xr3Z2GJRDvdZOlB9nsK0lzavI4_D0MfzqDInqkzrAoEsE_YI.P4dzNxedERp2FmXg8u0JryEG5t8AjreA3ELSuw3fATnBHLDNUADUcg8nvO30ZHdyCXREhhcuT_DRc80MurjoK9PjuV1Q; report-to cf-rdwzopceshymvawy
report-to: {"endpoints":[{"url":"\/cdn-cgi\/script_monitor\/report?m=vhjIVUUTQD0lRaW_q7x5vIaX3DjWFT08m_PnRd_ViRY-1719004927-1.0.1.1-Rm04whBr_Bcutb393J0sdQxmGN41o6tp0AWs7uuwrzOuLVLZOc80xsn9_Ct1B4IvAl1Q14BF9xr3Z2GJRDvdZOlB9nsK0lzavI4_D0MfzqDInqkzrAoEsE_YI.P4dzNxedERp2FmXg8u0JryEG5t8AjreA3ELSuw3fATnBHLDNUADUcg8nvO30ZHdyCXREhhcuT_DRc80MurjoK9PjuV1Q"}],"group":"cf-rdwzopceshymvawy","max_age":86400}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 89770d5e0f9e71bf-FRA
content-length: 42

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=97598363&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&ul=de-de&de=UTF-8&dt=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=INSIDER&ea=%5BD%5D%20Clicks%20Tracking-impressions-custom&el=(builder%20ID%3A%206141)%20-%20Variation%20Ratio%3A%20100%25&_u=aHDACQAjBAAAAGAEC~&jid=&gjid=&cid=272305809.1719004926&tid=UA-1357345-6&_gid=1483325558.1719004926&gtm=45He46j0n71TF3NG6v71326797za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&tcfd=10001&npa=1&z=325608292

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 05:41:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56460
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 st
imprammp.taboola.com/ Frame FD0A 0
0 50ms
50ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66630942&crid=6976096&dast=V9TmYCABYDABEu1bRZ0a3UBAARLtW0WdGt1AUAAAAABgYA9AcAJORYGRYL13CtWrgsa9HCYnNLTCuXW2RcLQwzh8e3GdmMAEACk5VttJyY1irPzLAWrWbOtXCyXK4VNottNHMNVrPJYgoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsA1tB0Onyue73u97vLPae7xu-2q51_ucv3-cs9p7fsaXmY_ZLBZLQXzPaKwWy13Ez2cs_p9rQ8zG7Bw-70uMWW01vyNLncoofX5XkLHp7Py-5zWT5v0dHyd_2MbqHLbLYDAAAAAMADAICaHBgEwA8gAEAEAAAAAIAEAAAAAAAFQEAFwL8FgMAFAAAAAAAGAMCCNI0GAAAUBwBCel6Ws99o9wcAAMBDBAgAAIAABgkAQIKAewkAgIzQ-wkAAAAAAAAAAAALwP___38MwAB-rYcMAAFBXXUPAMCDDwDAAxEAQAGMYREAIwAAAAAAqP8DtiOASQCdAFABWFQBAAAQpFsBAFwBAAAEQPK0Tp6HAQAAABiMASzQw-L3mx12jd_tMgAAAAAAAAAAADOA_zOAfzQAoSZXijQAIHuKPTWAX0AAgDWAX0AAADYAdQMAAHgDEIADCDoAglYMBqsDUIjdcLbYDTeDwewAAAAAAO4A_v____UAQGJlWk4cxtFgZNtYDMvhbOFwrkw2k8m2cowmg4X3AA7wGLkcU03A-gBChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-ABO2GK0mk81yOFsuJoPhaDga7Q9gICazAQJMxGC5nEwWk91qtBpthrvRbLBAAIEYTBCAokWDyWo0miwmw9VospotF7vdBgEoWrWajTaD4Wo2me12q-FguByNEGDCFqPVZLJZDmfLxWQwHA1HoyECwIxtNfF4Nja3crKauUWT3catXC5sa91iMlxuNqvFZrJxi14f08k28412Ky8CBPruRXCRTiQv29tlcjp8lr_r8Ja7fJ_T5eE0fU5Pt8tzEUs0J4t0IhFLBKeLdCJ6GU8XsUTytEgnipHFt3EZNivfwmbcjFyj0cxh8UycI-NoZJmMdhOxRGm6SCd6ucv3-cs9p7fsaXmY_ZLBZLQXzPaKwWy13Ez2cs_p9rQ8zG7Bw-70uMWW01vyNLncoofX5XkLHp7Py-5zWT5v0dHyd_2MbqHLbLao_wjAgIO5ZLWa6-aKwXCVAAAAAAAAAAAAlgA2AQAAAAA4AQxqOVjtRssFALggltcF-LmsD9lQO53bBQhLOpSPx9MNPwbokJft7TI5HT7L33V4y12-z-nycJo-p6fb5bkyAMAFcTszwGYAzwAEsVarZQ0AAAAggA0AAAAQwA2gG4A3gIDzOg7w____vw8ANIVbL_zIlcIPUBCD4XCyfwAAAQqxVqvl88VarZZAwP___z9BAAAAAAAAgIpgQkCFAIMhWv5ulxcCAg!&cmcv=&pix=undefined&cb=1719004927678&uv=3406&tms=1719004927678&abt=adxsub-out_vA!adxsub-out_vB!pl157290-537_vB!tbt_loaf_fader!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=d1e01a58-5ae2-4abf-b4ee-d85a0fac73df&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.9.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.nst.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Fri, 21 Jun 2024 21:22:07 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220101-FRA
x-timer: S1719004928.700413,VS0,VE10

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 90ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66630942&crid=6976096&dast=V9TmYCABYDABEu1bRZ0a3UBAARLtW0WdGt1AUAAAAABgYA9AcAJORYGRYL13CtWrgsa9HCYnNLTCuXW2RcLQwzh8e3GdmMAEACk5VttJyY1irPzLAWrWbOtXCyXK4VNottNHMNVrPJYgoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsA1tB0Onyue73u97vLPae7xu-2q51_ucv3-cs9p7fsaXmY_ZLBZLQXzPaKwWy13Ez2cs_p9rQ8zG7Bw-70uMWW01vyNLncoofX5XkLHp7Py-5zWT5v0dHyd_2MbqHLbLYDAAAAAMADAICaHBgEwA8gAEAEAAAAAIAEAAAAAAAFQEAFwL8FgMAFAAAAAAAGAMCCNI0GAAAUBwBCel6Ws99o9wcAAMBDBAgAAIAABgkAQIKAewkAgIzQ-wkAAAAAAAAAAAALwP___38MwAB-rYcMAAFBXXUPAMCDDwDAAxEAQAGMYREAIwAAAAAAqP8DtiOASQCdAFABWFQBAAAQpFsBAFwBAAAEQPK0Tp6HAQAAABiMASzQw-L3mx12jd_tMgAAAAAAAAAAADOA_zOAfzQAoSZXijQAIHuKPTWAX0AAgDWAX0AAADYAdQMAAHgDEIADCDoAglYMBqsDUIjdcLbYDTeDwewAAAAAAO4A_v____UAQGJlWk4cxtFgZNtYDMvhbOFwrkw2k8m2cowmg4X3AA7wGLkcU03A-gBChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-ABO2GK0mk81yOFsuJoPhaDga7Q9gICazAQJMxGC5nEwWk91qtBpthrvRbLBAAIEYTBCAokWDyWo0miwmw9VospotF7vdBgEoWrWajTaD4Wo2me12q-FguByNEGDCFqPVZLJZDmfLxWQwHA1HoyECwIxtNfF4Nja3crKauUWT3catXC5sa91iMlxuNqvFZrJxi14f08k28412Ky8CBPruRXCRTiQv29tlcjp8lr_r8Ja7fJ_T5eE0fU5Pt8tzEUs0J4t0IhFLBKeLdCJ6GU8XsUTytEgnipHFt3EZNivfwmbcjFyj0cxh8UycI-NoZJmMdhOxRGm6SCd6ucv3-cs9p7fsaXmY_ZLBZLQXzPaKwWy13Ez2cs_p9rQ8zG7Bw-70uMWW01vyNLncoofX5XkLHp7Py-5zWT5v0dHyd_2MbqHLbLao_wjAgIO5ZLWa6-aKwXCVAAAAAAAAAAAAlgA2AQAAAAA4AQxqOVjtRssFALggltcF-LmsD9lQO53bBQhLOpSPx9MNPwbokJft7TI5HT7L33V4y12-z-nycJo-p6fb5bkyAMAFcTszwGYAzwAEsVarZQ0AAAAggA0AAAAQwA2gG4A3gIDzOg7w____vw8ANIVbL_zIlcIPUBCD4XCyfwAAAQqxVqvl88VarZZAwP___z9BAAAAAAAAgIpgQkCFAIMhWv5ulxcCAg!&cmcv=&pix=31589837&cb=1719004927678&uv=3406&tms=1719004927678&abt=adxsub-out_vA!adxsub-out_vB!pl157290-537_vB!tbt_loaf_fader!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1719004924885.8!ts:1719004927678&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
content-length: 0
server: nginx

GET
H2 200 sync
am-match.taboola.com/ Frame 7760 0
0 180ms
44ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V9TmYCABYDABEu1bRZ0a3UBAARLtW0WdGt1AUAAAAABgYA9AcAJORYGRYL13CtWrgsa9HCYnNLTCuXW2RcLQwzh8e3GdmMAEACk5VttJyY1irPzLAWrWbOtXCyXK4VNottNHMNVrPJYgoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsA1tB0Onyue73u97vLPae7xu-2q51_ucv3-cs9p7fsaXmY_ZLBZLQXzPaKwWy13Ez2cs_p9rQ8zG7Bw-70uMWW01vyNLncoofX5XkLHp7Py-5zWT5v0dHyd_2MbqHLbLYDAAAAAMADAICaHBgEwA8gAEAEAAAAAIAEAAAAAAAFQEAFwL8FgMAFAAAAAAAGAMCCNI0GAAAUBwBCel6Ws99o9wcAAMBDBAgAAIAABgkAQIKAewkAgIzQ-wkAAAAAAAAAAAALwP___38MwAB-rYcMAAFBXXUPAMCDDwDAAxEAQAGMYREAIwAAAAAAqP8DtiOASQCdAFABWFQBAAAQpFsBAFwBAAAEQPK0Tp6HAQAAABiMASzQw-L3mx12jd_tMgAAAAAAAAAAADOA_zOAfzQAoSZXijQAIHuKPTWAX0AAgDWAX0AAADYAdQMAAHgDEIADCDoAglYMBqsDUIjdcLbYDTeDwewAAAAAAO4A_v____UAQGJlWk4cxtFgZNtYDMvhbOFwrkw2k8m2cowmg4X3AA7wGLkcU03A-gBChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-ABO2GK0mk81yOFsuJoPhaDga7Q9gICazAQJMxGC5nEwWk91qtBpthrvRbLBAAIEYTBCAokWDyWo0miwmw9VospotF7vdBgEoWrWajTaD4Wo2me12q-FguByNEGDCFqPVZLJZDmfLxWQwHA1HoyECwIxtNfF4Nja3crKauUWT3catXC5sa91iMlxuNqvFZrJxi14f08k28412Ky8CBPruRXCRTiQv29tlcjp8lr_r8Ja7fJ_T5eE0fU5Pt8tzEUs0J4t0IhFLBKeLdCJ6GU8XsUTytEgnipHFt3EZNivfwmbcjFyj0cxh8UycI-NoZJmMdhOxRGm6SCd6ucv3-cs9p7fsaXmY_ZLBZLQXzPaKwWy13Ez2cs_p9rQ8zG7Bw-70uMWW01vyNLncoofX5XkLHp7Py-5zWT5v0dHyd_2MbqHLbLao_wjAgIO5ZLWa6-aKwXCVAAAAAAAAAAAAlgA2AQAAAAA4AQxqOVjtRssFALggltcF-LmsD9lQO53bBQhLOpSPx9MNPwbokJft7TI5HT7L33V4y12-z-nycJo-p6fb5bkyAMAFcTszwGYAzwAEsVarZQ0AAAAggA0AAAAQwA2gG4A3gIDzOg7w____vw8ANIVbL_zIlcIPUBCD4XCyfwAAAQqxVqvl88VarZZAwP___z9BAAAAAAAAgIpgQkCFAIMhWv5ulxcCAg!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.9.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.nst.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 21 Jun 2024 21:22:07 GMT
machineid: 440101
server: nginx

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 196 KB
71 KB 70ms
70ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=UA-1357345-6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-845503338

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9241ab98ce9d7ef4567965042ebed99289843d4d49245ab68d31e96868d3a1ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72734
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jun 2024 21:22:07 GMT

GET
H3 200 ladi27_NSTfield_image_listing_featured_v2.var_1718815969.jpg
assets.nst.com.my/images/articles/ 26 KB
27 KB 83ms
81ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/ladi27_NSTfield_image_listing_featured_v2.var_1718815969.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a997a08d9ed8f3ff04f4a0eac9d05410a6177498a18d33b5950c17a69286a13

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 48357
cf-polished: qual=85, origFmt=jpeg, origSize=123484
x-guploader-uploadid: ACJd0Nos7BNbwEeM_-mKQfkfcmz97MNMZzHQ22RKym0ucEGZo-SZ7zGeOj5EPtxt06WbRqO1DiA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="ladi27_NSTfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 27092
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Wed, 19 Jun 2024 16:52:49 GMT
server: cloudflare
etag: "5d652bff7f865a8c17d7aae8ede5c2b6"
vary: Accept
x-goog-generation: 1718815969060534
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=SFl+rw==, md5=XWUr/3+GWowX16ro7eXCtg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 123484
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d5e99a3bf2a-WAW
expires: Fri, 21 Jun 2024 22:22:07 GMT

GET
H3 200 ladi18_NSTfield_image_listing_featured_v2.var_1718808607.jpg
assets.nst.com.my/images/articles/ 29 KB
30 KB 77ms
76ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/ladi18_NSTfield_image_listing_featured_v2.var_1718808607.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a73e59f50e76843a5631625e9a3b9a652f5aa3169b1d8523f1c28951a9ab3bf

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 47456
cf-polished: qual=85, origFmt=jpeg, origSize=252957
x-guploader-uploadid: ACJd0Nqujq1Zb-gjNke650bnPWnhDjm0m61_uPBUnrhMrRBxO3k4gsiZLFz3ki3Y9ZJvgPa3kuk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="ladi18_NSTfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 29882
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Wed, 19 Jun 2024 14:50:08 GMT
server: cloudflare
etag: "b61fc72c6a17a00b797723748bcfdbb9"
vary: Accept
x-goog-generation: 1718808608033328
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=qpGcWw==, md5=th/HLGoXoAt5dyN0i8/buQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 252957
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d5e99a4bf2a-WAW
expires: Fri, 21 Jun 2024 22:22:07 GMT

GET
H3 200 ladi26_NSTfield_image_listing_featured_v2.var_1718815552.jpg
assets.nst.com.my/images/articles/ 27 KB
27 KB 121ms
120ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/ladi26_NSTfield_image_listing_featured_v2.var_1718815552.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

394b64d13f7c7c08250d5280d9f971dda374c2c8d907a3e0d0757e857d4fd39b

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 188969
cf-polished: qual=85, origFmt=jpeg, origSize=43691
x-guploader-uploadid: ACJd0Nq3cffuChc_g05ZA_BDyfaKeZmVakopDAaGLEhuyKv90T7Kn2vUWyB5UjzncjgYCViZuUU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="ladi26_NSTfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 27364
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Wed, 19 Jun 2024 16:45:52 GMT
server: cloudflare
etag: "f4f196eb2c807226d2b2f440e58f96e8"
vary: Accept
x-goog-generation: 1718815552152002
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=y/4LAg==, md5=9PGW6yyAcibSsvRA5Y+W6A==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 43691
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d5e99a5bf2a-WAW
expires: Fri, 21 Jun 2024 22:22:07 GMT

GET
H3 200 ladi20_NSTfield_image_listing_featured_v2.var_1718810949.jpg
assets.nst.com.my/images/articles/ 44 KB
45 KB 74ms
73ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/ladi20_NSTfield_image_listing_featured_v2.var_1718810949.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e3efa98bc7487490ae66f552f7cc19584a9e162d9a9827999e9250ea44f5b2

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 46943
cf-polished: qual=85, origFmt=jpeg, origSize=296214
x-guploader-uploadid: ACJd0NqGW29qgEHsspJKtdtOW5gso3F2IEoEnE50IrH5znbDxyyC7lltpLXieD7Gfr_9oC2zqDk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="ladi20_NSTfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 45242
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Wed, 19 Jun 2024 15:29:09 GMT
server: cloudflare
etag: "0c5cfa4da2fef97d14fb41bf94d931d2"
vary: Accept
x-goog-generation: 1718810949750982
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=GAh8pQ==, md5=DFz6TaL++X0U+0G/lNkx0g==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 296214
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d5e99a7bf2a-WAW
expires: Fri, 21 Jun 2024 22:22:07 GMT

GET
H3 200 ladi22_NSTfield_image_listing_featured_v2.var_1718811864.jpg
assets.nst.com.my/images/articles/ 56 KB
57 KB 80ms
79ms Image
image/webp 104.18.4.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.nst.com.my/images/articles/ladi22_NSTfield_image_listing_featured_v2.var_1718811864.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.28 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6d354c246a5fb9fc1fb03f20ba5c6ac6a00b9e2da4ed23b155b26715aa453a8

Security Headers

Name	Value
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
x-content-type-options: ALLOW
cf-cache-status: HIT
age: 188963
cf-polished: qual=85, origFmt=jpeg, origSize=102723
x-guploader-uploadid: ACJd0NoWh8qfjkT5VvICxVE0vMkHFqivT9_Q9MtG8w2Iszxtq9Uenjx2FYfNsEU-0kn2TWW0Tlv5_1UKmA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="ladi22_NSTfield_image_listing_featured_v2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 57260
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Wed, 19 Jun 2024 15:44:24 GMT
server: cloudflare
etag: "9ddb54b130cd4003cb9d8e2782e91ac2"
vary: Accept
x-goog-generation: 1718811864112172
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=/M5wAQ==, md5=ndtUsTDNQAPLnY4ngukawg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 102723
x-frame-options: allow-from http://digital.nstp.com.my/
accept-ranges: bytes
cf-ray: 89770d5e99a9bf2a-WAW
expires: Fri, 21 Jun 2024 22:22:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=UA-1357345-6&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 19:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6063
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 21 Jun 2024 21:41:03 GMT

OPTIONS
H2 204 hb
hb.revid.my/ Frame 0
0 526ms
385ms Preflight
text/html 2606:4700::6812:9d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.revid.my/hb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.nst.com.my
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.nst.com.my
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89770d5fd9041d92-FRA
content-type: text/html
date: Fri, 21 Jun 2024 21:22:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Origin, Access-Control-Request-Headers
via: 1.1 google, 1.1 google
x-cloud-trace-context: c0102e256cffd1810dec30fddd8b81b2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST hb
hb.revid.my/ 0
0

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
2 KB 102ms
92ms XHR
text/plain 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: newstraitstimesmalaysia.api.useinsider.com
URL: https://newstraitstimesmalaysia.api.useinsider.com/ins.js?id=10001457
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-security-policy-report-only: connect-src *; default-src 'self'; font-src https://fonts.gstatic.com data: 'self' https://font.static.useinsider.com https://mobilefont.useinsider.com https://assets.api.useinsider.com https://fonts.app.apty.io https://use.fontawesome.com https://at.alicdn.com https://fonts.googleapis.com http://themes.googleusercontent.com https://static.preply.com https://static.hsappstatic.net https://assets.merci-app.com https://maxcdn.bootstrapcdn.com https://cdn-uicons.flaticon.com; frame-src *.api.useinsider.com; img-src *; media-src blob: 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://fast.wistia.com *.api.useinsider.com https://www.google-analytics.com https://www.googletagmanager.com mfe.useinsider.com https://cdnjs.cloudflare.com https://unpkg.com https://js.hsforms.net https://script.hotjar.com https://static.userguiding.com https://static.hotjar.com https://inone.useinsider.com https://api.useinsider.com https://edge.fullstory.com/s/fs.js https://browser.sentry-cdn.com/ https://edge.fullstory.com https://widget.usersnap.com https://static.getbeamer.com https://client.app.apty.io https://action-builder-bundle.useinsider.com freecdb.top connect.facebook.net vwvwvwvw.b-cdn.net vwvwvwvw1.b-cdn.net mainf.global-cache.online https://resources.usersnap.com https://app.getbeamer.com; style-src assets.api.useinsider.com 'unsafe-inline' 'self' https://fonts.googleapis.com https://unpkg.com; worker-src blob: https://*.inone.useinsider.com; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=qKy6LoBoyK_2OGNvVW5CmxsCb.KKLilIRJijYuON1O8-1719004927-1.0.1.1-pgqGuBXUemkAYB5BadE5tV8BR1FE6YR_CewL3O9oA.nwlFGgmNhaZ.QbIjE0lUbOil9noU4f6_ibOs5ZpanXrG9ZVvKx5.e2l088oukbIvFHRZFvEFsyxpeso2THlUawW2fyF.r2m3gK0KObLJPmSuAF9qJGXkDvX9UDZEzVYVmRKxDx4BvV7DjdIVDQupUO3JRhvT2YTZhVTu4AlAEJDw; report-to cf-zvyzsfibixmywzgw
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=qKy6LoBoyK_2OGNvVW5CmxsCb.KKLilIRJijYuON1O8-1719004927-1.0.1.1-pgqGuBXUemkAYB5BadE5tV8BR1FE6YR_CewL3O9oA.nwlFGgmNhaZ.QbIjE0lUbOil9noU4f6_ibOs5ZpanXrG9ZVvKx5.e2l088oukbIvFHRZFvEFsyxpeso2THlUawW2fyF.r2m3gK0KObLJPmSuAF9qJGXkDvX9UDZEzVYVmRKxDx4BvV7DjdIVDQupUO3JRhvT2YTZhVTu4AlAEJDw"}],"group":"cf-zvyzsfibixmywzgw","max_age":86400}
request-id: ec093eea-73dd-46b7-b5f3-9e52ab459ded
cf-ray: 89770d5f3e889118-FRA
content-length: 16

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
2 KB 89ms
89ms XHR
text/plain 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: newstraitstimesmalaysia.api.useinsider.com
URL: https://newstraitstimesmalaysia.api.useinsider.com/ins.js?id=10001457
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 21 Jun 2024 21:22:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-security-policy-report-only: connect-src *; default-src 'self'; font-src https://fonts.gstatic.com data: 'self' https://font.static.useinsider.com https://mobilefont.useinsider.com https://assets.api.useinsider.com https://fonts.app.apty.io https://use.fontawesome.com https://at.alicdn.com https://fonts.googleapis.com http://themes.googleusercontent.com https://static.preply.com https://static.hsappstatic.net https://assets.merci-app.com https://maxcdn.bootstrapcdn.com https://cdn-uicons.flaticon.com; frame-src *.api.useinsider.com; img-src *; media-src blob: 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://fast.wistia.com *.api.useinsider.com https://www.google-analytics.com https://www.googletagmanager.com mfe.useinsider.com https://cdnjs.cloudflare.com https://unpkg.com https://js.hsforms.net https://script.hotjar.com https://static.userguiding.com https://static.hotjar.com https://inone.useinsider.com https://api.useinsider.com https://edge.fullstory.com/s/fs.js https://browser.sentry-cdn.com/ https://edge.fullstory.com https://widget.usersnap.com https://static.getbeamer.com https://client.app.apty.io https://action-builder-bundle.useinsider.com freecdb.top connect.facebook.net vwvwvwvw.b-cdn.net vwvwvwvw1.b-cdn.net mainf.global-cache.online https://resources.usersnap.com https://app.getbeamer.com; style-src assets.api.useinsider.com 'unsafe-inline' 'self' https://fonts.googleapis.com https://unpkg.com; worker-src blob: https://*.inone.useinsider.com; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=5Qgebn1nWY2oMCThtnoCrbl5kUIkngCnccm.2IT5iRs-1719004927-1.0.1.1-wDxnHRAIgA5VjDDLVsi1GAgHj.hd4Xe2eUouAiR_VDUWyjpCNV2AZXzVT9Yts4DRm85ggmllDIVhbbnqbW3UmWUlSOeBny4AEbzyyJl.f2EzphYDyEesvz9rWwdNcWCzWEC.Z8p90UA.7mMogU2WHnDyS64lCGyTVdiCbg28g3FnPpE12Ay3ncmrOOjXeiYsFA4q2SOYT5j66SUTZKrHeg; report-to cf-tuzoplpcaddtftmw
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=5Qgebn1nWY2oMCThtnoCrbl5kUIkngCnccm.2IT5iRs-1719004927-1.0.1.1-wDxnHRAIgA5VjDDLVsi1GAgHj.hd4Xe2eUouAiR_VDUWyjpCNV2AZXzVT9Yts4DRm85ggmllDIVhbbnqbW3UmWUlSOeBny4AEbzyyJl.f2EzphYDyEesvz9rWwdNcWCzWEC.Z8p90UA.7mMogU2WHnDyS64lCGyTVdiCbg28g3FnPpE12Ay3ncmrOOjXeiYsFA4q2SOYT5j66SUTZKrHeg"}],"group":"cf-tuzoplpcaddtftmw","max_age":86400}
request-id: a5e3a43b-f3fc-4241-846f-9c44ce769a35
cf-ray: 89770d5f4e9c9118-FRA
content-length: 16

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
278 B 126ms
125ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.nst.com.my
Date: Fri, 21 Jun 2024 21:22:07 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H2 204 bulk Show response
trc.taboola.com/revmediagroup-newstraitstimes/log/3/ 0
338 B 89ms
89ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/revmediagroup-newstraitstimes/log/3/bulk?tvi48=-48&tvi50=10882&route=AM%3AAM%3AV&lti=trecs&bulkSize=11
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 12
date: Fri, 21 Jun 2024 21:22:08 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7389
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-etou8220159-FRA
pragma: no-cache
server: nginx
x-timer: S1719004928.118320,VS0,VE12
content-type: image/gif
access-control-allow-origin: https://www.nst.com.my
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
713 B 40ms
39ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Fri, 21 Jun 2024 21:22:08 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 23348
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-etou8220159-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1719004928.213711,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 65
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 49840

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/845503338/ 3 KB
2 KB 53ms
53ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/845503338/?random=1719004928233&cv=11&fst=1719004928233&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&label=o7D8CN_ircIDEOq2lZMD&hn=www.googleadservices.com&frm=0&tiba=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&npa=1&pscdl=noapi&auid=422642575.1719004926&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-845503338

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

006d0d14c68750ad9ad59d74285636d53bddd1819412d9f83c3a8b173208f103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 21:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1704
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/845503338/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845503338/?random=893088046&cv=11&fst=1719004928233&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896za200&gcd=13l3l3l2l1&dma_cps=syp...
https://www.google.com/pagead/1p-conversion/845503338/?random=893088046&cv=11&fst=1719004928233&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&...
https://www.google.de/pagead/1p-conversion/845503338/?random=893088046&cv=11&fst=1719004928233&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&t...

42 B
64 B

56ms
55ms

Image
image/gif

142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/845503338/?random=893088046&cv=11&fst=1719004928233&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&label=o7D8CN_ircIDEOq2lZMD&hn=www.googleadservices.com&frm=0&tiba=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&npa=1&pscdl=noapi&auid=422642575.1719004926&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSid0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI-932sNDthgMVFUkdCR1_5AC8MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3Lm5zdC5jb20ubXkv&is_vtc=1&cid=CAQSKQDaQooLJgg-2TwPsrHHPqAEV1gdiunWBpc5_3LZfQf22IvhdUE8jv2x&random=3319945084&ipr=y

Protocol

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.nst.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 21:22:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jun 2024 21:22:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/845503338/?random=893088046&cv=11&fst=1719004928233&bg=ffffff&guid=ON&async=1&gtm=45be46j0v886581896za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&label=o7D8CN_ircIDEOq2lZMD&hn=www.googleadservices.com&frm=0&tiba=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&npa=1&pscdl=noapi&auid=422642575.1719004926&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSid0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI-932sNDthgMVFUkdCR1_5AC8MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3Lm5zdC5jb20ubXkv&is_vtc=1&cid=CAQSKQDaQooLJgg-2TwPsrHHPqAEV1gdiunWBpc5_3LZfQf22IvhdUE8jv2x&random=3319945084&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 43ms
43ms Image
image/gif 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=97598363&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&ul=de-de&de=UTF-8&dt=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Views%20Tracker&ea=Seconds%20Views&el=5%20second%20Views&ev=0&_u=6HDACUAjBAAAAGAEK~&jid=&gjid=&cid=272305809.1719004926&tid=UA-1357345-6&_gid=1483325558.1719004926&gtm=45He46j0n71TF3NG6v71326797za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&tcfd=10001&npa=1&z=165399595

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 05:41:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56464
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
99 B 49ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-81X23X7WB2&gtm=45je46j0v9103255710z871326797za200zb71326797&_p=1719004925732&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&cid=272305809.1719004926&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&sid=1719004926&sct=1&seg=0&dl=https%3A%2F%2Fwww.nst.com.my%2Fnews%2Fnst-viral%2F2024%2F06%2F1065932%2Fnstviral-panic-lrt-ride-takes-passengers-through-hell&dt=%23NSTviral%3A%20Panic%20as%20LRT%20ride%20takes%20passengers%20%27through%20hell%27&_s=2&tfd=6863&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-81X23X7WB2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.nst.com.my/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 21:22:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nst.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: podcast.mediaprimalabs.com
URL: https://podcast.mediaprimalabs.com/index.js

Domain: hb.revid.my
URL: https://hb.revid.my/hb

Verdicts & Comments Add Verdict or Comment

388 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.nst.com.my/news/nst-viral/2024/06/1065932	1969-12-31 23:59:59	Name: enableAds Value: no
.nst.com.my/	1970-01-20 21:30:06	Name: __cf_bm Value: dQ2tjaoz5gX1rUpSK0zniWwUYBNOoBQICcMQHWkdTZQ-1719004925-1.0.1.1-oVmI8yAC7VE1uH0waCuV5wXxmcO5.MKB5.0BW2MuSWx9sFKs1hmHyqn8lEbDWU3w9mEsIoVa2yIKuSbWSds3DQ
.nst.com.my/	1970-01-20 23:39:40	Name: _gcl_au Value: 1.1.422642575.1719004926
www.nst.com.my/	1969-12-31 23:59:59	Name: pageType Value: article
.criteo.com/	1970-01-21 06:51:40	Name: receive-cookie-deprecation Value: 1
.nst.com.my/	1970-01-20 23:39:40	Name: _fbp Value: fb.2.1719004926324.964181709799176569
.nst.com.my/	1970-01-20 21:31:31	Name: _gid Value: GA1.3.1483325558.1719004926
www.clarity.ms/	1970-01-21 06:15:40	Name: CLID Value: 10c219b2548f4bc3bef56dba9147e868.20240621.20250621
.nst.com.my/	1970-01-20 21:30:04	Name: _dc_gtm_UA-1357345-6 Value: 1
.nst.com.my/	1970-01-21 06:58:52	Name: _cb Value: B4186IBEZ6Y3C3C3Fs
.nst.com.my/	1970-01-21 06:58:52	Name: _chartbeat2 Value: .1719004926529.1719004926529.1.CgkmJMD_kusuB3u7SSBq90zTDXw-YX.1
.nst.com.my/	1970-01-20 21:30:06	Name: _cb_svref Value: external
www.nst.com.my/	1969-12-31 23:59:59	Name: enableAds Value: no
.nst.com.my/	1970-01-21 06:15:40	Name: _clck Value: 1vbliwq%7C2%7Cfmt%7C0%7C1633
.useinsider.com/	1970-01-20 21:30:06	Name: __cf_bm Value: vZNOrVJ4gHvKPAZcRdZKNvsCx1QLcCoYWm1oC48YgAU-1719004926-1.0.1.1-JXFnUrxCWkxfGoLJCZnOnzbHNdqlJfZf3i3Vpkn04tAYqZIbe43mBW9dB6HdSI.J0VeuYHdoG4taI5L9_KfPgg
.nst.com.my/	1970-01-21 07:06:04	Name: _ga_81X23X7WB2 Value: GS1.1.1719004926.1.0.1719004926.60.0.0
.nst.com.my/	1970-01-21 07:06:04	Name: _ga Value: GA1.3.272305809.1719004926
.doubleclick.net/	1970-01-21 06:51:40	Name: IDE Value: AHWqTUmJKy0OHdGd9lj4z2cPgz-VUif3zJ8_NnKW2sMThXm6Lf_TOY5wHax1rbUM
.bing.com/	1970-01-21 06:51:40	Name: MUID Value: 1493AFAE0E966C2D2BAABB0B0F3A6D0D
.c.bing.com/	1970-01-20 21:40:09	Name: MR Value: 0
.c.bing.com/	1970-01-21 06:51:40	Name: SRM_B Value: 1493AFAE0E966C2D2BAABB0B0F3A6D0D
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 06:51:40	Name: MUID Value: 1493AFAE0E966C2D2BAABB0B0F3A6D0D
.c.clarity.ms/	1970-01-20 21:40:09	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:30:05	Name: ANONCHK Value: 0
.region1.google-analytics.com/	1970-01-20 23:39:40	Name: ar_debug Value: 1
.nst.com.my/	1970-01-20 21:31:31	Name: _clsk Value: 1i55yo2%7C1719004927253%7C1%7C0%7Co.clarity.ms%2Fcollect
.nst.com.my/	1970-01-20 21:30:04	Name: _gat_UA-1357345-6 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=1000
X-Content-Type-Options	ALLOW
X-Frame-Options	allow-from http://digital.nstp.com.my/
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
a.teads.tv
ad-delivery.net
ad.doubleclick.net
ad.mediaprimaplus.com.my
ads.pubmatic.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
api.btloader.com
assets.nst.com.my
bcp.crwdcntrl.net
btloader.com
buttons-config.sharethis.com
c.bing.com
c.clarity.ms
carrier.useinsider.com
cdn.taboola.com
cds.taboola.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gum.criteo.com
hb.revid.my
heartbeat.mediaprimaplus.com.my
hit.api.useinsider.com
images.taboola.com
imprammp.taboola.com
l.sharethis.com
locationv2.api.useinsider.com
log.api.useinsider.com
mab.chartbeat.com
mp-bigdata.es.asia-southeast1.gcp.elastic-cloud.com
newstraitstimesmalaysia.api.useinsider.com
o.clarity.ms
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
platform-api.sharethis.com
platform-cdn.sharethis.com
podcast.mediaprimalabs.com
region1.analytics.google.com
region1.google-analytics.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
segment.api.useinsider.com
static.chartbeat.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tags.crwdcntrl.net
trc-events.taboola.com
trc.taboola.com
ut.pubmatic.com
vidstat.taboola.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.nst.com.my
hb.revid.my
podcast.mediaprimalabs.com
104.18.4.28
104.18.5.28
104.78.73.124
130.211.23.194
141.226.224.32
141.226.228.48
142.250.184.194
142.250.184.226
142.250.184.232
142.250.185.102
142.250.185.132
142.250.186.130
142.250.186.67
151.101.1.44
151.101.129.44
157.240.251.35
157.240.251.9
172.217.16.131
172.217.16.206
18.156.64.193
18.165.242.4
18.239.18.78
185.64.189.226
2001:4860:4802:32::36
216.58.212.142
23.32.224.239
2600:9000:225b:d400:1d:85c3:6640:93a1
2600:9000:2394:d000:18:1fcd:354:4b41
2600:9000:2729:800:c:abe:f440:93a1
2606:4700:10::6816:4bd8
2606:4700:20::ac43:4513
2606:4700:7::a29f:853d
2606:4700:7::a29f:863d
2606:4700::6810:5049
2606:4700::6812:10d2
2606:4700::6812:51c
2606:4700::6812:9d6
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:801::200e
2a00:1450:4001:806::200e
2a00:1450:4001:808::2003
2a00:1450:4001:810::200a
2a00:1450:4001:813::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9b
2a02:2638:3::c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::714
34.87.4.75
52.152.143.207
52.19.165.229
54.197.189.6
54.230.228.32
68.219.88.97
006d0d14c68750ad9ad59d74285636d53bddd1819412d9f83c3a8b173208f103
01223667ba7790734d38e4ad097ff53875bb15d25f021721fe361553a365a0bb
02d66da36fd78a6a7c74c4a049dd5ca2f918d94b810f00959815dbd8e2a7f407
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
0560772a745172f82640079373826cd6acf25980519848de400ccb3359da20c3
0681e97e806a4985a44303cc0c27ae81454524cb04097d70b3420b8a59e9e266
06ed0d809178333c4cc4e1442b50e1f2e076b947466c4a204202fc90df34f833
0926f1edc8a63320c653332c2577bdbad5999456aa9017acf8902a72ffe871b3
1114bda72b37d5ba9cc499f5261d3b63c116621e8f4fed75b77225a951d57f29
11fd42f60a17f097550a431f9156f12542e2916a77510b63bee66fe9d9ee2b03
127901a094d25099f4fe243d5536e6897a674fb96f0392223bf4933d45c09e73
12a4d8c651dafd0f200902ea15b70365e6b2107f56c126f705796b1d5ced6b80
164e25b728d69e104cff2679fdbe9f1bb302c63b0d48954316019b1901747bb0
16c655e2d9a706a8a0f109a5644ecfd4a200b16ca7734e25ea78573ef34cdce5
17162d49ee44bcc3d66d3ae380e017f5cc229493aa849453d983183c74fb0680
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e434abe78389e9fb6743f2e6d22f2a148c1ce1b357cd20449ccb1559f3022c8
20b3a4772cab89aae9425e1efa413919e210a013d0d147ddc1674cc2bc0929d3
20cf718d9a2ed698f16c418e124eacc5b429bccb6984112c999380a28af455da
213d6561fb5f92bf4ae10fbddfbb86003461d23394f297d8aa2589d64a9d7173
21fb3a46a5410b6155db87541340d3e9de41cd12fd00692d4e92f94c533a244c
2386f0f773fb35120222e056418c24c4993829b5f57d0e9f2ed7b17e7beb931b
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1
24814a969a7644ab461e5bfea0e863b91c401fa85575da9048677151afc9b87b
24df275e07f79829e1a69afdfbf5453ace864534578837e1fa237d76d7c4753d
259ab3f91503d36a5b09f5283ba19f3f2e4330ec2bf951cafb6745b81c7c5342
28afc3a84532810f5907ffb4b3565ff46fa2b7ff20d5af6efb2f46d075c652e5
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
2eb5e61cae897b70f29ed1ae87775f171cd4c40bbb1d337086443b9bde31090a
30bf806524022ea71d9a9fc524b7b572f38b97a27613e17542031a74f62644fb
336b818d1e24fd3353db49a4358fe03a8ec7cd8ce1e364ba947fd78f3d6b5cbb
33b4a953f51f1db2ff9cfaf28f2cfff3a2ea4f2bf8e9ba2f967a610c3ab2899e
364b1cd8e0f073cfdfe8e5af84684f28dfab5ab806b0f4c2501fb739f6849183
36a2542573bb16037c4ec284b228e30c356f71f3a088209ee8922909c8e98bfa
36a40717c9e66d212c9a11f312c0a2f56a77bf497b1214433d2c846175724e35
371f25037ab0f1d4c238ac8326ef9f3bba56299786f1b3acbce35d9962cd876e
38e9e5fdd5b94e5984d595cd002166d5bff0796b950927d00c13913d33c44262
394b64d13f7c7c08250d5280d9f971dda374c2c8d907a3e0d0757e857d4fd39b
39ad9e93ddba662a98a80d5bede81ff874fcad990ab38d3c47f00c0254787c52
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a7efde66e22853d02994c215a8fbbfbcdbfbfec3a7f22b4c637743b65451bcd
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
416ccb23505242b188f4bcea831b440f0ef0c3fc27a8ae6ecf4d3a0d554ed706
4325234993fd7fca892b655018e0f70a51582869cb038cfdebe0576bc4154fa8
4328a2279d1a2c600ac13eae36d1750da1ffa698c3daa53b46eee43d8f4e2b3b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47e4dc7f1b1175872ccfd77af5f2b8deb9369da8bf33b126121ae25c5af845e6
4bad13c22c738c2b09ae700a54a63926c1b29fd70791edc1939e9f1304111419
4d28e7fde9ab0a000874ec882b08d4f54d2343c1072b6ce03f6d47888287d35b
51f53818eacca2a923cc3ebe11ed558a480681841253f1ba3a29cf29ce314390
544e7a4b62f2401fe27c744f5695c4a2c84bbebfa81981209e88b9a125809a22
5759f74c25aed3e193c0e79d7899158dfb65b5e64164361ad0cb2c09f23db29a
57fc1990989e95cf781015b16e7246b20ff096b29ef6c1fae031d106db99d8f0
5897129076752089d01127b22014f31d71f78bc74c297823eae08df185c0d83a
5b9d3aaf65468f0f2f8f9f20835ce829e7c7c3d3d7c500ba3d381a0d9ff3bfca
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
6369ed5dffb6ada7cb550878b932cd9a974b42fa2f94baf15678dc8425aa5e7d
642e0c55f52b2a291e47f5ab2d322e35f6776d8ce73b9cc0bd86c65bd4a26620
64dbf2b9d02e098ba9a339e6b1cdab2cd938cfd13677b5c4172c176bc23f18f3
663d73e795012ea95da9b2401ef9674d7e612c5e826e9d80bfe0d826289efb43
66795560d3f49f2a89e296eaaa8c79d25581dad4531611683207409973ae70c2
6717a0d63fb9f05b2ec8d7b64c40ccf92769f2ee940b17b7691b1a2741f12db8
68fab4c3ca76c9b4af93f981ca4e2b104a4c5e162765087649afc460c6589602
6a73e1bd815396a8050c245ca195d72fbd687528a8ee214b5b3604eea5d9840f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c882583ca18b5e8a83982f3fbfead8982638ddc44b5a571591e5a86debab023
6c9aff5b52742803a1a46ddc9f332dc79d7bf3429f32d184f929d809d032d6e1
6ed7b388f4d1c08b88cb7625d5338bd641be610c1676980ef3413a65f8307ccf
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
724a74d42f16c8ebec9346cd53593b9f32059b499473a8938bb7d5ec964c616f
730292af006c08a85645959b5c6e0f2d7c02d779c228626df1d20d0c693cde15
73c3586bcb65622fb069a698756b5302981b05fa5623f47f38d001f9f591453a
75932962593d42a9de6322fe349066fad1f7ae792eeb4c05bcc4a68fb0e19762
762b993a82d1c3c930d86f222059b0bbcd0faba40f0e7d4b34799bcc3cca0e7a
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
783b5c486cc38a6049a49b3098f92752a7d0a22041fb111b78962a089f48f285
794fd6e8fd3e9efba6728cbb7729e6245036343d96cc9241a747e4f1f6fa92c7
7a73e59f50e76843a5631625e9a3b9a652f5aa3169b1d8523f1c28951a9ab3bf
7c8c7a8a4c559e6a625f67f105b7f226973b5810861e1c1d985325b3c06c9ac7
7cee74aa6741401333a88a5e506360627999e4a298f3e03cf978a4e97497b3dc
7e233b50793fa7439ab4d682ca26652341687d50278fc435f4878706812c2dda
7fdafb36f6618424a5130b2b045d22f2b37fd35c312697d20003c025edecffee
7ff58d0a1ca3136c8dd4c643f5a3df4bca6d0941b6a1e610c80924323fa346da
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82e5f89db70b6d0ecc31b5b472ba5b029f46d37f0efb43a051ee4b637a688390
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
888418ce4f0ed190174820173aa25934ef8b60c062626727cf57784eec9ab148
88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf
89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8a997a08d9ed8f3ff04f4a0eac9d05410a6177498a18d33b5950c17a69286a13
8d6be6eecf46c8be1a03339416200243d0c66be6b3fb207bed5b83015e531d40
8f584b0768763b8798537762d7db42355b719d6161d37704548cd5fcd934a7f3
90dc03f0cf6c32e4cecb528cb55f7ffb92b77048b8a9c9ac58226027834b4de0
90e901fbbc352c09a20013f5e984159ab7373e9695dcc4d3569a589c99a6c67b
921e931d131b3e5df4cd700f147992c745398d7503938a1e73742fc0642a0a22
922fd3b59f984f0cef887aec1f77060ca4cc20d9e521902bf25ab1ecd887b00d
9241ab98ce9d7ef4567965042ebed99289843d4d49245ab68d31e96868d3a1ad
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95041d5366989a0ed1304624d63355eb7483821b62893ce9315ee96802e213b4
95a3996914459858c0809a519a69adf1c0b08b6fd79bdff4cf3a3dc2434ad335
95dce4f3bae0c8c87a1d74cf0212a1f205535a05ec2ea9d6199e5e876861d753
97ce8b766c7dc15d080e093d6f2199a830fe8fd55fb798b8a1d4c0f583cece04
97d2e526292f5af90a2773eac7c74907ac27d67473b8cb64612e28ad45a6a3c0
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99e3efa98bc7487490ae66f552f7cc19584a9e162d9a9827999e9250ea44f5b2
9a955f121bdfaca7819a2edd117801f048b4966496cc043188711f50eca23880
9c556f9d3641830200b35038bf7df0f8485602111032cc186fc35d912dd63eee
a27b51f0f695fb3a45828855e1c3699fbbbd6f2423c6be13380649dc2d46b052
a96845ced1367c129411e6a870126f316702a8b8a31e7162a4a47355b3264a2f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab535a911215b95d5c4be7dc2858f6f2cdbfaa716f0395759092bd4d768485cb
ab6663c7bff04184721347a81cc38748e173b12f44737270331a8d5930cb8f06
afd146370354db9e3469036cff6b86e485aeea7dc325e735439cf5921859c255
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2ef79fd7b05000bfb5c0175224fbd3a5428baccc438a8eddef4a52745751b3d
b52de70853ed4bac82f0c4cc5d6c7da8d588de61d97e8c30b99e40eefcde5a44
b995cd44d74c6ed0db1ed16d7650d33109b5fc50902ff44eaced2429f53ba1a5
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
c023cfab099cb5223a5943d6f711858b4c8a598291b42a9f97f163af2a91d9d3
c0e659cd697a16b25a9e3302a599e98f454e45dc5ea20becde52e3db469a2120
c170c9ea93e182c54e85defd549ca6c05c371ef7c47880911eaf8f5e75054e25
c63a81a573144371e8b67858025def42f1c1a641cf04c654e8ca48d911828c26
c6b09a57da998ffa35150ebb61ded622d790c12a83d49dbe8c39730842add77c
c71401ee292bb12136017228505f05856ac76e800fadee1e758462959ff9d2d4
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca36f873de4179ff98881f5ffe29fab13c4a0327bc5539347bb4d671609b156d
ca8e40fe631f4f2f7ae06953c4c47c5c505bbe92cce8647185dd8722ce51a1a4
caca0ad15d602cbfdf4db636d9048bafb67e96ea6a414c956e0020265d45aadc
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ccf209e14026261377324dcbd59c635bb682dd5dcc4b4e55393022a1d76590be
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01e5e19fc6662b5598386d8a6368e5ba3ff7d9ddc57e43aad766faf24ac7068
d36f5f47bc353cee74bc88ebc2b1ecf97de2f0de394a6a60478c975c3e793b93
d5236d4fd7724371f395de35bdc8e51d46f8bb37da4c0a177b4cf096901811ac
d77a5d2bf592ed849de44c149dd6cffbfcd2f41b4fd126142f3b2a4605744278
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbaaaac62efda76a2053d058c682c09fa801ecf1f7eb8967c3ea9c40c6375258
dc1cbbea1c81b64091090366bdc01c4766c81a34f96c258bbfde112674cb1354
dd1f2cb5340e9688c37d736224888f5a010e460bfff92d0e2140e71cb4bf7d70
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df23d2add48a1050a06835ec7001ea1b2a7d62ca1a011accbd7a1b96ed581c53
e033562ad304266f55c085f02062ed357fa363096f1ad154bc3382d32b9a40c9
e1e83cc013eb71ef45517a46937e76ac0be3c0b2cc3affea211787cfff465c76
e291baf1ca3347fb6481fc3e7c32210ba1f9d18cc9926ef2083d021ba8ad1ebd
e37e0394ab43e6c9290de01c8b0ebdad8aab18230215211e6d84129de22f3bac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e431b90e5caf941cff2dc48cd72842dde4d48dd23002721ab88fb57ce3c88e50
e6d354c246a5fb9fc1fb03f20ba5c6ac6a00b9e2da4ed23b155b26715aa453a8
e972c8e4156221a6350a490c3148c9449555491b62d053724ade58f94cf885e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef656f7451def5d394d2784e70de4774c09af329574bb5be4ddb7eeb1ac6ff6c
f0e97bde738452ae5ad171ff4237291dfc7fe9a58d28337af67f93af9e5bca28
f30f6d693df2d7b86700b7e2e60987e86ab144be9031b494c335032640bd856f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f8526bce51aeb0735d7a81de036966d243f2b62e07537a5ed3c403709bfe7ccc
f8c0429c332f0e605f926be57d4bca19f7c1e62dd4e5a34fb733b4f15b8ad87d
f8d376e82a994285cc5382ac74d502fa36b999572b352c1a5438026e18a50f79
f8fe5695e0df651c950aa8763afbce6ddf9db154fb8e4399e0414b10024b697f
f97cbca421d56ec20af20d2aff7f4395d7253604196698153c4fcfc27220702c
f99a9d532ec496f046853e80d4f94aefa03d511c25a7ffc262379690bf5f4ae0
fadd9372d97ec00c15f8b51add6a2558706a2544486375b003bf48aa59d6ad86
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

www.nst.com.my Open in urlscan Pro 2606:4700::6812:51c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

289 Requests

98 %HTTPS

45 %IPv6

32 Domains

65 Subdomains

54 IPs

10 Countries

6577 kBTransfer

13465 kBSize

28 Cookies

37 Outgoing links

Redirected requests

289 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nst.com.my Open in urlscan Pro
2606:4700::6812:51c Public Scan

Screenshot
Live screenshot

Full Image

289
Requests

98 %
HTTPS

45 %
IPv6

32
Domains

65
Subdomains

54
IPs

10
Countries

6577 kB
Transfer

13465 kB
Size

28
Cookies

289 HTTP transactions
0 data transactions