urlscan.io logo urlscan.io
SecurityTrails logo

www.nst.com.my Open in urlscan Pro
104.18.12.80  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Submission: On October 26 via api from GB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 72 IPs in 10 countries across 55 domains to perform 292 HTTP transactions. The main IP is 104.18.12.80, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.nst.com.my.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 31st 2021. Valid for: a year.
This is the only time www.nst.com.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
40 104.18.12.80 13335 (CLOUDFLAR...)
21 142.250.186.138 15169 (GOOGLE)
1 104.16.95.65 13335 (CLOUDFLAR...)
4 2.16.186.10 20940 (AKAMAI-ASN1)
2 2.18.234.190 16625 (AKAMAI-AS)
8 104.75.88.126 16625 (AKAMAI-AS)
1 104.18.18.113 13335 (CLOUDFLAR...)
1 13.225.78.37 16509 (AMAZON-02)
4 142.250.185.99 15169 (GOOGLE)
5 2.18.233.180 16625 (AKAMAI-AS)
1 216.58.212.136 15169 (GOOGLE)
2 52.209.129.133 16509 (AMAZON-02)
2 178.250.2.146 44788 (ASN-CRITE...)
2 142.250.185.226 15169 (GOOGLE)
6 172.217.16.142 15169 (GOOGLE)
2 142.250.185.66 15169 (GOOGLE)
2 13.224.190.164 16509 (AMAZON-02)
1 9 13.225.78.101 16509 (AMAZON-02)
4 157.240.20.19 32934 (FACEBOOK)
2 104.212.67.232 8075 (MICROSOFT...)
1 2.18.235.40 16625 (AKAMAI-AS)
1 2.18.232.28 16625 (AKAMAI-AS)
16 172.217.23.98 15169 (GOOGLE)
3 104.17.171.114 13335 (CLOUDFLAR...)
1 13.224.196.32 16509 (AMAZON-02)
1 151.101.66.202 54113 (FASTLY)
10 20.188.98.74 8075 (MICROSOFT...)
1 2 142.250.186.130 15169 (GOOGLE)
1 74.125.133.155 15169 (GOOGLE)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 204.79.197.200 8068 (MICROSOFT...)
2 50.16.211.97 14618 (AMAZON-AES)
1 54.86.215.174 14618 (AMAZON-AES)
1 13.225.84.38 16509 (AMAZON-02)
1 142.250.184.234 15169 (GOOGLE)
1 13.224.196.43 16509 (AMAZON-02)
1 104.26.4.103 13335 (CLOUDFLAR...)
4 104.16.85.20 13335 (CLOUDFLAR...)
1 13.225.78.13 16509 (AMAZON-02)
1 2 185.94.180.125 35220 (SPOTX-AMS)
3 142.250.186.100 15169 (GOOGLE)
5 104.18.19.238 13335 (CLOUDFLAR...)
11 185.64.189.112 62713 (AS-PUBMATIC)
5 184.31.84.150 16625 (AKAMAI-AS)
8 185.33.223.178 29990 (ASN-APPNEX)
6 185.86.138.32 201081 (SMARTADSE...)
8 35.244.159.8 15169 (GOOGLE)
3 70.42.32.159 22075 (AS-OUTBRAIN)
1 151.101.114.132 54113 (FASTLY)
6 157.240.20.35 32934 (FACEBOOK)
2 172.217.16.130 15169 (GOOGLE)
1 142.250.185.161 15169 (GOOGLE)
1 104.17.168.114 13335 (CLOUDFLAR...)
2 104.17.169.114 13335 (CLOUDFLAR...)
3 151.101.193.108 54113 (FASTLY)
3 2.18.234.21 16625 (AKAMAI-AS)
3 20.84.22.197 8075 (MICROSOFT...)
8 104.16.18.94 13335 (CLOUDFLAR...)
2 2.16.186.27 20940 (AKAMAI-ASN1)
1 142.250.185.134 15169 (GOOGLE)
3 7 77.88.21.119 13238 (YANDEX)
5 142.250.186.129 15169 (GOOGLE)
5 142.250.185.98 15169 (GOOGLE)
1 54.36.109.47 16276 (OVH)
1 34.120.133.55 15169 (GOOGLE)
1 76.223.111.131 16509 (AMAZON-02)
1 2 149.5.244.199 174 (COGENT-174)
10 185.64.189.226 62713 (AS-PUBMATIC)
5 13.107.213.45 8068 (MICROSOFT...)
1 69.16.175.10 20446 (HIGHWINDS3)
1 216.58.212.142 15169 (GOOGLE)
1 13.76.245.96 8075 (MICROSOFT...)
292 72
40    104.18.12.80 (United States)

ASN13335 (CLOUDFLARENET, US)
www.nst.com.my
assets.nst.com.my
21    142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
fonts.googleapis.com
1    104.16.95.65 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
4    2.16.186.10 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-10.deploy.static.akamaitechnologies.com
player.ivideosmart.com
2    2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
8    104.75.88.126 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
api-public.addthis.com
1    104.18.18.113 (United States)

ASN13335 (CLOUDFLARENET, US)
podcast.mediaprimalabs.com
1    13.225.78.37 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-37.fra2.r.cloudfront.net
tags.crwdcntrl.net
4    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
5    2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    216.58.212.136 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f8.1e100.net
www.googletagmanager.com
2    52.209.129.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googletagservices.com
6    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net
www.google-analytics.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googleadservices.com
2    13.224.190.164 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-190-164.fra2.r.cloudfront.net
static.chartbeat.com
9    13.225.78.101 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-101.fra2.r.cloudfront.net
sb.scorecardresearch.com
3001496-new-straits-times.cf.ivideosmart.com
4    157.240.20.19 (United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
2    104.212.67.232 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: zrhr3.msedge.net
www.clarity.ms
1    2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
1    2.18.232.28 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
16    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
securepubads.g.doubleclick.net
3    104.17.171.114 (United States)

ASN13335 (CLOUDFLARENET, US)
newstraitstimesmalaysia.api.useinsider.com
log.api.useinsider.com
1    13.224.196.32 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-32.fra2.r.cloudfront.net
ob.cheqzone.com
1    151.101.66.202 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
10    20.188.98.74 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
api.vodus.com
vodus-api-serverless.azurewebsites.net
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads.g.doubleclick.net
1    74.125.133.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f155.1e100.net
stats.g.doubleclick.net
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
2    50.16.211.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-211-97.compute-1.amazonaws.com
obs.cheqzone.com
1    54.86.215.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-215-174.compute-1.amazonaws.com
ping.chartbeat.net
1    13.225.84.38 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-38.fra2.r.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
1    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
imasdk.googleapis.com
1    13.224.196.43 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-43.fra2.r.cloudfront.net
hdrbd.ivstracker.net
1    104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
4    104.16.85.20 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    13.225.78.13 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-13.fra2.r.cloudfront.net
ivxplayer.ivideosmart.com
2    185.94.180.125 (Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
3    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
5    104.18.19.238 (United States)

ASN13335 (CLOUDFLARENET, US)
images.says.com
11    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    184.31.84.150 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
8    185.33.223.178 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
6    185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
8    35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
mediaprima-d.openx.net
eu-u.openx.net
3    70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
1    151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
6    157.240.20.35 (United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
adservice.google.com
1    142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net
7690f6bf04f3c74273fbe89bb0e7ba87.safeframe.googlesyndication.com
1    104.17.168.114 (United States)

ASN13335 (CLOUDFLARENET, US)
location.api.useinsider.com
2    104.17.169.114 (United States)

ASN13335 (CLOUDFLARENET, US)
segment.api.useinsider.com
hit.api.useinsider.com
3    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
3    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
3    20.84.22.197 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
f.clarity.ms
8    104.16.18.94 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2.16.186.27 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-27.deploy.static.akamaitechnologies.com
p-events.ivideosmart.com
1    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
s0.2mdn.net
7    77.88.21.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
5    142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net
tpc.googlesyndication.com
5    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
pagead2.googlesyndication.com
1    54.36.109.47 (Germany)

ASN16276 (OVH, FR)
PTR: p02.id5-sync.com
id5-sync.com
1    34.120.133.55 (United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    76.223.111.131 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    149.5.244.199 (Helsinki, Finland)

ASN174 (COGENT-174, US)
mc.webvisor.org
10    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
5    13.107.213.45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
voduscdn.azureedge.net
1    69.16.175.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net
code.jquery.com
1    216.58.212.142 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f14.1e100.net
apis.google.com
1    13.76.245.96 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
vodus.my
Apex Domain
Subdomains		 Transfer
40 nst.com.my
www.nst.com.my
assets.nst.com.my
2 MB
26 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
t.pubmatic.com
114 KB
22 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
134 KB
19 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
250 KB
13 ivideosmart.com
player.ivideosmart.com
ivxplayer.ivideosmart.com
p-events.ivideosmart.com
3001496-new-straits-times.cf.ivideosmart.com
559 KB
11 googlesyndication.com
7690f6bf04f3c74273fbe89bb0e7ba87.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
136 KB
11 adnxs.com
ib.adnxs.com
acdn.adnxs.com
6 KB
8 cloudflare.com
cdnjs.cloudflare.com
36 KB
8 openx.net
mediaprima-d.openx.net
eu-u.openx.net
2 KB
7 yandex.ru
mc.yandex.ru
3 KB
7 vodus.com
api.vodus.com
82 KB
7 clarity.ms
www.clarity.ms
c.clarity.ms
f.clarity.ms
24 KB
7 addthis.com
s7.addthis.com
m.addthis.com
api-public.addthis.com
218 KB
6 facebook.com
www.facebook.com
683 B
6 smartadserver.com
prg.smartadserver.com
10 KB
6 google.com
www.google.com
adservice.google.com
apis.google.com
22 KB
6 useinsider.com
newstraitstimesmalaysia.api.useinsider.com
location.api.useinsider.com
segment.api.useinsider.com
log.api.useinsider.com
hit.api.useinsider.com
91 KB
6 google-analytics.com
www.google-analytics.com
40 KB
5 azureedge.net
voduscdn.azureedge.net
51 KB
5 casalemedia.com
htlb.casalemedia.com
2 KB
5 says.com
images.says.com
653 KB
4 jsdelivr.net
cdn.jsdelivr.net
145 KB
4 facebook.net
connect.facebook.net
288 KB
4 gstatic.com
fonts.gstatic.com
67 KB
4 outbrain.com
widgets.outbrain.com
widget-pixels.outbrain.com
odb.outbrain.com
mcdp-nydc1.outbrain.com
78 KB
3 azurewebsites.net
vodus-api-serverless.azurewebsites.net
2 KB
3 indexww.com
js-sec.indexww.com
3 cheqzone.com
ob.cheqzone.com
obs.cheqzone.com
21 KB
3 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 chartbeat.com
static.chartbeat.com
mab.chartbeat.com
33 KB
3 crwdcntrl.net
tags.crwdcntrl.net
bcp.crwdcntrl.net
id.crwdcntrl.net
17 KB
2 webvisor.org
mc.webvisor.org
737 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 googleadservices.com
www.googleadservices.com
16 KB
2 googletagservices.com
www.googletagservices.com
64 KB
2 criteo.com
gum.criteo.com
626 B
1 vodus.my
vodus.my
655 B
1 jquery.com
code.jquery.com
66 KB
1 adsrvr.org
match.adsrvr.org
543 B
1 rlcdn.com
api.rlcdn.com
328 B
1 id5-sync.com
id5-sync.com
532 B
1 2mdn.net
s0.2mdn.net
17 KB
1 aralego.net
cdn.aralego.net
1 KB
1 ivstracker.net
hdrbd.ivstracker.net
87 KB
1 cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
13 KB
1 chartbeat.net
ping.chartbeat.net
201 B
1 bing.com
c.bing.com
552 B
1 addthisedge.com
v1.addthisedge.com
703 B
1 moatads.com
z.moatads.com
1 KB
1 googletagmanager.com
www.googletagmanager.com
65 KB
1 mediaprimalabs.com
podcast.mediaprimalabs.com
1 cloudflareinsights.com
static.cloudflareinsights.com
5 KB
0 aralego.com Failed
sync.aralego.com Failed
0 nstp.com.my Failed
mpdrec.nstp.com.my Failed
292 55
Domain Requested by
29 assets.nst.com.my www.nst.com.my
assets.nst.com.my
21 fonts.googleapis.com www.nst.com.my
assets.nst.com.my
voduscdn.azureedge.net
16 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.nst.com.my
11 hbopenbid.pubmatic.com ads.pubmatic.com
11 www.nst.com.my www.nst.com.my
assets.nst.com.my
static.cloudflareinsights.com
10 t.pubmatic.com ads.pubmatic.com
8 cdnjs.cloudflare.com player.ivideosmart.com
assets.nst.com.my
api.vodus.com
8 ib.adnxs.com ads.pubmatic.com
7 mc.yandex.ru 3 redirects www.nst.com.my
cdn.jsdelivr.net
7 api.vodus.com www.googletagmanager.com
www.nst.com.my
api.vodus.com
assets.nst.com.my
6 3001496-new-straits-times.cf.ivideosmart.com cdn.jsdelivr.net
6 www.facebook.com www.nst.com.my
6 prg.smartadserver.com ads.pubmatic.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.nst.com.my
5 voduscdn.azureedge.net api.vodus.com
assets.nst.com.my
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.nst.com.my
tpc.googlesyndication.com
www.googletagservices.com
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 mediaprima-d.openx.net ads.pubmatic.com
5 htlb.casalemedia.com ads.pubmatic.com
5 images.says.com
5 ads.pubmatic.com www.nst.com.my
ads.pubmatic.com
4 cdn.jsdelivr.net player.ivideosmart.com
api.vodus.com
4 connect.facebook.net www.nst.com.my
connect.facebook.net
4 fonts.gstatic.com fonts.googleapis.com
4 player.ivideosmart.com www.nst.com.my
player.ivideosmart.com
3 vodus-api-serverless.azurewebsites.net api.vodus.com
assets.nst.com.my
3 api-public.addthis.com s7.addthis.com
3 f.clarity.ms www.clarity.ms
3 eu-u.openx.net ads.pubmatic.com
3 js-sec.indexww.com ads.pubmatic.com
3 acdn.adnxs.com ads.pubmatic.com
3 www.google.com tpc.googlesyndication.com
3 sb.scorecardresearch.com 1 redirects www.nst.com.my
3 s7.addthis.com www.nst.com.my
s7.addthis.com
2 mc.webvisor.org 1 redirects www.nst.com.my
2 p-events.ivideosmart.com player.ivideosmart.com
2 adservice.google.com securepubads.g.doubleclick.net
2 log.outbrainimg.com widgets.outbrain.com
2 sync.search.spotxchange.com 1 redirects
2 obs.cheqzone.com ob.cheqzone.com
2 c.clarity.ms 1 redirects
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 newstraitstimesmalaysia.api.useinsider.com www.googletagmanager.com
newstraitstimesmalaysia.api.useinsider.com
2 www.clarity.ms www.nst.com.my
www.clarity.ms
2 static.chartbeat.com www.googletagmanager.com
www.nst.com.my
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 www.googletagservices.com www.nst.com.my
securepubads.g.doubleclick.net
2 gum.criteo.com ads.pubmatic.com
1 vodus.my assets.nst.com.my
1 apis.google.com assets.nst.com.my
1 code.jquery.com api.vodus.com
1 match.adsrvr.org ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 api.rlcdn.com ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 mcdp-nydc1.outbrain.com widgets.outbrain.com
1 s0.2mdn.net imasdk.googleapis.com
1 hit.api.useinsider.com newstraitstimesmalaysia.api.useinsider.com
1 log.api.useinsider.com
1 segment.api.useinsider.com newstraitstimesmalaysia.api.useinsider.com
1 location.api.useinsider.com newstraitstimesmalaysia.api.useinsider.com
1 7690f6bf04f3c74273fbe89bb0e7ba87.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 odb.outbrain.com widgets.outbrain.com
1 ivxplayer.ivideosmart.com player.ivideosmart.com
1 cdn.aralego.net player.ivideosmart.com
1 hdrbd.ivstracker.net player.ivideosmart.com
1 imasdk.googleapis.com player.ivideosmart.com
imasdk.googleapis.com
1 d2wy8f7a9ursnm.cloudfront.net player.ivideosmart.com
1 ping.chartbeat.net
1 c.bing.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 mab.chartbeat.com static.chartbeat.com
1 ob.cheqzone.com widgets.outbrain.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 widget-pixels.outbrain.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 z.moatads.com s7.addthis.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 www.googletagmanager.com www.nst.com.my
1 tags.crwdcntrl.net www.nst.com.my
1 podcast.mediaprimalabs.com www.nst.com.my
1 widgets.outbrain.com www.nst.com.my
1 static.cloudflareinsights.com www.nst.com.my
0 sync.aralego.com Failed cdn.aralego.net
0 mpdrec.nstp.com.my Failed assets.nst.com.my
292 86

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com
Subject Issuer Validity Valid
nst.com.my
Cloudflare Inc ECC CA-3		 2021-08-31 -
2022-08-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
player-objects.ivideosmart.com
R3		 2021-08-18 -
2021-11-16		 3 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
mediaprimalabs.com
Cloudflare Inc ECC CA-3		 2021-08-30 -
2022-08-29		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-04 -
2021-11-02		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-01 -
2022-06-01		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2021-05-04 -
2022-05-09		 a year crt.sh
useinsider.com
Cloudflare Inc ECC CA-3		 2021-09-20 -
2022-09-19		 a year crt.sh
*.cheqzone.com
Amazon		 2021-02-21 -
2022-03-22		 a year crt.sh
api.vodus.com
R3		 2021-09-20 -
2021-12-19		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
c.msn.com
Microsoft Azure TLS Issuing CA 02		 2021-06-27 -
2022-06-22		 a year crt.sh
obs.cheqzone.com
R3		 2021-10-06 -
2022-01-04		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.ivstracker.net
Amazon		 2020-12-26 -
2022-01-24		 a year crt.sh
*.ivideosmart.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-05 -
2022-05-05		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.cf.ivideosmart.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
mc.webvisor.com
Yandex CA		 2021-08-20 -
2022-02-11		 6 months crt.sh
*.azureedge.net
Microsoft Azure TLS Issuing CA 01		 2021-10-03 -
2022-09-28		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.azurewebsites.net
Microsoft RSA TLS CA 02		 2021-07-07 -
2022-07-07		 a year crt.sh
vodus.my
R3		 2021-08-16 -
2021-11-14		 3 months crt.sh

This page contains 27 frames:

Primary Page: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Frame ID: 571E4847CE1D2D1328C46DED9962C801
Requests: 267 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 9D296C9E17290276E30665B0F8D33F79
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: C031C6D0A8499797C0ED6176407436BD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: C37798BCEB01DFEADF79CF378525EDF9
Requests: 2 HTTP requests in this frame

Frame: https://newstraitstimesmalaysia.api.useinsider.com/worker-new.html
Frame ID: 676AB109E668BCCADBD5352BF2131278
Requests: 1 HTTP requests in this frame

Frame: https://7690f6bf04f3c74273fbe89bb0e7ba87.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CC63A49F0B1F18819DBEFAC936265FA6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4E085C9981852F05E92717F8261D9108
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 39082B65ABB2643BBC6AF5BCAAC3E5E8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 66BFBF3C1702858F8B69F329E8338958
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: ACEEF9390045FEFD2CFE3588D9A9F7D6
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E82F20D854CCCF55D7D39786AA782F12
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=535b807e-a2d6-4c96-90c9-88f2121114ef&gdpr=0
Frame ID: 90F23435933D92BB7B22434D543AA21F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 39B00091730910E65B28FEFDB218E769
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7B4222E154BC52BDADBFB6D65C2A96DE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BA1498C50A655A90ACA4BB9613F1A32F
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=535b807e-a2d6-4c96-90c9-88f2121114ef&gdpr=0
Frame ID: CCF14F851D2C47220774776A7FBEDD46
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 05F707413E29DD13B5E9E4F848A25B81
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=535b807e-a2d6-4c96-90c9-88f2121114ef&gdpr=0
Frame ID: 2E010601D240B8E44282F71B259F6F59
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9F44F88D4AA27CAC657126E0C8C851CB
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html
Frame ID: F8188A9FB3641DA184DBC31819A55D7A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8130E5F30A7449029024E61579645185
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 647A6DEC57B68E80A641634B991A10AB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 213AC65BB458BCCD7072C86CE0F709CD
Requests: 2 HTTP requests in this frame

Frame: https://api.vodus.com/thirdparty-cookie-check-complete.html
Frame ID: 06595ADD0ECE14F7EEB32213DBAC821C
Requests: 2 HTTP requests in this frame

Frame: https://api.vodus.com/v1/token/serverless?partnerCode=
Frame ID: 0346AD2AC3F9C7EFE121E2FD47724B7C
Requests: 2 HTTP requests in this frame

Frame: https://vodus.my//token/create-temporary-points?token=eTltTFFtc2tGY2k1RWE1K1pURGtBWUJHOTYxWkRiWHovVGVmSGxkMzJ2SmRYY2ZJOWN3RzV3d1Z2b2U2OHFqZUd0TU9DMWlaa2xzWU45Z09IYUUvMjk5NXVCNlE2b0RjOFc0bEpYRmFsYjA9
Frame ID: C42C19A385639A0D01F5748202DD6D67
Requests: 1 HTTP requests in this frame

Frame: https://api.vodus.com//v1/token/sync?token=eTltTFFtc2tGY2k1RWE1K1pURGtBWUJHOTYxWkRiWHovVGVmSGxkMzJ2SmRYY2ZJOWN3RzV3d1Z2b2U2OHFqZUd0TU9DMWlaa2xzWU45Z09IYUUvMjk5NXVCNlE2b0RjOFc0bEpYRmFsYjA9
Frame ID: C30EB699BB7F658B903F79A55F35BBB7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • <meta[^>]*google-signin-client_id
  • <meta[^>]*google-signin-scope
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /fingerprintjs@(\d)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • api\.useinsider\.\w+/
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • cdn\.jsdelivr\.net/npm/yandex\-metrica\-watch/watch\.js
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

292
Requests

98 %
HTTPS

0 %
IPv6

55
Domains

86
Subdomains

72
IPs

10
Countries

5460 kB
Transfer

11470 kB
Size

77
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://sb.scorecardresearch.com/b?c1=2&c2=6034955&ns__t=1635226124098&ns_c=UTF-8&cv=3.5&c8=Russian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&c7=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&ns__t=1635226124098&ns_c=UTF-8&cv=3.5&c8=Russian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&c7=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&c9=
Request Chain 75
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=F5DF8D5480E54E73843D8FEAB43062D7&RedC=c.clarity.ms&MXFR=212590E0977060BE1425803C93706EB0 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=F5DF8D5480E54E73843D8FEAB43062D7&MUID=004281E472716277313491387333634D
Request Chain 89
  • https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1&__user_check__=1&sync_id=96808471-361d-11ec-a063-1ee5b9e10306
Request Chain 94
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845503338/?random=1360627484&cv=9&fst=1635226124222&num=1&value=0&label=rqiqCNqRqtsCEOq2lZMD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&tiba=Russian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&auid=967178468.1635226124&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=DJJ3Yd_GHJKtgAeLm4KACQ&sscte=1&crd=&eitems=ChEI8KvZiwYQo-KzneXrytuMARIdAAU0I5V4wPkxYfthkw4-hiJlk0zvRwrZFDhzsQo HTTP 302
  • https://www.google.com/pagead/1p-conversion/845503338/?random=1360627484&cv=9&fst=1635226124222&num=1&value=0&label=rqiqCNqRqtsCEOq2lZMD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&tiba=Russian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&auid=967178468.1635226124&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=DJJ3Yd_GHJKtgAeLm4KACQ&cid=CAQSKQCNIrLMulWgWb6yFhyAUTpFJfunAX6zERObSeczTzdHDdCR2fmBgSUe&eitems=ChEI8KvZiwYQo-KzneXrytuMARIdAAU0I5VP7M9mT-uPzRsBt8LOjphSG0v5EQPb7oo&random=3821253805&resp=GooglemKTybQhCsO
Request Chain 189
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyyr48ospah85ar%3Afp%3A1048%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A2%3Adp%3A0%3Als%3A8729165474%3Ahid%3A253787053%3Az%3A0%3Ai%3A202101026052845%3Aet%3A1635226126%3Ac%3A1%3Arn%3A660572560%3Arqn%3A1%3Au%3A1635226126732349688%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635226122394%3Ads%3A18%2C37%2C809%2C75%2C0%2C0%2C%2C77%2C0%2C1171%2C1171%2C2%2C1049%3Adsn%3A18%2C37%2C809%2C75%2C0%2C0%2C%2C5%2C0%2C1170%2C1170%2C3%2C1049%3Aco%3A0%3Ast%3A1635226126&t=gdpr(14)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyyr48ospah85ar%3Afp%3A1048%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A2%3Adp%3A0%3Als%3A8729165474%3Ahid%3A253787053%3Az%3A0%3Ai%3A202101026052845%3Aet%3A1635226126%3Ac%3A1%3Arn%3A660572560%3Arqn%3A1%3Au%3A1635226126732349688%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635226122394%3Ads%3A18%2C37%2C809%2C75%2C0%2C0%2C%2C77%2C0%2C1171%2C1171%2C2%2C1049%3Adsn%3A18%2C37%2C809%2C75%2C0%2C0%2C%2C5%2C0%2C1170%2C1170%2C3%2C1049%3Aco%3A0%3Ast%3A1635226126&t=gdpr%2814%29ti%282%29
Request Chain 190
  • https://mc.yandex.ru/watch/49007009?wmode=7&page-url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyyr48ospah85ar%3Afp%3A1048%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A294707275812%3Ahid%3A253787053%3Az%3A0%3Ai%3A202101026052845%3Aet%3A1635226126%3Ac%3A1%3Arn%3A528232888%3Arqn%3A1%3Au%3A1635226126732349688%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635226122394%3Ads%3A18%2C37%2C809%2C75%2C0%2C0%2C%2C77%2C0%2C1171%2C1171%2C2%2C1049%3Adsn%3A18%2C37%2C809%2C75%2C0%2C0%2C%2C5%2C0%2C1170%2C1170%2C3%2C1049%3Aco%3A0%3Arqnl%3A1%3Ast%3A1635226126%3At%3ARussian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&t=gdpr(14)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/49007009/1?wmode=7&page-url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyyr48ospah85ar%3Afp%3A1048%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A294707275812%3Ahid%3A253787053%3Az%3A0%3Ai%3A202101026052845%3Aet%3A1635226126%3Ac%3A1%3Arn%3A528232888%3Arqn%3A1%3Au%3A1635226126732349688%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635226122394%3Ads%3A18%2C37%2C809%2C75%2C0%2C0%2C%2C77%2C0%2C1171%2C1171%2C2%2C1049%3Adsn%3A18%2C37%2C809%2C75%2C0%2C0%2C%2C5%2C0%2C1170%2C1170%2C3%2C1049%3Aco%3A0%3Arqnl%3A1%3Ast%3A1635226126%3At%3ARussian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&t=gdpr%2814%29ti%282%29
Request Chain 224
  • https://mc.webvisor.org/sync_cookie_image_check?t=ti(4) HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9438.64QX4h12bhtW1zd124BXTp_OkAEpPJoWHWYX_gtncGCHn0PSmLhKOdgDw-UvinzT.mTrLWkwjdRXH4VZCLsTB__suwXg%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9438.1p7dk8evvmNFL6BE0ybIhAgQbZgna6t6IsOaZXBTGZwx1XYN6qLLK7ty7NIaO4WBzvWG_yIk2HlIIRSi5kcouYx4przHwsLsW5J6E5zflOs%2C.YSo252YCPVbF6U2FnlR816TvMHw%2C

292 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request russian-hackers-behind-fresh-us-cyberattack-microsoft
www.nst.com.my/world/world/2021/10/739628/ 		61 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.25
Resource Hash
4dabd1b9630e605dca0078d805fff2b99121cfb2d3fb3f4b2ff309f47fb060dd
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.nst.com.my
:scheme
https
:path
/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 26 Oct 2021 05:28:43 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.25
cache-control
no-cache, private
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src=*
via
1.1 google
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6a414862abbff9d6-PRG
content-encoding
br
app.js
assets.nst.com.my/assets/js/desktop/ 		1 MB
316 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56134bdb4b4108a798f7a820f4d8e4bf7df4c7a3150f9e61e6c5f4c9c783d436

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:43 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1634537070
age
79086
x-guploader-uploadid
ADPycdsLE9Zz8nEfy33x7CFjSF89BC9Ar5nIKwxCxrANp-8bn1pi9PiT5mBqY33aMrdhd0e8bzpbolaVoT7cnzp9tlFXfJUCFQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
expires
Tue, 26 Oct 2021 06:28:43 GMT
last-modified
Mon, 18 Oct 2021 06:04:38 GMT
server
cloudflare
etag
W/"4bac2d8a48f451c792e94891fa8dd6c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=KDliQg==, md5=S6wtikj0UceS6UiR+o3WxA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1634537078274486
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
1083110
cf-ray
6a4148681fbbf9d6-PRG
cf-bgj
minify
css
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:500,500i|Roboto:400,400i,500,500i,700,700i&display=swap
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
6b685959b75a7053c70278505ebd718fa6a1af70ed0acf2dc418fbb70ae35192
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 04:41:49 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:43 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:43 GMT
libraries.css
assets.nst.com.my/assets/css/ 		92 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.nst.com.my/assets/css/libraries.css?id=7979572225756f8aee4c
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eb5e61cae897b70f29ed1ae87775f171cd4c40bbb1d337086443b9bde31090a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:43 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1633679507
age
343436
x-guploader-uploadid
ADPycdsn7HACQnoAayO32fz6cTRz6_C5r1tSQGKf7zc-0vjeIvFe5179LJG9fuKG3G-4NktSEDQV0oN8e24i_qIxZNw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/css
last-modified
Fri, 08 Oct 2021 07:51:51 GMT
server
cloudflare
etag
W/"0e735ddc863af455893937f6c53a4344"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=C86+YQ==, md5=DnNd3IY69FWJOTf2xTpDRA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1633679511295186
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
94124
cf-ray
6a4148681fb8f9d6-PRG
expires
Tue, 26 Oct 2021 06:28:43 GMT
app.css
assets.nst.com.my/assets/css/desktop/ 		177 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.nst.com.my/assets/css/desktop/app.css?id=034cf64420e39793da0b
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af25308f5b720e91d96b9c79c2a2bcbcbb1051b4b5f08233b4e48fc992d1a8aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:43 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1634368864
age
248115
x-guploader-uploadid
ADPycdsdT4m8CWE3sgGaS2RDLvlV8PFtzNT87jNKzErufhrgGjbVsvwNGu2ykyxMXxJR2GYIUbAOwOkapfS6ffadqEM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/css
last-modified
Sat, 16 Oct 2021 07:21:11 GMT
server
cloudflare
etag
W/"034cf64420e39793da0bf7564de1ac84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=ofJP+A==, md5=A0z2RCDjl5PaC/dWTeGshA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1634368871008691
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
180902
cf-ray
6a4148681fbaf9d6-PRG
expires
Tue, 26 Oct 2021 06:28:43 GMT
footer-logo.png
assets.nst.com.my/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/assets/footer-logo.png?id=ece9a04a00702b02644c
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a40717c9e66d212c9a11f312c0a2f56a77bf497b1214433d2c846175724e35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:43 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1633679505
age
315425
cf-polished
origFmt=png, origSize=7268
x-guploader-uploadid
ADPycdtLduXX2BFV0XiDlGcuOQAcyHVQElq6s5S_piR-D6ocKVejQexkHAII1SXQQ6hgI-zAirTNp1WHg7oVfxzutNrA5mWGyA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="footer-logo.webp"
content-type
image/webp
content-length
3110
expires
Tue, 26 Oct 2021 06:28:43 GMT
last-modified
Fri, 08 Oct 2021 07:51:51 GMT
server
cloudflare
content-language
en
etag
"405025c65ccac784f8ff10c3c2f47936"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=HA6VWg==, md5=QFAlxlzKx4T4/xDDwvR5Ng==
x-goog-generation
1633679511704223
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
7268
accept-ranges
bytes
cf-ray
6a4148683fd2f9d6-PRG
cf-bgj
imgq:85,h2pri
NSTMobile.png
assets.nst.com.my/assets/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/assets/NSTMobile.png?id=9fe622a75ca078d5fefd
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
164e25b728d69e104cff2679fdbe9f1bb302c63b0d48954316019b1901747bb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:43 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1633679505
age
315424
cf-polished
origFmt=png, origSize=5940
x-guploader-uploadid
ADPycdudvLSemtEsRs5J8b3eecrBGyDVk-98teF3XtSWOIHuYlTjGLQTmChmGJbFAFf3gmggb4vg9tZEvCgfwhS_5Sg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="NSTMobile.webp"
content-type
image/webp
content-length
4794
expires
Tue, 26 Oct 2021 06:28:43 GMT
last-modified
Fri, 08 Oct 2021 07:51:49 GMT
server
cloudflare
content-language
en
etag
"4da7836aca91e22c5a5d55fc4679cd8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=WLsoNw==, md5=TaeDasqR4ixaXVX8RnnNjA==
x-goog-generation
1633679509703097
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
5940
accept-ranges
bytes
cf-ray
6a4148683fd4f9d6-PRG
cf-bgj
imgq:85,h2pri
icon-ios.png
assets.nst.com.my/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/assets/icon-ios.png?id=665d27c9e319c53c91c4
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbaaaac62efda76a2053d058c682c09fa801ecf1f7eb8967c3ea9c40c6375258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:43 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1633679505
age
315424
cf-polished
origFmt=png, origSize=4214
x-guploader-uploadid
ADPycdv1poMgymO3I_1WKClzNPltJCfHsXBO1YqeEtrDvqwRQxIt_34hjf6f65Qvclo3960erVSeFREBmVS6OJF93SA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="icon-ios.webp"
content-type
image/webp
content-length
1160
expires
Tue, 26 Oct 2021 06:28:43 GMT
last-modified
Fri, 08 Oct 2021 07:51:52 GMT
server
cloudflare
content-language
en
etag
"6cc153bb0ef1523ef0372097becf2374"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=ZsGvHQ==, md5=bMFTuw7xUj7wNyCXvs8jdA==
x-goog-generation
1633679511971299
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
4214
accept-ranges
bytes
cf-ray
6a4148683fd6f9d6-PRG
cf-bgj
imgq:85,h2pri
icon-android.png
assets.nst.com.my/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/assets/icon-android.png?id=0dba54f322386f13020e
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
762b993a82d1c3c930d86f222059b0bbcd0faba40f0e7d4b34799bcc3cca0e7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:43 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1633679505
age
315424
cf-polished
origFmt=png, origSize=3997
x-guploader-uploadid
ADPycdtPZxxW0sFDNzqD56t9EvMZkpKbHbUzvAUJ9DyjPMGbmfuLr98pEGZuiHPT-X7vxvggUYjEjjFE5ZFkqtUXjxWZVK2YxA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="icon-android.webp"
content-type
image/webp
content-length
1256
expires
Tue, 26 Oct 2021 06:28:43 GMT
last-modified
Fri, 08 Oct 2021 07:51:51 GMT
server
cloudflare
content-language
en
etag
"dbf7ab667897f3d44189ffc5843da36c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=FL0LtA==, md5=2/erZniX89RBif/FhD2jbA==
x-goog-generation
1633679511799433
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
3997
accept-ranges
bytes
cf-ray
6a4148684fe5f9d6-PRG
cf-bgj
imgq:85,h2pri
icon-appgallery.png
assets.nst.com.my/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/assets/icon-appgallery.png?id=d55a059ee197739a02c2
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca36f873de4179ff98881f5ffe29fab13c4a0327bc5539347bb4d671609b156d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:43 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1633679505
age
315424
cf-polished
origFmt=png, origSize=3546
x-guploader-uploadid
ADPycdt-p8o9aZR5MA2c8mhIfi-PctMC2zIoPWioxZQ8LvXrOoeBKPlcZfbtcLI10TzdN6K6emKWnppqpohAEqdiiUcBwovqbw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="icon-appgallery.webp"
content-type
image/webp
content-length
1536
expires
Tue, 26 Oct 2021 06:28:43 GMT
last-modified
Fri, 08 Oct 2021 07:51:51 GMT
server
cloudflare
content-language
en
etag
"d783784cf464b5b735579a5c0ca3cb02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=u47lFg==, md5=14N4TPRktbc1V5pcDKPLAg==
x-goog-generation
1633679511861591
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
3546
accept-ranges
bytes
cf-ray
6a4148686ff8f9d6-PRG
cf-bgj
imgq:85,h2pri
NSTepaper.png
assets.nst.com.my/assets/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/assets/NSTepaper.png?id=59aa315f4b824baf1640
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4325234993fd7fca892b655018e0f70a51582869cb038cfdebe0576bc4154fa8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:43 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1633679505
age
315424
cf-polished
origFmt=png, origSize=5475
x-guploader-uploadid
ADPycdusSf5jK-GEUNTJEDGMvKoiUcqLoSWyzZpVkVJ-NfFP7XtaXCfrfVrPoG7oZgdLWfzfPUjvfeNOPDIcowuYUq4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="NSTepaper.webp"
content-type
image/webp
content-length
4188
expires
Tue, 26 Oct 2021 06:28:43 GMT
last-modified
Fri, 08 Oct 2021 07:51:50 GMT
server
cloudflare
content-language
en
etag
"3c4ed95ab09b55b608264f3313031d04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=nISxHg==, md5=PE7ZWrCbVbYIJk8zEwMdBA==
x-goog-generation
1633679509993947
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
5475
accept-ranges
bytes
cf-ray
6a414868880af9d6-PRG
cf-bgj
imgq:85,h2pri
rocket-loader.min.js
www.nst.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nst.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.nst.com.my
referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 12:26:29 GMT
server
cloudflare
etag
W/"616eb975-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800 public
cf-ray
6a4148683fdaf9d6-PRG
vary
Accept-Encoding
expires
Thu, 28 Oct 2021 05:28:43 GMT
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:43 GMT
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 22:23:12 GMT
server
cloudflare
etag
W/2021.9.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6a4148688b014137-PRG
css
fonts.googleapis.com/ 		2 KB
577 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/css/desktop/app.css?id=034cf64420e39793da0b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
92e84db6987ce882afbf7bf6a990760008eb6f08af890a00b0ee7f1301e5f7d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 03:52:28 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:43 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:43 GMT
loader.js
player.ivideosmart.com/ivsplayer/v4/dist/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
adbd2d20a9543ad40a5a66a187209902d1013e67b569fbee9bac3f7d9dafc474

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 26 Oct 2021 05:28:43 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
LHR61-C2
Connection
keep-alive
Akamai-Mon-Iucid-Del
1125181
Content-Length
2923
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Fri, 15 Oct 2021 04:06:38 GMT
Server
AmazonS3
ETag
W/"a13aa5b57d25ceda2ed7ea95f92c6a80"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
FZVf6z0VcW_13CPJtsMXgwA1fBJ9q3PYa2e50rzF-CuGRYLP12Gw6Q==
outbrain.js
widgets.outbrain.com/ 		189 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f99580135a88896363c691eb4a5c8d00351e120484fdd120dd29bc9202713db9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:43 GMT
content-encoding
gzip
last-modified
Sun, 24 Oct 2021 16:01:48 GMT
etag
W/"2f334-ThR9gFmwKveQhPMkCyyJAOt/Sjc"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah-stg
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
40b4f3cf17ddf790fbbdd9c4dab61c91
timing-allow-origin
*, *
content-length
64171
expires
Tue, 26 Oct 2021 09:28:43 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Tue, 26 Oct 2021 05:28:43 GMT
x-host
s7.addthis.com
content-length
116325
index.js
podcast.mediaprimalabs.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://podcast.mediaprimalabs.com/index.js
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-expose-headers
*
lt.min.js
tags.crwdcntrl.net/lt/c/7270/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/7270/lt.min.js
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9809cf3cdac218fd53416478f37f4490e1b848d1a1000dc2ee5b16abf672c619

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 26 Oct 2021 02:21:14 GMT
content-encoding
gzip
last-modified
Tue, 26 Oct 2021 02:15:31 GMT
server
AmazonS3
age
11250
etag
W/"fed221f0ac94b119c9e14637db0f46b6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
M8KQ0nEjFxUk8hu-gQi0LmxSggIvuUrtnxVL9v1tcgocIjHEhp8VHw==
icofont.woff2
assets.nst.com.my/assets/css/fonts/ 		525 KB
527 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.nst.com.my/assets/css/fonts/icofont.woff2
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/css/libraries.css?id=7979572225756f8aee4c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1

Request headers

Referer
https://assets.nst.com.my/assets/css/libraries.css?id=7979572225756f8aee4c
Origin
https://www.nst.com.my
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:43 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1633679505
age
343098
x-guploader-uploadid
ADPycdugxZFZlAKr5w2k7yc0l6XbAIKzn8G5Xdr8Mmudq-6y5oPTgrviJIhPpy9UBktbx26xxnF9G5ukspDEeCuZIDY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/octet-stream
content-length
537868
last-modified
Fri, 08 Oct 2021 07:51:51 GMT
server
cloudflare
etag
"50a4ab76e700a83e649be213f820fbbd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=i3BDpQ==, md5=UKSrducAqD5km+IT+CD7vQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1633679511331969
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
537868
accept-ranges
bytes
cf-ray
6a414868de9c27a0-PRG
expires
Tue, 26 Oct 2021 06:28:43 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,500i|Roboto:400,400i,500,500i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nst.com.my
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:57:55 GMT
x-content-type-options
nosniff
age
354648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19868
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:31 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Oct 2022 02:57:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,500i|Roboto:400,400i,500,500i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nst.com.my
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 17:27:37 GMT
x-content-type-options
nosniff
age
43266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 25 Oct 2022 17:27:37 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,500i|Roboto:400,400i,500,500i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nst.com.my
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 17:36:17 GMT
x-content-type-options
nosniff
age
388346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 17:36:17 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/121793/360/ 		370 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
60ae7042861cf43c2e66c97bc534e2fe493d9d64b6fd6313845627429c01d6e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:43 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 05:06:16 GMT
server
Apache/2.2.15 (CentOS)
etag
"13e0b10-5c88e-5cd2f680ef344"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=107839
accept-ranges
bytes
content-type
text/javascript
content-length
114482
expires
Wed, 27 Oct 2021 11:26:02 GMT
gtm.js
www.googletagmanager.com/ 		215 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TF3NG6
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e0034c436625653fddeda1284739402f2237dd48533a17cf92585725cde07d28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
65630
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Oct 2021 05:28:43 GMT
data
bcp.crwdcntrl.net/6/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/7270/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e0b6a43356cf66c59980d2ad8dcf09d41c04fb219a422fd4ad6c8fa4fed7a898

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:43 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache
x-server
10.45.2.140
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
1886
expires
0
footer-logo.png
assets.nst.com.my/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/assets/footer-logo.png?id=ece9a04a00702b02644c
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a40717c9e66d212c9a11f312c0a2f56a77bf497b1214433d2c846175724e35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1633679505
age
315426
cf-polished
origFmt=png, origSize=7268
x-guploader-uploadid
ADPycdtLduXX2BFV0XiDlGcuOQAcyHVQElq6s5S_piR-D6ocKVejQexkHAII1SXQQ6hgI-zAirTNp1WHg7oVfxzutNrA5mWGyA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="footer-logo.webp"
content-type
image/webp
content-length
3110
expires
Tue, 26 Oct 2021 06:28:44 GMT
last-modified
Fri, 08 Oct 2021 07:51:51 GMT
server
cloudflare
content-language
en
etag
"405025c65ccac784f8ff10c3c2f47936"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=HA6VWg==, md5=QFAlxlzKx4T4/xDDwvR5Ng==
x-goog-generation
1633679511704223
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
7268
accept-ranges
bytes
cf-ray
6a41486af9e5f9d6-PRG
cf-bgj
imgq:85,h2pri
NSTMobile.png
assets.nst.com.my/assets/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/assets/NSTMobile.png?id=9fe622a75ca078d5fefd
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
164e25b728d69e104cff2679fdbe9f1bb302c63b0d48954316019b1901747bb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1633679505
age
315425
cf-polished
origFmt=png, origSize=5940
x-guploader-uploadid
ADPycdudvLSemtEsRs5J8b3eecrBGyDVk-98teF3XtSWOIHuYlTjGLQTmChmGJbFAFf3gmggb4vg9tZEvCgfwhS_5Sg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="NSTMobile.webp"
content-type
image/webp
content-length
4794
expires
Tue, 26 Oct 2021 06:28:44 GMT
last-modified
Fri, 08 Oct 2021 07:51:49 GMT
server
cloudflare
content-language
en
etag
"4da7836aca91e22c5a5d55fc4679cd8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=WLsoNw==, md5=TaeDasqR4ixaXVX8RnnNjA==
x-goog-generation
1633679509703097
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
5940
accept-ranges
bytes
cf-ray
6a41486af9e6f9d6-PRG
cf-bgj
imgq:85,h2pri
icon-ios.png
assets.nst.com.my/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/assets/icon-ios.png?id=665d27c9e319c53c91c4
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbaaaac62efda76a2053d058c682c09fa801ecf1f7eb8967c3ea9c40c6375258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1633679505
age
315425
cf-polished
origFmt=png, origSize=4214
x-guploader-uploadid
ADPycdv1poMgymO3I_1WKClzNPltJCfHsXBO1YqeEtrDvqwRQxIt_34hjf6f65Qvclo3960erVSeFREBmVS6OJF93SA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="icon-ios.webp"
content-type
image/webp
content-length
1160
expires
Tue, 26 Oct 2021 06:28:44 GMT
last-modified
Fri, 08 Oct 2021 07:51:52 GMT
server
cloudflare
content-language
en
etag
"6cc153bb0ef1523ef0372097becf2374"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=ZsGvHQ==, md5=bMFTuw7xUj7wNyCXvs8jdA==
x-goog-generation
1633679511971299
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
4214
accept-ranges
bytes
cf-ray
6a41486af9e7f9d6-PRG
cf-bgj
imgq:85,h2pri
icon-android.png
assets.nst.com.my/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/assets/icon-android.png?id=0dba54f322386f13020e
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
762b993a82d1c3c930d86f222059b0bbcd0faba40f0e7d4b34799bcc3cca0e7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1633679505
age
315425
cf-polished
origFmt=png, origSize=3997
x-guploader-uploadid
ADPycdtPZxxW0sFDNzqD56t9EvMZkpKbHbUzvAUJ9DyjPMGbmfuLr98pEGZuiHPT-X7vxvggUYjEjjFE5ZFkqtUXjxWZVK2YxA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="icon-android.webp"
content-type
image/webp
content-length
1256
expires
Tue, 26 Oct 2021 06:28:44 GMT
last-modified
Fri, 08 Oct 2021 07:51:51 GMT
server
cloudflare
content-language
en
etag
"dbf7ab667897f3d44189ffc5843da36c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=FL0LtA==, md5=2/erZniX89RBif/FhD2jbA==
x-goog-generation
1633679511799433
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
3997
accept-ranges
bytes
cf-ray
6a41486af9e8f9d6-PRG
cf-bgj
imgq:85,h2pri
icon-appgallery.png
assets.nst.com.my/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/assets/icon-appgallery.png?id=d55a059ee197739a02c2
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca36f873de4179ff98881f5ffe29fab13c4a0327bc5539347bb4d671609b156d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1633679505
age
315425
cf-polished
origFmt=png, origSize=3546
x-guploader-uploadid
ADPycdt-p8o9aZR5MA2c8mhIfi-PctMC2zIoPWioxZQ8LvXrOoeBKPlcZfbtcLI10TzdN6K6emKWnppqpohAEqdiiUcBwovqbw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="icon-appgallery.webp"
content-type
image/webp
content-length
1536
expires
Tue, 26 Oct 2021 06:28:44 GMT
last-modified
Fri, 08 Oct 2021 07:51:51 GMT
server
cloudflare
content-language
en
etag
"d783784cf464b5b735579a5c0ca3cb02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=u47lFg==, md5=14N4TPRktbc1V5pcDKPLAg==
x-goog-generation
1633679511861591
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
3546
accept-ranges
bytes
cf-ray
6a41486af9e9f9d6-PRG
cf-bgj
imgq:85,h2pri
NSTepaper.png
assets.nst.com.my/assets/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/assets/NSTepaper.png?id=59aa315f4b824baf1640
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4325234993fd7fca892b655018e0f70a51582869cb038cfdebe0576bc4154fa8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1633679505
age
315425
cf-polished
origFmt=png, origSize=5475
x-guploader-uploadid
ADPycdusSf5jK-GEUNTJEDGMvKoiUcqLoSWyzZpVkVJ-NfFP7XtaXCfrfVrPoG7oZgdLWfzfPUjvfeNOPDIcowuYUq4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="NSTepaper.webp"
content-type
image/webp
content-length
4188
expires
Tue, 26 Oct 2021 06:28:44 GMT
last-modified
Fri, 08 Oct 2021 07:51:50 GMT
server
cloudflare
content-language
en
etag
"3c4ed95ab09b55b608264f3313031d04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=nISxHg==, md5=PE7ZWrCbVbYIJk8zEwMdBA==
x-goog-generation
1633679509993947
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
5475
accept-ranges
bytes
cf-ray
6a41486af9ebf9d6-PRG
cf-bgj
imgq:85,h2pri
NST-Logo.png
assets.nst.com.my/assets/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/assets/NST-Logo.png?id=e8c11e9a69c90c7834aa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
189cd4000dc90e8b2ce95089c9b360465ede5611242a8fbaf33c08d6db1dbace

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1633679505
age
315423
cf-polished
origFmt=png, origSize=7702
x-guploader-uploadid
ADPycdun1-ZDaFIGGqyF5aiB-9HBq0dofGq1tfNRjqnFhYkz-UL5omDBsg69uzTh5SINcXM7HscOXw41sAm-gI82ctA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="NST-Logo.webp"
content-type
image/webp
content-length
4102
expires
Tue, 26 Oct 2021 06:28:44 GMT
last-modified
Fri, 08 Oct 2021 07:51:49 GMT
server
cloudflare
content-language
en
etag
"db7b52f68a888c95e62b096dece48274"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=SwKL7w==, md5=23tS9oqIjJXmKwlt7OSCdA==
x-goog-generation
1633679509631122
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
7702
accept-ranges
bytes
cf-ray
6a41486b0a01f9d6-PRG
cf-bgj
imgq:85,h2pri
ddudusua_1635211275.jpg
assets.nst.com.my/images/articles/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/images/articles/ddudusua_1635211275.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
173d0fa2811e259341dfe113b1af3b7b29ab7165a136b3f7d5183caf6f266b5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdttP2P2SYrD7780zpD3rCp_hGM1TpBBhQVdJiUDp3PyJUapWyL7CGouq0X23-C13K8vcwXPMI659ug0XzXJCTGnkZPjiA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
73614
last-modified
Tue, 26 Oct 2021 01:21:17 GMT
server
cloudflare
etag
"e016cd260e17fd15c82823f1c4e94fa9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=KBNepw==, md5=4BbNJg4X/RXIKCPxxOlPqQ==
x-goog-generation
1635211276998322
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
73614
accept-ranges
bytes
cf-ray
6a41486b0a02f9d6-PRG
expires
Tue, 26 Oct 2021 06:28:44 GMT
trending
www.nst.com.my/api/ 		118 KB
84 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nst.com.my/api/trending?limit=8
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.25
Resource Hash
f0e32026d7bf748f81aebc6ec1e8be7be1449e447a457b293120be942c79e2cc
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
x-response-encrypted
1
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
lotame_domain_check=nst.com.my
x-request-encrypted
1
:path
/api/trending?limit=8
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json;charset=utf-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
www.nst.com.my
referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
x-response-encrypted
1
x-request-encrypted
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-response-encrypted
1
x-powered-by
PHP/7.4.25
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
cache-control
no-cache, private
content-security-policy
default-src=*
cf-ray
6a41486b4a32f9d6-PRG
739628
www.nst.com.my/api/statistic/add/ 		0
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nst.com.my/api/statistic/add/739628
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.25
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
x-response-encrypted
1
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
lotame_domain_check=nst.com.my
x-request-encrypted
1
:path
/api/statistic/add/739628
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json;charset=utf-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
www.nst.com.my
referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
x-response-encrypted
1
x-request-encrypted
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
PHP/7.4.25
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
content-security-policy
default-src=*
cf-ray
6a41486b5a37f9d6-PRG
articles
www.nst.com.my/api/ 		97 KB
69 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nst.com.my/api/articles?page_size=6&tags=covid-19-vaccine+Vaccination+pfizer+biontech@
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.25
Resource Hash
ab3064db5604c5db6ae21d949a6edbd2ca6352152518bc87b6432ee4e68726a3
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
x-response-encrypted
1
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
lotame_domain_check=nst.com.my
x-request-encrypted
1
:path
/api/articles?page_size=6&tags=covid-19-vaccine+Vaccination+pfizer+biontech@
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json;charset=utf-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
www.nst.com.my
referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
x-response-encrypted
1
x-request-encrypted
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-response-encrypted
1
x-powered-by
PHP/7.4.25
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
cache-control
no-cache, private
content-security-policy
default-src=*
cf-ray
6a41486b5a38f9d6-PRG
trending
www.nst.com.my/api/ 		90 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nst.com.my/api/trending?limit=6
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.25
Resource Hash
ec2bf6a7a80f155c4e013762780384afc0804cdce41de7ca50682d6607e19154
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
x-response-encrypted
1
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
lotame_domain_check=nst.com.my
x-request-encrypted
1
:path
/api/trending?limit=6
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json;charset=utf-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
www.nst.com.my
referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
x-response-encrypted
1
x-request-encrypted
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-response-encrypted
1
x-powered-by
PHP/7.4.25
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
cache-control
no-cache, private
content-security-policy
default-src=*
cf-ray
6a41486b5a39f9d6-PRG
says
www.nst.com.my/api/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nst.com.my/api/says?limit=5
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.25
Resource Hash
209373112ec7c64611a0a236a1f4ef26fe0f2732d6513160e9185b98d8b6da6d
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
x-response-encrypted
1
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
lotame_domain_check=nst.com.my
x-request-encrypted
1
:path
/api/says?limit=5
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json;charset=utf-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
www.nst.com.my
referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
x-response-encrypted
1
x-request-encrypted
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-response-encrypted
1
x-powered-by
PHP/7.4.25
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
cache-control
no-cache, private
content-security-policy
default-src=*
cf-ray
6a41486b5a3af9d6-PRG
articles
www.nst.com.my/api/ 		112 KB
79 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nst.com.my/api/articles?page_size=7
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.25
Resource Hash
3b1a9ea322a63b6f0e2b915b99f0496dc7b026a068b1753d7e7287e178227923
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
x-response-encrypted
1
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
lotame_domain_check=nst.com.my
x-request-encrypted
1
:path
/api/articles?page_size=7
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json;charset=utf-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
www.nst.com.my
referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
x-response-encrypted
1
x-request-encrypted
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-response-encrypted
1
x-powered-by
PHP/7.4.25
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
cache-control
no-cache, private
content-security-policy
default-src=*
cf-ray
6a41486b5a3df9d6-PRG
739628
www.nst.com.my/api/related/ 		153 KB
108 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nst.com.my/api/related/739628?page_size=8
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.25
Resource Hash
86336b4ed2e23c85cad3232ac599703ddda1fc74e36aecd38564d6066b9d9b33
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
x-response-encrypted
1
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
lotame_domain_check=nst.com.my
x-request-encrypted
1
:path
/api/related/739628?page_size=8
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json;charset=utf-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
www.nst.com.my
referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
x-response-encrypted
1
x-request-encrypted
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

date
Tue, 26 Oct 2021 05:28:46 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
x-response-encrypted
1
x-powered-by
PHP/7.4.25
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
cache-control
no-cache, private
content-security-policy
default-src=*
cf-ray
6a41486b5a43f9d6-PRG
739628
www.nst.com.my/api/related/ 		82 KB
58 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nst.com.my/api/related/739628?page_size=4
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.25
Resource Hash
9dab05836d6330b376d4a649ab812cec030e5a1d2530097cccabb8f41605d83d
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
x-response-encrypted
1
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
lotame_domain_check=nst.com.my
x-request-encrypted
1
:path
/api/related/739628?page_size=4
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json;charset=utf-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
www.nst.com.my
referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
x-response-encrypted
1
x-request-encrypted
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
x-response-encrypted
1
x-powered-by
PHP/7.4.25
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
cache-control
no-cache, private
content-security-policy
default-src=*
cf-ray
6a41486b5a44f9d6-PRG
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.nst.com.my%2F&domain=www.nst.com.my&cw=1&lsw=1
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.nst.com.my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.nst.com.my
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1333
date
Tue, 26 Oct 2021 05:28:43 GMT
content-encoding
gzip
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		350 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.nst.com.my%2F&domain=www.nst.com.my&cw=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ad0bcf4fc728dd8c9aab8d2c72a627b67f0906698fd5130cbf8c68a254dc2a27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 26 Oct 2021 05:28:43 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2788
expires
0
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
1453bf9973d7a5f036de806193894a36df7296fac0c5b9c5ad0319bbdba87953
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 523 of 1000 / last-modified: 1635199642"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27192
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 05:28:44 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF3NG6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
5258
date
Tue, 26 Oct 2021 04:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Tue, 26 Oct 2021 06:01:06 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF3NG6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
0b52dc3851559db81b5517ed0d7f0ae732f1f758f09834c62d09c02189ca2155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14435
x-xss-protection
0
server
cafe
etag
3499052782129861849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 05:28:44 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF3NG6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.190.164 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-190-164.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
8491e6705bdb33a52dce45f3e5299aab11aa555537f6a6e869e4a0bd9af3d7be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 04:00:11 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 15:47:37 GMT
server
nginx
age
5313
etag
W/"60e71e19-5a0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
NiVI8_d9ExJqGgkihLPiXBQ7q1HtSpnCVRTeVwfj_EsfhcRESgD-Fw==
expires
Tue, 26 Oct 2021 06:00:11 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 02:32:49 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
10558
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
zqnvkmzeJYpxPnAxSohX80Zj2Wi2lKzxNaESqlMTFWpKm0c5Rqg4Eg==
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
Kc1Y7kD/+eAS8sv/Bo1mcmzCf4vC+DFpq6rA1i2uoIPUkUwIe4WEvJWEFTWOppNRMSO7qV5qBsA15XXgZmo11w==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 26 Oct 2021 05:28:44 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
56l9s1dacx
www.clarity.ms/tag/ 		597 B
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/56l9s1dacx
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.212.67.232 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
zrhr3.msedge.net
Software
/ ASP.NET
Resource Hash
2db4a24b6838d16e6ad8c006448c75ef04b6aa3b3a96c749d7b100252b6a5e0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
x-powered-by
ASP.NET
x-azure-ref
0DJJ3YQAAAACyY0h2HA8mT60KOv4RBDPLWlJIRURHRTA2MTIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=30425
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
d3d3Lm5zdC5jb20ubXk=
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3Lm5zdC5jb20ubXk=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 26 Oct 2021 05:28:44 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=29686
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
16f6ebd520e72b0cb47d72a094680dec
Content-Length
15
Expires
Tue, 26 Oct 2021 13:43:30 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=2.0433027082585586
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Thu, 25 Nov 2021 05:28:44 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6034955&ns__t=1635226124098&ns_c=UTF-8&cv=3.5&c8=Russian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&c7=https%3A%2F%2Fwww.nst.com.my%2Fwo...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&ns__t=1635226124098&ns_c=UTF-8&cv=3.5&c8=Russian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&c7=https%3A%2F%2Fwww.nst.com.my%2Fw...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&ns__t=1635226124098&ns_c=UTF-8&cv=3.5&c8=Russian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&c7=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-101.fra2.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
vUIzvOZbq3F6aEi86mEJGFVp_2vVvlUrXYbiFO620OVKCBBA-5bD3Q==

Redirect headers

date
Tue, 26 Oct 2021 05:28:44 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&ns__t=1635226124098&ns_c=UTF-8&cv=3.5&c8=Russian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&c7=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&c9=
content-length
312
x-amz-cf-id
0yvtcCLvbEsNSX9p_rLOkq8bH_2jE9ayZdrfd_i-d619pY3D_1E8Og==
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 26 Oct 2021 06:10:12 GMT
404165573531277
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/404165573531277?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
f9a2c72426ae89dbcd29f7cf81307d4a4940f643627b21bc5031276ffe058b94
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
PjrLTBisG3VjB+SSs772WRcbZm4K5nupcRSQbvmLuDDajDJi7sSKy0ovCegRObKC/bqW3UVE0I5g6ESnbUF5OA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 26 Oct 2021 05:28:44 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl_2021102101.js
securepubads.g.doubleclick.net/gpt/ 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
7746c1c5183c0461a0296140659b9c16d75cc4b274861ff009585bc1a0fc7142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
122596
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 08:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 05:28:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		183 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nst.com.my
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
c82d3cf22203ba7ff9a677ae42fe9567d8a7b0ce834456e91f7e7687a7c3aa7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
115
x-xss-protection
0
expires
Tue, 26 Oct 2021 05:28:44 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.190.164 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-190-164.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
7222bdb705a3d4af9ac5d4f1375a3709bc77578dcc0e1f3b5caf55fd14af959c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:04:09 GMT
content-encoding
gzip
last-modified
Fri, 09 Jul 2021 00:14:48 GMT
server
nginx
age
1474
etag
W/"60e794f8-11377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
ktWWFXGYH6w3azAeaOJUMonxtQErtoNjMB78HkjTlr5DFls3qdbs7Q==
expires
Tue, 26 Oct 2021 07:04:09 GMT
ins.js
newstraitstimesmalaysia.api.useinsider.com/ 		377 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newstraitstimesmalaysia.api.useinsider.com/ins.js?id=10001457
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF3NG6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.171.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb275a4170a097ee1163244167c39ff0c316fec506ce21f52fbb4af11c739f13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
br
cf-cache-status
HIT
age
2061
x-amz-request-id
5658QWC5778JGMMV
x-amz-id-2
9ZWx0177D4ZexkzkW9BeW1PpiXj8aJcOxJaGjqqUJOM+i+pSS/fV2JDxlJxHxy0qcnwlDEltzVE=
last-modified
Tue, 26 Oct 2021 01:57:51 GMT
server
cloudflare
etag
W/"c356b6c098ccfe64bf72d7bd0a522649"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=300
x-amz-version-id
uKHmxurQ21wZOJQZlpo8Y3k6WU0kkXY.
cf-ray
6a41486da8b34114-PRG
expires
Tue, 26 Oct 2021 05:33:44 GMT
bundle.js
player.ivideosmart.com/ivsplayer/v4/dist/js/ 		246 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
627d1d5f13f6055a68058845719f2775e5fe6de104b6d68c54ad1558bcbca061

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 26 Oct 2021 05:28:44 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
LHR61-C1
Connection
keep-alive
Akamai-Mon-Iucid-Del
1125181
Content-Length
69268
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Fri, 15 Oct 2021 04:06:38 GMT
Server
AmazonS3
ETag
W/"7e9aac592e9e83c4a95008561e47820a"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
uGJQo7E8pfzN3mv5lHpQYTCXc73jPeMhh8rDjLO394j6hoQOfZSqUw==
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5e2578aea74df413/ 		1 KB
703 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-5e2578aea74df413/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e24b68c44e525ab549052d6691eb27280a003523df1c6e6713cc980d4ce6f67a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
gzip
etag
1670372397--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=7, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
527
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=6177920c30764a78&bkl=0&bl=1&pdt=989&sid=6177920c30764a78&pub=ra-5e2578aea74df413&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.nst.com.my&fp=world%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=US%2CRussia%2Cit%2Capril%2CWashington%2Cespionage%2CMicrosoft%2C300%2CMoscow%2Chacking%2Chack%2CTom%20Burt%2Cxnstp%2CDan%20Ives%2CBurt%2CMSTIC%2CThreat%20Intelligence%20Center%2C000-strong&colc=1635226124176&jsl=131073&uvs=6177920cada536f2000&skipb=1&callback=addthis.cbs.jsonp__28162168130110520
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
25ff6c340c9ca854b842a8474ad3287abba48f5de15983ac999d3ec16f8fd5d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:44 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 9D29 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame C031 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s7.addthis.com
:scheme
https
:path
/static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nst.com.my/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
etag
W/"5f971164-11adc"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
26421
date
Tue, 26 Oct 2021 05:28:44 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
placement_invocation
ob.cheqzone.com/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.32 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-32.fra2.r.cloudfront.net
Software
/
Resource Hash
c76853b9b64b3fb4b4cfbd22885e4cc2e3f14918020efb69a1df8eaeeb2a3b8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 21:11:19 GMT
content-encoding
gzip
cheq_headers_order
Content-Type Cache-Control Expires Etag Content-Length Content-Encoding Date Connection
age
29845
etag
"c6e6-H+PLdQz0EEd97ZlT78HNXlxTPcM"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
FRA2-C1
content-length
19276
x-amz-cf-id
U-ZxIR75I1EwYcRIsO-nSZv1mxriY7-bkBjACo1bW8ozkBLL38D1iw==
expires
Tue, 26 Oct 2021 09:11:19 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		236 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=nst.com.my&domain=nst.com.my&path=%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
647a39224ced6f2cb726683451872eb2e0d9b9bdcfb74a197ed52883b5f3a9b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
gzip
x-cache-hits
0
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
181
x-served-by
cache-hhn4034-HHN
access-control-allow-origin
*
x-timer
S1635226124.445283,VS0,VE97
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sun, 24 Oct 2021 05:28:44 GMT
BannerModeDirectToHTML-MP.js
api.vodus.com/MediaPartners/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.vodus.com/MediaPartners/BannerModeDirectToHTML-MP.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF3NG6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.98.74 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9a70ce75334bf797f6483993e6c7563e26de663be65be43925d3b0907ceae075

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
gzip
etag
"1d78e979d3dde0e"
last-modified
Wed, 11 Aug 2021 09:59:46 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1163
rum
www.nst.com.my/cdn-cgi/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nst.com.my/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
origin
https://www.nst.com.my
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
lotame_domain_check=nst.com.my; _cc_id=b4c56f95bac52e3b10afe9f58c865b97; _cc_cc=ACZ4XmNQSDJJNjVLszRNSkw2NUo1TjI0SExLtUwztUi2MDNNsjRnAILE8kncIBoCeI5vmsLC%2BMyC4T8jI8PHz5Yw5vI%2FhTDm8aOHmGHsS6cescHYu%2FddFoCxPzTch7MPL54DN3H6CXWYkndLEMJrNjzlholP%2FDhBG8YGACWSPms%3D; _cc_aud=ABR4XmNgYGBILJ%2FEDaQggImB8cZyEJPxxlIgCQA%2FegR2; _pbjs_userid_consent_data=3524755945110770; pbjs-pubCommonId=41039164-7947-4ff4-875b-f90298ae5a0d; pageType=article; _gcl_au=1.1.967178468.1635226124; cto_bidid=Ry_4Ul9GMFh0c2p0anBoUHFrVkFMYmVEeXNsZ1VUQnlWU25qVUk1ZmNEUFR0QVFYQXJGRUQ3THZNRjQ2RW1zWUV5JTJGJTJCRkpnJTJCRG9LQjZ5b2tqRHpjNmZDeGJ6USUzRCUzRA; cto_bundle=bQTa1F9yaExFRmNGdlBJaFdKUEVESVU3QnFJOSUyQkdRMlFQQU9TNEJ6JTJCUm16QnJoTFFjdXEybHJHRjRTdk9MbXQ4JTJGeVhCem9FMWJkNkQ5ZjVLOXpTVHpPZEx0aVZwaU90ZVhuRzF4Y0VGOTB1aDhubHV2c1loQUU5VGUwaXluNkolMkI0MGwy; _ga=GA1.3.2023701743.1635226124; _gid=GA1.3.1851048285.1635226124; _cb_ls=1; __atuvc=1%7C43; __atuvs=6177920cada536f2000
content-length
11502
:path
/cdn-cgi/rum?
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
www.nst.com.my
referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.nst.com.my
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6a41486dbbf3f9d6-PRG
vary
Origin
/
www.googleadservices.com/pagead/conversion/845503338/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/845503338/?random=1635226124222&cv=9&fst=1635226124222&num=1&value=0&label=rqiqCNqRqtsCEOq2lZMD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&tiba=Russian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&auid=967178468.1635226124&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
b946d55019679e639858dd3cb561b516b0329ef2cdaa4be7e30234defa506b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1263
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/845503338/ 		43 B
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845503338/?random=1635226124231&cv=9&fst=1635226124231&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&tiba=Russian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-1357345-6&cid=2023701743.1635226124&jid=699460980&gjid=677054005&_gid=1851048285.1635226124&_u=aHBAgQAjAAAAAE~&z=650628686
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 26 Oct 2021 05:28:44 GMT
content-type
text/plain
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=629848678&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&ul=en-us&de=UTF-8&dt=Russian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Client%20ID&ea=Set%20Client%20ID&_u=aHBAgQAj~&jid=699460980&gjid=677054005&cid=2023701743.1635226124&tid=UA-1357345-6&_gid=1851048285.1635226124&gtm=GTM-TF3NG6&cd16=world&cd18=1635226123963.3rveehsd&cd19=2021-10-26T05%3A28%3A43.963%2B00%3A00&cd20=article&z=1815209200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 07:47:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78052
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=629848678&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&ul=en-us&de=UTF-8&dt=Russian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Client%20ID&ea=Set%20Client%20ID&_u=aHDAgQAjAAAAAE~&jid=&gjid=&cid=2023701743.1635226124&tid=UA-1357345-6&_gid=1851048285.1635226124&gtm=GTM-TF3NG6&cd4=not%20logged%20in&cd16=world&cd17=2023701743.1635226124&cd18=1635226124238.gtrx79ik&cd19=2021-10-26T05%3A28%3A44.238%2B00%3A00&cd20=article&z=662561291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 07:47:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78052
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/eus-b/s/0.6.24/ 		51 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus-b/s/0.6.24/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/56l9s1dacx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.212.67.232 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
zrhr3.msedge.net
Software
/ ASP.NET
Resource Hash
6bbb5e354138bdacaf7fe81409ec991637f79792f4a140480764628a993e7251

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
br
etag
"1d7c035062bca5c"
last-modified
Wed, 13 Oct 2021 13:20:00 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
public,max-age=86400
x-azure-ref
0DJJ3YQAAAADaakvoYALKRaT/IH1V1gDSWlJIRURHRTA2MTIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges
bytes
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=F5DF8D5480E54E73843D8FEAB43062D7&RedC=c.clarity.ms&MXFR=212590E0977060BE1425803C93706EB0
  • https://c.clarity.ms/c.gif?CtsSyncId=F5DF8D5480E54E73843D8FEAB43062D7&MUID=004281E472716277313491387333634D
42 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=F5DF8D5480E54E73843D8FEAB43062D7&MUID=004281E472716277313491387333634D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:44 GMT
last-modified
Thu, 14 Oct 2021 22:27:41 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"af5a8b34ac1d71:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:44 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EA3F6AF0E31B462DAA5069272F7B09BF Ref B: PRG01EDGE0807 Ref C: 2021-10-26T05:28:44Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=F5DF8D5480E54E73843D8FEAB43062D7&MUID=004281E472716277313491387333634D
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Tue, 26 Oct 2021 05:28:44 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
show_pla
obs.cheqzone.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=13606699109792205176695817672955237010311679901468165119888003759082&nc=0&tsf=0&tsfmi=&pv=0&cb=1635226124490&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=220482090&at=&bid=e30%3D&di=W1siZWYiLDc0ODhdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6MTAsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxMTEz%0D%0ANjE1MTIsXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjQyLGVZWFZYMVByeDJPK2UyYVpuTXBCZElBUktLVkVFUUlnS0Nk%0D%0ASlhlQkJFUVJJcWlJQzE4cURSRmtONUNDNHJTZmlKU3BBb0lST21RUWhKU1NNOU1aakp6eXlsNzc3%0D%0AVy9aNTE3ejgiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJw%0D%0AYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJd%0D%0ALFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxb%0D%0ALTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJrZXl3b3Jkc1wiLFwidHdpdHRlcjp0aXRsZVwiLFwi%0D%0AZGVzY3JpcHRpb25cIixcIm9nOmRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIm51bGwiXSxbLTEzLCIt%0D%0AIl0sWy0xNCwie1wib1wiOjAuMDA4MzMzMzMzMzMzMzMzMzMzfSJdLFstMTUsIi0iXSxbLTE2LCIw%0D%0AIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0%0D%0ALFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwi%0D%0ALVwiLFwiLVwiXSJdLFstMjAsIjIwMjM3MDE3NDMuMTYzNTIyNjEyNCJdLFstMjEsIlVOYkhaZGFX%0D%0AIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxb%0D%0ALTI2LCJ7XCJ0amhzXCI6MjA1MDAwMDAsXCJ1amhzXCI6MTQzMDAwMDAsXCJqaHNsXCI6Mzc2MDAw%0D%0AMDAwMH0iXSxbLTI3LCJbMCw5LjIsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFst%0D%0AMjksIntcInZcIjpbMiwyLDIsMiwwLDAsMCwyLDAsMiwwLDIsMCwwLDIsMiwyLDIsMF19Il0sWy0z%0D%0AMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCItIl0sWy0zMywiLSJdLFstMzQsIi0i%0D%0AXSxbLTM1LCJbMTYzNTIyNjEyNDQwMiwwXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0z%0D%0ANywiLTE0NC02Ni0xODAtIl0sWy0zOCwiYywtMSwtMSwwLDAsMiwwLDE4LDM3LDg4NCw1LDIsMTA0%0D%0AOC40LDEwNDguNCwyMDEwLDIwMTAiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwi%0D%0ATmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsM10iXSxb%0D%0ALTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAw%0D%0AMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiNjIwLDY3OCwwLDAsMCw1NjEs%0D%0AMCwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCwwLDY4NCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJd%0D%0ALFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93bixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIw%0D%0ALDAiXSxbLTQ5LCItIl0sWyJibmNoIiwxNjZdXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A200%2C%22y%22%3A2270%2C%22w%22%3A795%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=qZoslj3QbQ&sdd=%7B%7D&pto=2099
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-211-97.compute-1.amazonaws.com
Software
/
Resource Hash
84986d42eb31805610b2dbad9b34194433ef92058a436a6c5f13eda4502b85b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
gzip
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length
1529
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=nst.com.my&p=%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&u=X49i-DW4br5Z2Pg5&d=nst.com.my&g=65124&g0=world&g1=afp&n=1&f=00001&c=0&x=0&m=0&y=2594&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1171&_s=%7B%22ga%22%3Anull%7D&t=zQeFyBgpdoXDG_hAeD5HZN3C1GoBH&V=128&i=Russian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&tz=0&sn=1&sv=Dr00Z4BYgffSBPtvVX5YfzDBlA5Qr&sd=1&im=0653044f&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.215.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-215-174.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:44 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
bugsnag.min.js
d2wy8f7a9ursnm.cloudfront.net/v6/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-38.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 18:06:24 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 05 Feb 2020 15:23:02 GMT
Server
AmazonS3
Age
20604141
ETag
W/"e63788b8657ac52b3cdbb970e551c2a4"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=UTF-8
Via
1.1 0d94766f433ae64cf30c40acb74fc43f.cloudfront.net (CloudFront)
Cache-Control
public, max-age=315360000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
YRtwvLOtd1kb9IagudWCuNDl60CsrTw6BDMz4tH3JQyOkQ79M3hbGA==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		370 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
sffe /
Resource Hash
c3160d4eb1326fe436d7a1edde158f5d5756ee4de884c40ae20c308b4cdf1fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
125402
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Tue, 26 Oct 2021 05:28:44 GMT
3001496
hdrbd.ivstracker.net/hbplacementsservices/ 		283 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hdrbd.ivstracker.net/hbplacementsservices/3001496
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-43.fra2.r.cloudfront.net
Software
/
Resource Hash
cf15467d3e2b0a260dd0075fd0c234947455ecc684fede410b014bb5eb59e10d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:18:59 GMT
content-encoding
gzip
age
585
x-amzn-requestid
0b560a7f-3f8b-4b05-b601-14b07fb52647
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
cache-control
private, max-age=600
x-amzn-trace-id
Root=1-61778fc3-2764d69124e2731c0b25446c;Sampled=0
x-amz-cf-pop
FRA2-C1
x-amz-apigw-id
HzNmhEAQyQ0FvQw=
x-amz-cf-id
5sUaksBUxkFwsdVIN_ankI7RXjMjgPzMdfMxxq3DeGNdrWxRk6GNsw==
sync.html
cdn.aralego.net/ucfad/cookie/ Frame C377 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50

Request headers

:method
GET
:authority
cdn.aralego.net
:scheme
https
:path
/ucfad/cookie/sync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nst.com.my/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
content-type
text/html
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
4702
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdnWMQR8nmyvrJDuoV4oQedb%2BVX9HLAxFguAh90qxhtcE7I7E9reG1aLKJWYWHsGqtJChoLuLqDetyxVY6Vu7P2h5Dib6miwjBhAjzyaHYXSW4S1hZkdEi0lbb9ZD%2F0sDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6a4148704a744138-PRG
content-encoding
br
analytics.js
www.google-analytics.com/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
5258
date
Tue, 26 Oct 2021 04:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Tue, 26 Oct 2021 06:01:06 GMT
moat-tracker.js
player.ivideosmart.com/ivsplayer/v4/dist/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivsplayer/v4/dist/assets/moat-tracker.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
74a36b5e7aa86dea54216c82390d18b821bc597647db38a459c4c1657d4b2bd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 26 Oct 2021 05:28:44 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
FRA6-C1
Connection
keep-alive
Akamai-Mon-Iucid-Del
1125181
Content-Length
787
Last-Modified
Fri, 15 Oct 2021 04:06:37 GMT
Server
AmazonS3
ETag
W/"e487166610c7a5ecb4bb060d5a795b49"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
BfXZBBBxBHCdF5bOa_DpqheOOP8tm4dnS0tEpZArHotlDGPFXEv80A==
watch.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		131 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a333384462c0747d7c2cdb7504053fc25bd568427e6dfe9cd9d9b05b908aa18a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
31310
x-jsd-version
1.210.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19176-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"20a44-cAsv4kEehgu5uoLbbnnQFxLnwLM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a414870381d410d-PRG
vtt.min.js
cdn.jsdelivr.net/npm/videojs-vtt.js@0.15.3/dist/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/videojs-vtt.js@0.15.3/dist/vtt.min.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37fb546f8426b457a1ad6fa0f6eef42a199837d34d79cd3c4df1162c2c19abd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
31182
x-jsd-version
0.15.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19123-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"52b8-ZERYoLNRSfBtBHiszm8New/vvZs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6a414870381f410d-PRG
hls.js@0.12.4
cdn.jsdelivr.net/npm/ 		247 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0290f0d61a6b94aca37bd874640ee172d86ec3743f3c0a611063036261074f92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
31267
x-jsd-version
0.12.4
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19124-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"3dcd4-US0fJerQjQ10uxkkIHnJSLvClac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6a4148703821410d-PRG
2d81b656-7311
ivxplayer.ivideosmart.com/prod/widget/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ivxplayer.ivideosmart.com/prod/widget/2d81b656-7311?key=9bf432ece21ce680726a10bc9574ab67&playertype=IVSN&title=Russian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&canonicalUrl=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-13.fra2.r.cloudfront.net
Software
/ Express
Resource Hash
30bace2a4efc20c4c38131eee9e2906bdde40b6714ab7534295230ca493bb434

Request headers

Accept
application/json
Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C2
x-powered-by
Express
x-cache
Miss from cloudfront
pragma
no-cache
access-control-allow-origin
https://www.nst.com.my
etag
W/"306e-++eKod5BswS41cdBnD5lLbyCf8k"
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
cache-control
private, no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
x-robots-tag
none
x-amz-cf-id
1bn0FT20KuMugTl9_t8se73d11eSSi2wL1axCaoRMT5mvZxAQxPVxw==
expires
0
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1
  • https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1&__user_check__=1&sync_id=96808471-361d-11ec-a063-1ee5b9e10306
0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1&__user_check__=1&sync_id=96808471-361d-11ec-a063-1ee5b9e10306
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Tue, 26 Oct 2021 05:28:44 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
57
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Tue, 26 Oct 2021 05:28:44 GMT
Server
nginx
Location
/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1&__user_check__=1&sync_id=96808471-361d-11ec-a063-1ee5b9e10306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
113
Connection
keep-alive
Content-Length
0
truncated
/ 		482 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fcb57eb9682bc01ed2a77c8bffe1a5f1c5ab42a20993c4b2e9b729755e3b628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		949 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed02212bdc9d93554d8645301fb1b7123480302e0492e770bb43c8e13e7b75b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f51166899f96e582bc10b3361c7452d1b54eb4be542b1ae61dc3c57c567c20e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		532 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80e112f302dc9e0e4167ec6030a7be016734cbddf0fbcb5bad8476b5290ec39f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
/
www.google.com/pagead/1p-conversion/845503338/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845503338/?random=1360627484&cv=9&fst=1635226124222&num=1&value=0&label=rqiqCNqRqtsCEOq2lZMD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...
  • https://www.google.com/pagead/1p-conversion/845503338/?random=1360627484&cv=9&fst=1635226124222&num=1&value=0&label=rqiqCNqRqtsCEOq2lZMD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/845503338/?random=1360627484&cv=9&fst=1635226124222&num=1&value=0&label=rqiqCNqRqtsCEOq2lZMD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&tiba=Russian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&auid=967178468.1635226124&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=DJJ3Yd_GHJKtgAeLm4KACQ&cid=CAQSKQCNIrLMulWgWb6yFhyAUTpFJfunAX6zERObSeczTzdHDdCR2fmBgSUe&eitems=ChEI8KvZiwYQo-KzneXrytuMARIdAAU0I5VP7M9mT-uPzRsBt8LOjphSG0v5EQPb7oo&random=3821253805&resp=GooglemKTybQhCsO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:44 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
location
https://www.google.com/pagead/1p-conversion/845503338/?random=1360627484&cv=9&fst=1635226124222&num=1&value=0&label=rqiqCNqRqtsCEOq2lZMD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&tiba=Russian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&auid=967178468.1635226124&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=DJJ3Yd_GHJKtgAeLm4KACQ&cid=CAQSKQCNIrLMulWgWb6yFhyAUTpFJfunAX6zERObSeczTzdHDdCR2fmBgSUe&eitems=ChEI8KvZiwYQo-KzneXrytuMARIdAAU0I5VP7M9mT-uPzRsBt8LOjphSG0v5EQPb7oo&random=3821253805&resp=GooglemKTybQhCsO
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
thumb_3e1c.jpg
images.says.com/uploads/story/cover_image/51965/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/story/cover_image/51965/thumb_3e1c.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3c311f12f59910a0e295ef30baf0a06a558cf6c03537707c332f40d21f7f3ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
cf-cache-status
HIT
age
506
cf-polished
origFmt=jpeg, origSize=218304
x-guploader-uploadid
ADPycdt32sJ8HhBeB4myGTCCVOWcTyeKvcEtBoyZFjKULipBP0kev57wKX4f_6ATjvXCds6fA7z3TMkaS2cGDNFLJmo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="thumb_3e1c.webp"
content-type
image/webp
content-length
94066
last-modified
Tue, 26 Oct 2021 03:02:06 GMT
server
cloudflare
etag
"80d60c8d299b3316f475ccd2c4fb1af8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=F1TCYg==, md5=gNYMjSmbMxb0dczSxPsa+A==
x-goog-generation
1635217326269372
expires
Sun, 26 Oct 2031 17:28:44 GMT
cache-control
public, max-age=315576000
x-goog-stored-content-length
218304
accept-ranges
bytes
cf-ray
6a4148711ab3f9de-PRG
cf-bgj
imgq:100,h2pri
thumb_9302.jpg
images.says.com/uploads/story/cover_image/43733/ 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/story/cover_image/43733/thumb_9302.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5e5e666649d948dfea9068869116af29cc9186d19d611496e395eeb410c2592

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
cf-cache-status
HIT
age
507
cf-polished
origFmt=jpeg, origSize=198532
x-guploader-uploadid
ADPycdvjKABwF2Yv1MoDzSDMCRqUpyHtV9vZ6LvcMKBCwMm4ynqUtl97l2_0H-fn6VhteqXgqfg7VvAO8gcsVJAX4pg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="thumb_9302.webp"
content-type
image/webp
content-length
123890
last-modified
Tue, 26 Oct 2021 04:51:26 GMT
server
cloudflare
etag
"71247c6342f148dd6da152fc26b40d2f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=jM5KWw==, md5=cSR8Y0LxSN1toVL8JrQNLw==
x-goog-generation
1635223886249372
expires
Sun, 26 Oct 2031 17:28:44 GMT
cache-control
public, max-age=315576000
x-goog-stored-content-length
198532
accept-ranges
bytes
cf-ray
6a4148711ab6f9de-PRG
cf-bgj
imgq:100,h2pri
thumb_20a9.jpg
images.says.com/uploads/story/cover_image/51967/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/story/cover_image/51967/thumb_20a9.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38c509e7eb5026c7ae0327841927fc90695055c770dad4b41695209dd7582e96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
cf-cache-status
HIT
age
867
cf-polished
origFmt=jpeg, origSize=165262
x-guploader-uploadid
ADPycdufc2fCtF-D7dGib1UADKaPe4ZJEU5t9zx9nXqNPpY1fUP9z2bDxXufeozQQH-LwXQYJhTsIRch6qCctO7NTt4uqyHOLQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="thumb_20a9.webp"
content-type
image/webp
content-length
74122
last-modified
Tue, 26 Oct 2021 03:39:11 GMT
server
cloudflare
etag
"245ec6c706704a8eb281d67245751a08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=6ObjjA==, md5=JF7GxwZwSo6ygdZyRXUaCA==
x-goog-generation
1635219551091907
expires
Sun, 26 Oct 2031 17:28:44 GMT
cache-control
public, max-age=315576000
x-goog-stored-content-length
165262
accept-ranges
bytes
cf-ray
6a4148711ab9f9de-PRG
cf-bgj
imgq:100,h2pri
thumb_3159.png
images.says.com/uploads/story/cover_image/51968/ 		163 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/story/cover_image/51968/thumb_3159.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
827aeb41ea8092f1806ef3d4de3b2fc9cd60b5db524dc1186d6f662ca9a7e7d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
cf-cache-status
HIT
age
4091
cf-polished
origFmt=png, origSize=279602
x-guploader-uploadid
ADPycdumKjBD2PnDZqdDMFopPWSeG_ihjMmc3GZU1E32Eg9qWuQS2bI83ui5Pxi76je-72IcrgE4w9vcC5ya2bzSBYI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="thumb_3159.webp"
content-type
image/webp
content-length
167306
last-modified
Tue, 26 Oct 2021 03:02:08 GMT
server
cloudflare
etag
"0aa65823cbb2febac688b0877a23ff1f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=z8N3Hg==, md5=CqZYI8uy/rrGiLCHeiP/Hw==
x-goog-generation
1635217328168560
expires
Sun, 26 Oct 2031 17:28:44 GMT
cache-control
public, max-age=315576000
x-goog-stored-content-length
279602
accept-ranges
bytes
cf-ray
6a4148711abbf9de-PRG
cf-bgj
imgq:100,h2pri
thumb_2008.png
images.says.com/uploads/story/cover_image/51970/ 		202 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/story/cover_image/51970/thumb_2008.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65bbe2421e8490072159f5e96fc4c192a16fdf907a6f6f96a6046eb5ea10d4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:44 GMT
cf-cache-status
HIT
age
4091
cf-polished
origFmt=png, origSize=317754
x-guploader-uploadid
ADPycdtu7NxTAatdy6dT4NAaGDMT1vYgh7GrNxUrPl2fiCj_LGHt4XxbuGhL-W6dmVTzo5B2a5wIbzfEechqz6WzQVALp1aR_w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="thumb_2008.webp"
content-type
image/webp
content-length
206518
last-modified
Tue, 26 Oct 2021 03:16:47 GMT
server
cloudflare
etag
"425e0819be7e283265eb32f87a1ecd57"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=rOReWQ==, md5=Ql4IGb5+KDJl6zL4eh7NVw==
x-goog-generation
1635218207089152
expires
Sun, 26 Oct 2031 17:28:44 GMT
cache-control
public, max-age=315576000
x-goog-stored-content-length
317754
accept-ranges
bytes
cf-ray
6a4148711ab7f9de-PRG
cf-bgj
imgq:100,h2pri
ga-audiences
www.google.com/ads/ 		42 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-1357345-6&cid=2023701743.1635226124&jid=699460980&_u=aHBAgQAjAAAAAE~&z=629887574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,500i|Roboto:400,400i,500,500i,700,700i&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nst.com.my
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 08:58:25 GMT
x-content-type-options
nosniff
age
333019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Oct 2022 08:58:25 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=629848678&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&ul=en-us&de=UTF-8&dt=Russian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6HDAiUAjBAAAAE~&jid=&gjid=&cid=2023701743.1635226124&tid=UA-1357345-6&_gid=1851048285.1635226124&gtm=GTM-TF3NG6&cd2=n%2Fa&cd4=not%20logged%20in&cd5=no&cd6=n%2Fa&cd7=editorial&cd8=AFP&cd9=n%2Fa&cd11=n%2Fa&cd13=2021-10-26&cd14=09%3A21%3A59%2B08%3A00&cd15=455&cd16=world&cd17=2023701743.1635226124&cd18=1635226124752.akyxyda8&cd19=2021-10-26T05%3A28%3A44.752%2B00%3A00&cd20=article&cd30=n%2Fa&cd32=n%2Fa&cd33=US%2C%20Russia%2C%20it%2C%20april%2C%20Washington%2C%20espionage%2C%20Microsoft%2C%20300%2C%20Moscow%2C%20hacking%2C%20hack%2C%20Tom%20Burt%2C%20xnstp%2C%20Dan%20Ives%2C%20Burt%2C%20MSTIC%2C%20Threat%20Intelligence%20Center%2C%20000-strong&cd35=2023701743.1635226124&cm2=1&z=2141362376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 07:47:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78052
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
2023701743.1635226124
mpdrec.nstp.com.my/articles/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nst.com.my
date
Tue, 26 Oct 2021 05:28:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		24 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=503576&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223e4da0a2ac0a41%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224e0d19c6cab402%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503576%22%2C%22sid%22%3A%222%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b7ef7497d2d27a0884f3eedf383f2144a734ea0c8fb0a8ae1798b62990495fcd

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.217], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nst.com.my
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Tue, 26 Oct 2021 05:28:45 GMT
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nst.com.my
date
Tue, 26 Oct 2021 05:28:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		53 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 05:28:45 GMT
X-Proxy-Origin
216.131.114.217; 216.131.114.217; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2b095de2-5132-47a2-9242-c7d7dd048f90
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nst.com.my
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		860 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
cd842109bb80029dd1cf8231b73444120478d211da502d9a23e3f3e5139920b1

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b13%3b121
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
arj
mediaprima-d.openx.net/w/1.0/ 		173 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mediaprima-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b9fd43ed-5b50-4b38-ad0e-1d34655eac70&nocache=1635226124810&pubcid=41039164-7947-4ff4-875b-f90298ae5a0d&aus=728x90&divIds=div-gpt-ad-1397706490709-0&auid=543531554
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
b005a277a69f1f133d71be508aa8509685d06fb0783aeab37e33895108731218

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
gzip
server
OXGW/16.217.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.nst.com.my
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		24 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=503577&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213cf776c997344%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22146f1459c7d7ee%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503577%22%2C%22sid%22%3A%223%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6fa6ed9d3aec30cb607f4fee66144d2d3192124d3a6722367ee11c128fed8c89

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.217], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nst.com.my
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Tue, 26 Oct 2021 05:28:45 GMT
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nst.com.my
date
Tue, 26 Oct 2021 05:28:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
mediaprima-d.openx.net/w/1.0/ 		173 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mediaprima-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=fe3ed0b7-dc02-4de2-8a4e-45494d7962e9&nocache=1635226124819&pubcid=41039164-7947-4ff4-875b-f90298ae5a0d&aus=300x250&divIds=div-gpt-ad-1397706555683-0&auid=543531557
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
f899ff7b79b09d5aac742b446aa8be019cd687e3781f76be8030a01cc567081d

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
gzip
server
OXGW/16.217.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.nst.com.my
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		53 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 05:28:45 GMT
X-Proxy-Origin
216.131.114.217; 216.131.114.217; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
eeb3219b-2599-4636-8a4e-dafee7005aa6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nst.com.my
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		752 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
1bb5f107c579ed9e47a5c25bc7bfc9cf4ef97e11e652b43a720711a2c3d69378

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:44 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b9%3b76
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
prebid
ib.adnxs.com/ut/v3/ 		53 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 05:28:45 GMT
X-Proxy-Origin
216.131.114.217; 216.131.114.217; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3acd1a14-3bad-4c71-99b5-87efc59b166b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nst.com.my
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
mediaprima-d.openx.net/w/1.0/ 		172 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mediaprima-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ff5dc52d-51f8-4aab-b6f3-bdc170f81523&nocache=1635226124829&pubcid=41039164-7947-4ff4-875b-f90298ae5a0d&aus=300x250&divIds=div-gpt-ad-1397706611337-0&auid=543531560
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
b1290b86b3cc26df40a5317afa35187b41827af9330879ffca0f727f12321a7c

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
gzip
server
OXGW/16.217.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.nst.com.my
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		917 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e0e83c5616ed511922ad60ab6c29720d0bb8b7325c08e745b1cfdfb2e82153c2

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b8%3b77
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
cygnus
htlb.casalemedia.com/ 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=503578&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22291092bf3d3a365%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22302f8a6b46813b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503578%22%2C%22sid%22%3A%224%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
69bb700117e1c4431a95eaf1d70411b17453e9cb35242d9da0254a877f4c1281

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.217], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nst.com.my
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Tue, 26 Oct 2021 05:28:45 GMT
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nst.com.my
date
Tue, 26 Oct 2021 05:28:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1635226124897&sessionId=06141495-dcc1-51d4-9a29-06af726ecdc8&url=www.nst.com.my&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 05:28:45 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
fe3842803de331d2f57f9b3208ae1593
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&idx=0&rand=7660&key=NANOWDGT01&widgetJSId=GS_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=06141495-dcc1-51d4-9a29-06af726ecdc8&fdu=www.nst.com.my&px=200&py=2136&vpd=936&cw=795&settings=true&recs=true&version=2000484&sig=UNbHZdaW&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
adfb79a26803aedc9e5880eed1c452c32ab63a237614d1d6c5c10b1527ef856c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.117.56
x-cache-hits
0, 0
x-traceid
1bdcdb1d231b1a0e4ae03a2b16c43ac9
content-encoding
gzip
content-length
13915
x-served-by
cache-lga21956-LGA, cache-hhn4067-HHN
x-timer
S1635226125.143019,VS0,VE206
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
worker-new.html
newstraitstimesmalaysia.api.useinsider.com/ Frame 676A 		8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newstraitstimesmalaysia.api.useinsider.com/worker-new.html
Requested by
Host: newstraitstimesmalaysia.api.useinsider.com
URL: https://newstraitstimesmalaysia.api.useinsider.com/ins.js?id=10001457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.171.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
newstraitstimesmalaysia.api.useinsider.com
:scheme
https
:path
/worker-new.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nst.com.my/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
content-type
text/html
access-control-allow-origin
*
last-modified
Wed, 20 Oct 2021 04:00:44 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4093
expires
Thu, 11 Nov 2021 05:28:45 GMT
cache-control
public, max-age=1382400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a4148731e584114-PRG
content-encoding
br
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nst.com.my
date
Tue, 26 Oct 2021 05:28:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
283031649327915
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/283031649327915?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
e83ef45650ff1cf64961dceea45696d656b412d8f1885fccccb5e4925d1a5fe1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
QCRCJihtl5dmRpMfUcKKwCzs4ieqsTV8792rZJ+Zv/8bBCr5qx1zNO7NsI6nSzjEE5B23Tx8ekdKoYMd15IeyQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 26 Oct 2021 05:28:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=404165573531277&ev=PageView&dl=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&rl=&if=false&ts=1635226125159&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.2.1635226125156.314776689&it=1635226124129&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 26 Oct 2021 05:28:45 GMT
erdo24_NSTfield_image_listing_featured_v2.var_1635224066.jpg
assets.nst.com.my/images/articles/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/images/articles/erdo24_NSTfield_image_listing_featured_v2.var_1635224066.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c805049772d7a07272b57fe9dd27b4ff5e5cca40a3b6ff0295ddeb5aa8a45bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
cf-cache-status
HIT
age
1868
cf-polished
qual=85, origFmt=jpeg, origSize=64326
x-guploader-uploadid
ADPycdvKvoLUIWBruO0YfDckmp0rbF6Pc5gKbHE1498OolOhWGPcrsrHEEj_pxrs7ag6upDKOMcFxYP-bh3AnaOhbnk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="erdo24_NSTfield_image_listing_featured_v2.webp"
content-length
25686
cf-ray
6a414873e8bff9d6-PRG
expires
Tue, 26 Oct 2021 06:28:45 GMT
last-modified
Tue, 26 Oct 2021 04:54:26 GMT
server
cloudflare
etag
"3581378f2aea9bdcdb719857379eb158"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=2sycXA==, md5=NYE3jyrqm9zbcZhXN56xWA==
x-goog-generation
1635224066439493
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
64326
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
erdo10_NSTfield_image_listing_featured_v2.var_1635215166.jpg
assets.nst.com.my/images/articles/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/images/articles/erdo10_NSTfield_image_listing_featured_v2.var_1635215166.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fd0515fff09f54086050f9300c9a25d154b83af457a37e33688e905745e986b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
cf-cache-status
HIT
age
4089
cf-polished
qual=85, origFmt=jpeg, origSize=104506
x-guploader-uploadid
ADPycds7lEl0GN348NGjeN_5_lzcXcqF061puz1HK_MznpE5_GpHl44JxdH5WN5_FXqj830KLNbcJSJV_rm0PWwiH9GI4R7RuA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="erdo10_NSTfield_image_listing_featured_v2.webp"
content-length
56486
cf-ray
6a414873e8c1f9d6-PRG
expires
Tue, 26 Oct 2021 06:28:45 GMT
last-modified
Tue, 26 Oct 2021 02:26:14 GMT
server
cloudflare
etag
"fd98c1b2f64f9f2dc0356fa1a495383e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=0GpTOA==, md5=/ZjBsvZPny3ANW+hpJU4Pg==
x-goog-generation
1635215174937239
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
104506
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
kelantanVaxx241021_NSTfield_image_listing_featured_v2.var_1635065692.jpg
assets.nst.com.my/images/articles/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/images/articles/kelantanVaxx241021_NSTfield_image_listing_featured_v2.var_1635065692.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beb6dbf3c8d424f3197bada989796b249ce027faf265261581e4cfd543f93600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
cf-cache-status
HIT
age
156349
cf-polished
qual=85, origFmt=jpeg, origSize=88626
x-guploader-uploadid
ADPycdtHzrqN3Ht4YrG4bCBZlEZdQ5XQ6dyKXh27mm1JITiqVwA01PVYLvvdTUlV8hg_BZN_HUtEyEYTpb2sbVi0I40
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="kelantanVaxx241021_NSTfield_image_listing_featured_v2.webp"
content-length
43572
cf-ray
6a414873e8c2f9d6-PRG
expires
Tue, 26 Oct 2021 06:28:45 GMT
last-modified
Sun, 24 Oct 2021 08:54:52 GMT
server
cloudflare
etag
"ab2907873298e78ce9cbf93d4c82c3e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=wDUR/g==, md5=qykHhzKY54zpy/k9TILD4Q==
x-goog-generation
1635065692751549
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
88626
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
sabah241021_NSTfield_image_listing_featured_v2.var_1635063211.jpg
assets.nst.com.my/images/articles/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/images/articles/sabah241021_NSTfield_image_listing_featured_v2.var_1635063211.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8795ef8355b65a92168f864d5bbd589b08e7472c0e9eca4b250acd91d0a858f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
cf-cache-status
HIT
age
156349
cf-polished
qual=85, origFmt=jpeg, origSize=55383
x-guploader-uploadid
ADPycdvkzTevOoy1ihxU-FTS-jWTSioxO2YL69w6tpDbmQw35V6Cpnl0v8dusUGwNar4Yo04p8cj2badRViDKE-2nwE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="sabah241021_NSTfield_image_listing_featured_v2.webp"
content-length
32000
cf-ray
6a414873e8c3f9d6-PRG
expires
Tue, 26 Oct 2021 06:28:45 GMT
last-modified
Sun, 24 Oct 2021 08:13:31 GMT
server
cloudflare
etag
"522e7cd7bf7bad3213a61758524ee96b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=ioPPHQ==, md5=Ui581797rTITphdYUk7paw==
x-goog-generation
1635063211553076
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
55383
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
SelVax241021_NSTfield_image_listing_featured_v2.var_1635060949.jpg
assets.nst.com.my/images/articles/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/images/articles/SelVax241021_NSTfield_image_listing_featured_v2.var_1635060949.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200b50d88a2a44f1b44b3b3bbd0cbd996fa4d3b7f618c058c566526a5f20e707

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
cf-cache-status
HIT
age
164641
cf-polished
qual=85, origFmt=jpeg, origSize=175813
x-guploader-uploadid
ADPycdsSWtQTfp-ox7Uab1ydsGemetbaKyBEdQ7qYvgoETY3YaAMrwfEZm8nM6LWCBqAT0cik2NDV3hGT9aFgv1WD2A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="SelVax241021_NSTfield_image_listing_featured_v2.webp"
content-length
71912
cf-ray
6a414873e8c4f9d6-PRG
expires
Tue, 26 Oct 2021 06:28:45 GMT
last-modified
Sun, 24 Oct 2021 07:35:49 GMT
server
cloudflare
etag
"0ffac397708fecb824bf9b180715acf6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=cTXoCA==, md5=D/rDl3CP7Lgkv5sYBxWs9g==
x-goog-generation
1635060949652128
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
175813
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
vaccine241021_NSTfield_image_listing_featured_v2.var_1635041165.jpg
assets.nst.com.my/images/articles/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/images/articles/vaccine241021_NSTfield_image_listing_featured_v2.var_1635041165.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c68c032c34622727351e76727fa64f8aee23b90b8924a2ab8cb5fa73a9fba1cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
cf-cache-status
HIT
age
164641
cf-polished
qual=85, origFmt=jpeg, origSize=74679
x-guploader-uploadid
ADPycdvy2efLD-IEFYOZaK8WJII6odeJs-3iKIGTMIw0Pje3E4L4fQDd4uMiKAnT2ntRkzQtoKnyXCWIiDBjSHfUNd8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="vaccine241021_NSTfield_image_listing_featured_v2.webp"
content-length
56624
cf-ray
6a414873e8c5f9d6-PRG
expires
Tue, 26 Oct 2021 06:28:45 GMT
last-modified
Sun, 24 Oct 2021 02:06:20 GMT
server
cloudflare
etag
"35cfca41909cd8b4fbfbf5f80f1131af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=Z+4JhQ==, md5=Nc/KQZCc2LT7+/X4DxExrw==
x-goog-generation
1635041180843271
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
74679
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
prebid
ib.adnxs.com/ut/v3/ 		53 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 05:28:45 GMT
X-Proxy-Origin
216.131.114.217; 216.131.114.217; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
10350a44-124f-45d1-812d-b7670bfc86bc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nst.com.my
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nst.com.my
date
Tue, 26 Oct 2021 05:28:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		976 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
aac0a35ab89f973a07523687c4adb7cc0842453537ca651dc77fdd08b0f172e6

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b13%3b88
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nst.com.my
date
Tue, 26 Oct 2021 05:28:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		53 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 05:28:45 GMT
X-Proxy-Origin
216.131.114.217; 216.131.114.217; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
00be0a29-de3e-4628-adab-b5d2913adef3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nst.com.my
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
mediaprima-d.openx.net/w/1.0/ 		173 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mediaprima-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b02567a7-4095-46de-ba29-7d116651a9c3&nocache=1635226125237&pubcid=41039164-7947-4ff4-875b-f90298ae5a0d&aus=970x250%2C970x90%2C728x90&divIds=div-gpt-ad-1397706669649-0&auid=543531569
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
1ec4ebbd64514a58c9f89f8dabeadd5f79d2839c054ee325ec5b2f264c404907

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
gzip
server
OXGW/16.217.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.nst.com.my
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
166
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		662 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
1ceb4793aace2aa50366c235aee789749d7212e0e3b39616893fe4c55f44d9e4

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b16%3b44
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
prebid
ib.adnxs.com/ut/v3/ 		53 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 05:28:45 GMT
X-Proxy-Origin
216.131.114.217; 216.131.114.217; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
726efa22-84f0-474b-ad2e-4c8bdd0a70fe
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nst.com.my
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nst.com.my
date
Tue, 26 Oct 2021 05:28:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=503581&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2253c1eb591616a01%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22543ac7aaa233e08%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503581%22%2C%22sid%22%3A%227%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2255fb3b50002fbc5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503581%22%2C%22sid%22%3A%227%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2256968986aeea399%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503581%22%2C%22sid%22%3A%227%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
993045a931944bc733d47a35ad05beb326d03bd5b821476925993d85ae4d6883

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.217], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nst.com.my
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Tue, 26 Oct 2021 05:28:45 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nst.com.my
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=542465142768040&correlator=3201911844468868&output=ldjh&impl=fifs&eid=31063136%2C31063263%2C31062524&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=1009103%2CNST_300x250_b&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=site%3Dnst%26section%3Dworld%26pos%3Darticle%26key%3DUS%2CRussia%2Cit%2Capril%2CWashington%2Cespionage%2CMicrosoft%2C300%2CMoscow%2Chacking%2Chack%2CTom%2520Burt%2Cxnstp%2CDan%2520Ives%2CBurt%2CMSTIC%2CThreat%2520Intelligence%2520Center%2C000-strong%26pwtsid_pubmatic%3D452e5b8c7415293%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=lotauds%3DDS_1070%252CDS_1196%252CDS_659%252CDS_1175%252CDS_1186%252CDS_757%252CDS_1596%252CDS_1327%252Cca_173%252CDS_664%252CDS_1199%252CDS_560%252Cca_012%252CDS_141%252CDS_1192%252CDS_1202%252CDS_1182%252CDS_1194%252CDS_644%252CDS_1209%252CDS_658%252CDS_1174%252Cca_020%252CDS_1177%252CDS_1173%252CDS_1620%252CDS_1610%252Cca_494%252Cca_016%252CDS_1076%252CDS_559%252CDS_1201%252CDS_1187%252CDS_1054%252CDS_150%252CDS_647%252CDS_526%252CDS_1303%252CDS_629%252CDS_1382%252Cca_019%252CDS_670%252CDS_1195%252CDS_530%252CDS_1396%252CDS_1176%252CDS_1325%252CDS_1389%252CDS_712%252CDS_750%252CDS_654%252CDS_1200%252CDS_1060%252CDS_1193%252CDS_168%252CDS_1307%252CDS_175%252CDS_633%252CDS_528%252CDS_1188%252CDS_574%252CDS_678%252CDS_1071%252CDS_1181%252CDS_1206%252CDS_657%252CDS_1184%252Cca_176%252CDS_639%252CDS_1180%252CDS_652%252CDS_638%252Cca_230%252CDS_640%252CDS_1311%252Cca_021%252CDS_1204%252CDS_558%252CDS_1314%252CDS_176%252CDS_665%252CDS_714%252Cca_171%252CDS_1171%252CDS_625%252CDS_696%252CDS_1189%252Cca_080%252CDS_1309%252CDS_756%252CDS_1621%252CDS_738%252Cca_102%252Cca_174%252Cca_177%252CDS_525%252CDS_1172%252Cca_022%252CDS_1601%252CDS_671%252CDS_167%252CDS_1388%252CDS_1198%252CDS_1207%252CDS_523%252CDS_653%252Cca_038%252CDS_645%252CDS_1385%252CDS_1219%252CDS_674%252CDS_650%252CDS_677%252CDS_641%252CDS_1191%252CDS_1208%252CDS_512%252CDS_646%252CDS_1078%252CDS_1190%252CDS_1395%252CDS_1383%252CDS_1604%252CDS_1081%252CDS_1205%252CDS_656%252CDS_675%252CDS_662%252CDS_1384%252CDS_553%252CDS_672%252CDS_1394%252Cca_036%252CDS_1324%252CDS_1051%252Call%252CDS_643%252CDS_1061%252CDS_1179%252CDS_1074%252CDS_1178%252CDS_1185%252CDS_679%252CDS_576%252CDS_166%252CDS_164%252CDS_1210%252CDS_177%252CDS_181%252CDS_1231%252CDS_1203%252CDS_1197%26inskin_desktop_yes%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1635226125&dt=1635226125272&dlt=1635226123263&idt=1342&frm=20&biw=1600&bih=1200&oid=2&adxs=1055&adys=637&adks=473888136&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&vis=1&dmc=8&scr_x=0&scr_y=0&psz=405x2000&msz=300x0&ga_vid=2023701743.1635226124&ga_sid=1635226125&ga_hid=629848678&ga_fc=true&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
c0670a1c73e650c4dc1b521e54081021efaeb3d57ca0283b3a1e8989883ccfa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17379
x-xss-protection
0
google-lineitem-id
5338833285
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138307800135
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7690f6bf04f3c74273fbe89bb0e7ba87.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CC63 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://7690f6bf04f3c74273fbe89bb0e7ba87.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
7690f6bf04f3c74273fbe89bb0e7ba87.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nst.com.my/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 05:28:45 GMT
expires
Wed, 26 Oct 2022 05:28:45 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=542465142768040&correlator=990795144724857&output=ldjh&impl=fifs&eid=31063136%2C31063263%2C31062524&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=1009103%2CNST_Outofpage&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&prev_scp=site%3Dnst%26section%3Dworld%26pos%3Darticle%26key%3DUS%2CRussia%2Cit%2Capril%2CWashington%2Cespionage%2CMicrosoft%2C300%2CMoscow%2Chacking%2Chack%2CTom%2520Burt%2Cxnstp%2CDan%2520Ives%2CBurt%2CMSTIC%2CThreat%2520Intelligence%2520Center%2C000-strong%26pwtsid_pubmatic%3D445d4f07fda06c3%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=lotauds%3DDS_1070%252CDS_1196%252CDS_659%252CDS_1175%252CDS_1186%252CDS_757%252CDS_1596%252CDS_1327%252Cca_173%252CDS_664%252CDS_1199%252CDS_560%252Cca_012%252CDS_141%252CDS_1192%252CDS_1202%252CDS_1182%252CDS_1194%252CDS_644%252CDS_1209%252CDS_658%252CDS_1174%252Cca_020%252CDS_1177%252CDS_1173%252CDS_1620%252CDS_1610%252Cca_494%252Cca_016%252CDS_1076%252CDS_559%252CDS_1201%252CDS_1187%252CDS_1054%252CDS_150%252CDS_647%252CDS_526%252CDS_1303%252CDS_629%252CDS_1382%252Cca_019%252CDS_670%252CDS_1195%252CDS_530%252CDS_1396%252CDS_1176%252CDS_1325%252CDS_1389%252CDS_712%252CDS_750%252CDS_654%252CDS_1200%252CDS_1060%252CDS_1193%252CDS_168%252CDS_1307%252CDS_175%252CDS_633%252CDS_528%252CDS_1188%252CDS_574%252CDS_678%252CDS_1071%252CDS_1181%252CDS_1206%252CDS_657%252CDS_1184%252Cca_176%252CDS_639%252CDS_1180%252CDS_652%252CDS_638%252Cca_230%252CDS_640%252CDS_1311%252Cca_021%252CDS_1204%252CDS_558%252CDS_1314%252CDS_176%252CDS_665%252CDS_714%252Cca_171%252CDS_1171%252CDS_625%252CDS_696%252CDS_1189%252Cca_080%252CDS_1309%252CDS_756%252CDS_1621%252CDS_738%252Cca_102%252Cca_174%252Cca_177%252CDS_525%252CDS_1172%252Cca_022%252CDS_1601%252CDS_671%252CDS_167%252CDS_1388%252CDS_1198%252CDS_1207%252CDS_523%252CDS_653%252Cca_038%252CDS_645%252CDS_1385%252CDS_1219%252CDS_674%252CDS_650%252CDS_677%252CDS_641%252CDS_1191%252CDS_1208%252CDS_512%252CDS_646%252CDS_1078%252CDS_1190%252CDS_1395%252CDS_1383%252CDS_1604%252CDS_1081%252CDS_1205%252CDS_656%252CDS_675%252CDS_662%252CDS_1384%252CDS_553%252CDS_672%252CDS_1394%252Cca_036%252CDS_1324%252CDS_1051%252Call%252CDS_643%252CDS_1061%252CDS_1179%252CDS_1074%252CDS_1178%252CDS_1185%252CDS_679%252CDS_576%252CDS_166%252CDS_164%252CDS_1210%252CDS_177%252CDS_181%252CDS_1231%252CDS_1203%252CDS_1197%26inskin_desktop_yes%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1635226125&dt=1635226125294&dlt=1635226123263&idt=1342&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=1200&adks=1105507469&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1200&msz=0x0&ga_vid=2023701743.1635226124&ga_sid=1635226125&ga_hid=629848678&ga_fc=true&fws=128&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ed0d99d45018b58a8210d98eb679d0c54d7722604ef6a1eb594ed5430df6ccec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2443
x-xss-protection
0
google-lineitem-id
5139780693
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339062543
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=542465142768040&correlator=1289091268861521&output=ldjh&impl=fifs&eid=31063136%2C31063263%2C31062524&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=1009103%2CNST_728x90_b&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=site%3Dnst%26section%3Dworld%26pos%3Darticle%26key%3DUS%2CRussia%2Cit%2Capril%2CWashington%2Cespionage%2CMicrosoft%2C300%2CMoscow%2Chacking%2Chack%2CTom%2520Burt%2Cxnstp%2CDan%2520Ives%2CBurt%2CMSTIC%2CThreat%2520Intelligence%2520Center%2C000-strong%26pwtsid_pubmatic%3D460b2f8dd29f7a%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=lotauds%3DDS_1070%252CDS_1196%252CDS_659%252CDS_1175%252CDS_1186%252CDS_757%252CDS_1596%252CDS_1327%252Cca_173%252CDS_664%252CDS_1199%252CDS_560%252Cca_012%252CDS_141%252CDS_1192%252CDS_1202%252CDS_1182%252CDS_1194%252CDS_644%252CDS_1209%252CDS_658%252CDS_1174%252Cca_020%252CDS_1177%252CDS_1173%252CDS_1620%252CDS_1610%252Cca_494%252Cca_016%252CDS_1076%252CDS_559%252CDS_1201%252CDS_1187%252CDS_1054%252CDS_150%252CDS_647%252CDS_526%252CDS_1303%252CDS_629%252CDS_1382%252Cca_019%252CDS_670%252CDS_1195%252CDS_530%252CDS_1396%252CDS_1176%252CDS_1325%252CDS_1389%252CDS_712%252CDS_750%252CDS_654%252CDS_1200%252CDS_1060%252CDS_1193%252CDS_168%252CDS_1307%252CDS_175%252CDS_633%252CDS_528%252CDS_1188%252CDS_574%252CDS_678%252CDS_1071%252CDS_1181%252CDS_1206%252CDS_657%252CDS_1184%252Cca_176%252CDS_639%252CDS_1180%252CDS_652%252CDS_638%252Cca_230%252CDS_640%252CDS_1311%252Cca_021%252CDS_1204%252CDS_558%252CDS_1314%252CDS_176%252CDS_665%252CDS_714%252Cca_171%252CDS_1171%252CDS_625%252CDS_696%252CDS_1189%252Cca_080%252CDS_1309%252CDS_756%252CDS_1621%252CDS_738%252Cca_102%252Cca_174%252Cca_177%252CDS_525%252CDS_1172%252Cca_022%252CDS_1601%252CDS_671%252CDS_167%252CDS_1388%252CDS_1198%252CDS_1207%252CDS_523%252CDS_653%252Cca_038%252CDS_645%252CDS_1385%252CDS_1219%252CDS_674%252CDS_650%252CDS_677%252CDS_641%252CDS_1191%252CDS_1208%252CDS_512%252CDS_646%252CDS_1078%252CDS_1190%252CDS_1395%252CDS_1383%252CDS_1604%252CDS_1081%252CDS_1205%252CDS_656%252CDS_675%252CDS_662%252CDS_1384%252CDS_553%252CDS_672%252CDS_1394%252Cca_036%252CDS_1324%252CDS_1051%252Call%252CDS_643%252CDS_1061%252CDS_1179%252CDS_1074%252CDS_1178%252CDS_1185%252CDS_679%252CDS_576%252CDS_166%252CDS_164%252CDS_1210%252CDS_177%252CDS_181%252CDS_1231%252CDS_1203%252CDS_1197%26inskin_desktop_yes%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1635226125&dt=1635226125308&dlt=1635226123263&idt=1342&frm=20&biw=1600&bih=1200&oid=2&adxs=234&adys=2104&adks=2328019530&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&vis=1&dmc=8&scr_x=0&scr_y=0&psz=795x1880&msz=728x-1&ga_vid=2023701743.1635226124&ga_sid=1635226125&ga_hid=629848678&ga_fc=true&fws=128&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
d933a2cea24a2cbfa1c749c127db4f222a425463fbaf8f6fdd24c5a3a2fc3c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17897
x-xss-protection
0
google-lineitem-id
5340011408
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138307786205
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
location.api.useinsider.com/ 		254 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://location.api.useinsider.com/?v=2&pId=10001457&
Requested by
Host: newstraitstimesmalaysia.api.useinsider.com
URL: https://newstraitstimesmalaysia.api.useinsider.com/ins.js?id=10001457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.168.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68353ac443f78deb984d00996402bda635485ccca37bad66f8b84f91ab50ce84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-cache, private
cf-ray
6a4148755c87411a-PRG
content-type
application/json
163522612533673389992bc.aa715a1d
segment.api.useinsider.com/v4/segments/ 		927 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://segment.api.useinsider.com/v4/segments/163522612533673389992bc.aa715a1d?partnerid=10001457&fields=b655cfc098f61bf66cf3bae39bbd05f1,505b61fce79423aad29be4c04f16eb4e&
Requested by
Host: newstraitstimesmalaysia.api.useinsider.com
URL: https://newstraitstimesmalaysia.api.useinsider.com/ins.js?id=10001457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.169.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
794fd6e8fd3e9efba6728cbb7729e6245036343d96cc9241a747e4f1f6fa92c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cf-ray
6a4148755c84411a-PRG
collect
log.api.useinsider.com/v2/ 		42 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5uc3QuY29tLm15L3dvcmxkL3dvcmxkLzIwMjEvMTAvNzM5NjI4L3J1c3NpYW4taGFja2Vycy1iZWhpbmQtZnJlc2gtdXMtY3liZXJhdHRhY2stbWljcm9zb2Z0IiwicmVmZXJlciI6Imh0dHBzOi8vd3d3Lm5zdC5jb20ubXkvd29ybGQvd29ybGQvMjAyMS8xMC83Mzk2MjgvcnVzc2lhbi1oYWNrZXJzLWJlaGluZC1mcmVzaC11cy1jeWJlcmF0dGFjay1taWNyb3NvZnQiLCJ1c2VySWQiOiIxNjM1MjI2MTI1MzM2NzMzODk5OTJiYy5hYTcxNWExZCIsInBsYXRmb3JtIjoid2ViIiwiY3VzdG9tU2VnbWVudElkIjoxOCwibG9nVHlwZSI6ImltcHJlc3Npb24ifQ%3D%3D&t=cs&pn=newstraitstimesmalaysia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.171.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cf-ray
6a414874e81a4114-PRG
content-length
42
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4E08 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.nst.com.my/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 25 Oct 2021 05:07:02 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 26 Oct 2021 05:28:45 GMT
Age
1301
X-Served-By
cache-lga21933-LGA, cache-hhn4071-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 22690
X-Timer
S1635226126.654680,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3908 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nst.com.my/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=50926
expires
Tue, 26 Oct 2021 19:37:31 GMT
date
Tue, 26 Oct 2021 05:28:45 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 66BF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.nst.com.my/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 25 Oct 2021 05:07:02 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 26 Oct 2021 05:28:45 GMT
Age
1301
X-Served-By
cache-lga21933-LGA, cache-hhn4034-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 22343
X-Timer
S1635226126.656416,VS0,VE0
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame ACEE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.nst.com.my/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 26 Oct 2021 05:28:45 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame E82F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.nst.com.my/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 26 Oct 2021 05:28:45 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame 90F2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=535b807e-a2d6-4c96-90c9-88f2121114ef&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=535b807e-a2d6-4c96-90c9-88f2121114ef&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nst.com.my/
accept-encoding
gzip, deflate, br
cookie
i=41039164-7947-4ff4-875b-f90298ae5a0d|1635226125
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=41039164-7947-4ff4-875b-f90298ae5a0d|1635226125; Version=1; Expires=Wed, 26-Oct-2022 05:28:45 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1635226125|gekin0vNiygu; Version=1; Expires=Wed, 10-Nov-2021 05:28:45 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.217.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Oct 2021 05:28:45 GMT
content-type
text/html
content-length
417
content-encoding
gzip
via
1.1 google
alt-svc
clear
showad.js
ads.pubmatic.com/AdServer/js/ Frame 39B0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nst.com.my/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=50926
expires
Tue, 26 Oct 2021 19:37:31 GMT
date
Tue, 26 Oct 2021 05:28:45 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7B42 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nst.com.my/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=50926
expires
Tue, 26 Oct 2021 19:37:31 GMT
date
Tue, 26 Oct 2021 05:28:45 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame BA14 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.nst.com.my/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 25 Oct 2021 05:07:02 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 26 Oct 2021 05:28:45 GMT
Age
1301
X-Served-By
cache-lga21933-LGA, cache-hhn4067-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 22533
X-Timer
S1635226126.654842,VS0,VE0
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame CCF1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=535b807e-a2d6-4c96-90c9-88f2121114ef&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=535b807e-a2d6-4c96-90c9-88f2121114ef&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nst.com.my/
accept-encoding
gzip, deflate, br
cookie
i=41039164-7947-4ff4-875b-f90298ae5a0d|1635226125
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=41039164-7947-4ff4-875b-f90298ae5a0d|1635226125; Version=1; Expires=Wed, 26-Oct-2022 05:28:45 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1635226125|gekin0vNiygu; Version=1; Expires=Wed, 10-Nov-2021 05:28:45 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.217.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Oct 2021 05:28:45 GMT
content-type
text/html
content-length
417
content-encoding
gzip
via
1.1 google
alt-svc
clear
showad.js
ads.pubmatic.com/AdServer/js/ Frame 05F7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nst.com.my/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=50926
expires
Tue, 26 Oct 2021 19:37:31 GMT
date
Tue, 26 Oct 2021 05:28:45 GMT
vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 2E01 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=535b807e-a2d6-4c96-90c9-88f2121114ef&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=535b807e-a2d6-4c96-90c9-88f2121114ef&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nst.com.my/
accept-encoding
gzip, deflate, br
cookie
i=41039164-7947-4ff4-875b-f90298ae5a0d|1635226125
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=41039164-7947-4ff4-875b-f90298ae5a0d|1635226125; Version=1; Expires=Wed, 26-Oct-2022 05:28:45 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1635226125|gekin0vNiygu; Version=1; Expires=Wed, 10-Nov-2021 05:28:45 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.217.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Oct 2021 05:28:45 GMT
content-type
text/html
content-length
417
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame 9F44 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.nst.com.my/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 26 Oct 2021 05:28:45 GMT
Connection
keep-alive
collect
f.clarity.ms/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.24/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://www.nst.com.my
date
Tue, 26 Oct 2021 05:28:46 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
idsync
sync.aralego.com/ Frame C377 		0
0
wtgirl2610_NSTfield_image_listing_featured_v2.var_1635223174.jpg
assets.nst.com.my/images/articles/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/images/articles/wtgirl2610_NSTfield_image_listing_featured_v2.var_1635223174.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff29c8b43098b8cc4ad6ec2f1c90eb705bb73beb780b3621dee7bc91b684281f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
cf-cache-status
HIT
age
2061
cf-polished
qual=85, origFmt=jpeg, origSize=256455
x-guploader-uploadid
ADPycdudKadmxAAPaWuKmI03fPYMPxvPKraa-atyiWrpIf-jXzA-LDWqoYGfmxOUXlM4co7pMsbuoIn_gnFL9FKHwE0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="wtgirl2610_NSTfield_image_listing_featured_v2.webp"
content-length
58160
cf-ray
6a4148757a4ff9d6-PRG
expires
Tue, 26 Oct 2021 06:28:45 GMT
last-modified
Tue, 26 Oct 2021 04:39:36 GMT
server
cloudflare
etag
"c095be52065d23898d4b972e2fa4bbb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=0fOGlw==, md5=wJW+UgZdI4mNS5cuL6S7sA==
x-goog-generation
1635223176474918
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
256455
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
meben26_NSTfield_image_listing_featured_v2.var_1635212503.jpg
assets.nst.com.my/images/articles/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/images/articles/meben26_NSTfield_image_listing_featured_v2.var_1635212503.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200d53517adf1ab1f6e29e336151289561a233c1d07c953b2ad2f715713bbb23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
cf-cache-status
HIT
age
4092
cf-polished
qual=85, origFmt=jpeg, origSize=53018
x-guploader-uploadid
ADPycdtVD-XFidfCHLTsqd8kY0MkLXPZi2CsWXUkL3n9unrWaj6RzTuWIK9WXqY4rctEOGu7W-SwJ2hu5cjEGJlDbSg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="meben26_NSTfield_image_listing_featured_v2.webp"
content-length
43680
cf-ray
6a4148757a58f9d6-PRG
expires
Tue, 26 Oct 2021 06:28:45 GMT
last-modified
Tue, 26 Oct 2021 01:41:44 GMT
server
cloudflare
etag
"1d7eb3a58a3e0e208941b51f9cb330d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=TLS7SQ==, md5=HX6zpYo+DiCJQbUfnLMw1A==
x-goog-generation
1635212504910675
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
53018
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
Alarm_Sudan-MS2510_NSTfield_image_listing_featured_v2.var_1635166723.jpg
assets.nst.com.my/images/articles/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/images/articles/Alarm_Sudan-MS2510_NSTfield_image_listing_featured_v2.var_1635166723.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d54f1bb0e7bb7f7a8d5a4ed048cfb8fac028077d537660033f67c99c3ec7f8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
cf-cache-status
HIT
age
55631
cf-polished
origSize=92391, status=webp_bigger
x-guploader-uploadid
ADPycdt5QRa_J-G0FZjWd7wB8aMQrO1ZQj1qWEI7nKmAXxjmyeIE9cUM2m16qPHP7f_42-9PEWM63txon5lgD28AhmKuLRewwQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
86768
expires
Tue, 26 Oct 2021 06:28:45 GMT
last-modified
Mon, 25 Oct 2021 12:58:45 GMT
server
cloudflare
etag
"7124cf4413cfcb97c2c75899b3787cd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=DLaKvw==, md5=cSTPRBPPy5fCx1iZs3h80A==
x-goog-generation
1635166725840499
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
92391
accept-ranges
bytes
cf-ray
6a4148757a59f9d6-PRG
cf-bgj
imgq:85,h2pri
wtnajib2510_NSTfield_image_listing_featured_v2.var_1635155087.jpg
assets.nst.com.my/images/articles/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/images/articles/wtnajib2510_NSTfield_image_listing_featured_v2.var_1635155087.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d63100ed4bbce728893122b768e7ab006f4a415d8001731899bbf8c0ddea2b93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
cf-cache-status
HIT
age
68443
cf-polished
qual=85, origFmt=jpeg, origSize=363927
x-guploader-uploadid
ADPycdsbXlkvJ4nGOOlPXP3vM6mO0M-HBzGTy8GmdNftnhHktess2RCpyTUqC1Yzp4PczST-bRAQGnljuVdxZj_o9acFtIxGtA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="wtnajib2510_NSTfield_image_listing_featured_v2.webp"
content-length
75210
cf-ray
6a4148757a5af9d6-PRG
expires
Tue, 26 Oct 2021 06:28:45 GMT
last-modified
Mon, 25 Oct 2021 09:44:47 GMT
server
cloudflare
etag
"5220070fc5ca141d5d3baafef853b416"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=KgZUDA==, md5=UiAHD8XKFB1dO6r++FO0Fg==
x-goog-generation
1635155087924415
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
363927
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
Magnum251021_NSTfield_image_listing_featured_v2.var_1635157723.jpg
assets.nst.com.my/images/articles/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/images/articles/Magnum251021_NSTfield_image_listing_featured_v2.var_1635157723.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b2cfccaad64e8d3a7c431218b2924a433c08b3a89f8d003d49da62e8d078c0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
cf-cache-status
HIT
age
66675
cf-polished
qual=85, origFmt=jpeg, origSize=30532
x-guploader-uploadid
ADPycdsvOvYR5clHTEDJ683nFYLhKcV7pFG1bizRQ1icWt-X1ev1W90CbKFq8BbqzRaO9mIdsamJqQZqOfToUsf_QNc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="Magnum251021_NSTfield_image_listing_featured_v2.webp"
content-length
8152
cf-ray
6a4148757a5bf9d6-PRG
expires
Tue, 26 Oct 2021 06:28:45 GMT
last-modified
Mon, 25 Oct 2021 10:28:43 GMT
server
cloudflare
etag
"7f4a1f31cc60ed699bc3e71080b23374"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=HzmJuQ==, md5=f0ofMcxg7Wmbw+cQgLIzdA==
x-goog-generation
1635157723635729
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
30532
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1635226125472&sessionId=06141495-dcc1-51d4-9a29-06af726ecdc8&url=www.nst.com.my&cheqSource=1&cheqEvent=2&responseTime=1275
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 05:28:45 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
c3e904e0d40732296e88d6a9e98b08a9
Content-Length
4
Expires
0
imp.gif
obs.cheqzone.com/tracker/ 		43 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e001369ebc537ec4688999225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163342775a98d5037af473abf8d4e24a5da15bcaf46caa708d3e9a14970f32d3724fa0481a5533ce572eb6c7dbad39bb22aa45cc6d975e7073a7d73c695c23078361828d51f6002ce8e2f162112f4583d45579cf9f591d2d5a72011bbff55404007bb8ea1520d7fee559c5b3002d043cd8fee7cbc522a1d4dd44eb48985d3965d3ee99a59565c68da03288360dd6e7ca2a0a0ae5233ae9821e76bc8bf3278d03ae40e48549c64fcdca78cd6c6190ca24d86491d1ecf08abdb64d38ea3df3fea37d433eaed53792b411b7404602d6095a82d5d5cec5a88334927ad399b1d22cef2e2132d23865d48381406788a866be14ab9f5c803bae704d075bd77baa00ccc9a832ad8a28c91aaadf8e8b34c30a1620a80f4f072e1333d7bb72a54ed7c0c82ea69f6cfa803d9582eef47683b6a85b767999e31153caf8084102f3fce122e06bc9b141b2b97df023e36ec317c608c5fc69d51026f8bcd0336e7c3f5d38015d0bb8a3d07ed869b6594d412fe4b74cd6841b09f6a4dcbbbf70dfebe4fd9ae5a9f14f5321f84186aa446883410807c5304f7b7e820ebd6a0b90f9cb629672927499a128d1aa4ecc39497462712356c284bd856b695fde5a00c0cfcbf8f0d85905d3&cb=1635226125472&cri=qZoslj3QbQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-211-97.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:45 GMT
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type
image/gif
content-length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/tiny-slider.css
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3856414
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
573
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffd-882"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ufdstgLwdQb5gBBrc5wQHeAwuRG%2BO24kZ7%2Fit4QJgoeJBIoUKNe0sAypwVj4wkwuUsORfMg3gffbo4xmlEricA1SIusftrtwP5q2FpA7PyjRFjxTwyfUsGoCGPpvjfUnmp4YBN%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a4148760ddf27c0-PRG
expires
Sun, 16 Oct 2022 05:28:45 GMT
tiny-slider.js
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/tiny-slider.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
080a485f94dee0e757572d6258ffb9faa1bf8876bef1aa5f60e15a81d54c4709
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
470691
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11404
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffd-7bfa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzCFqwGnM5Vt0j4rPPu7jD6oXfUhjAGm5RLkeajvAXxeNTrd6GJkDzKykJYL1GlEnSk5SZgduTqqj2YhKm6aboXQDBlBA8UYgYDixZ1BMYMfp%2Fa3d7OyQI2hJvtcwcb3WfRn01oA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a4148760de227c0-PRG
expires
Sun, 16 Oct 2022 05:28:45 GMT
pageLoad
p-events.ivideosmart.com/prod/v1/ 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p-events.ivideosmart.com/prod/v1/pageLoad?clientCity=Nov%C3%A9%20Mesto%20nad%20V%C3%A1hom&clientConnType=Corporate&clientCountry=SK&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&clientIsp=KeepItSafe%2C%20Inc&containerID=ivsplayer01&cpID=3001495&cpName=New%20Straits%20Times&device=others&domainAppName=www.nst.com.my&engVersion=0&eventAction=pageLoad&eventPlayhead=0&eventStarted=mute&eventTime=969&isOutstream=0&pageArticleID=84009314b104f76c5825cbac6729525e&pageID=1635226124537-6d7690f5a6231&playerFlag=AD_nAndmTimePlay&playerMajorVersion=4&playerVersion=v4.84.3&productID=2d81b656-7311&productName=IVSN&referrer=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&spID=3001496&spName=New%20Straits%20Times&videoDuration=30&videoID=1782838&videoPlayedDuration=0&videoRequestId=1635226124589-2c04a504c75c8&videoTitle=Petra%20Jaya%20Hospital%20expected%20to%20begin%20operations%20in%202024&videoType=ivideostream&__token__=st=1635226125~exp=1635233325~acl=/*~id=0eqdad7c7brf~hmac=625ae2b5b216844ec215687f457bd3e300789eae14f5dd7c9844f3e1fbbaf4aa
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.nst.com.my
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Forward-Proto
http
Akamai-Mon-Iucid-Del
1190329
CDN-Origin-Protocol
HTTP
Content-Length
0
Content-Type
application/json
playerViewable
p-events.ivideosmart.com/prod/v1/ 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p-events.ivideosmart.com/prod/v1/playerViewable?clientCity=Nov%C3%A9%20Mesto%20nad%20V%C3%A1hom&clientConnType=Corporate&clientCountry=SK&clientGroup=000&clientID=00000000-0000-0000-0000-000000000000&clientIsp=KeepItSafe%2C%20Inc&containerID=ivsplayer01&cpID=3001495&cpName=New%20Straits%20Times&device=others&domainAppName=www.nst.com.my&engVersion=0&eventAction=playerViewable&eventPlayhead=0&eventStarted=mute&eventTime=971&isOutstream=0&pageArticleID=84009314b104f76c5825cbac6729525e&pageID=1635226124537-6d7690f5a6231&playerFlag=AD_nAndmTimePlay&playerMajorVersion=4&playerVersion=v4.84.3&productID=2d81b656-7311&productName=IVSN&referrer=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&spID=3001496&spName=New%20Straits%20Times&videoDuration=30&videoID=1782838&videoPlayedDuration=0&videoRequestId=1635226124589-2c04a504c75c8&videoTitle=Petra%20Jaya%20Hospital%20expected%20to%20begin%20operations%20in%202024&videoType=ivideostream&__token__=st=1635226125~exp=1635233325~acl=/*~id=0eqdad7c7brf~hmac=625ae2b5b216844ec215687f457bd3e300789eae14f5dd7c9844f3e1fbbaf4aa
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.nst.com.my
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Forward-Proto
http
Akamai-Mon-Iucid-Del
1190329
CDN-Origin-Protocol
HTTP
Content-Length
0
Content-Type
application/json
truncated
/ 		540 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd5a327cacc6d55aaf0fbd27f6c312e0dfeac90d75c625ef085d0b7cf076886c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		813 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
828e2359ff39cad670818dd76a29609e0f30f217b6b59a58094328cf67d1c59f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=542465142768040&correlator=2503072060721882&output=ldjh&impl=fifs&eid=31063136%2C31063263%2C31062524&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=1009103%2CNST_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=site%3Dnst%26section%3Dworld%26pos%3Darticle%26key%3DUS%2CRussia%2Cit%2Capril%2CWashington%2Cespionage%2CMicrosoft%2C300%2CMoscow%2Chacking%2Chack%2CTom%2520Burt%2Cxnstp%2CDan%2520Ives%2CBurt%2CMSTIC%2CThreat%2520Intelligence%2520Center%2C000-strong%26pwtsid_pubmatic%3D47ffc2905b2b815%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=lotauds%3DDS_1070%252CDS_1196%252CDS_659%252CDS_1175%252CDS_1186%252CDS_757%252CDS_1596%252CDS_1327%252Cca_173%252CDS_664%252CDS_1199%252CDS_560%252Cca_012%252CDS_141%252CDS_1192%252CDS_1202%252CDS_1182%252CDS_1194%252CDS_644%252CDS_1209%252CDS_658%252CDS_1174%252Cca_020%252CDS_1177%252CDS_1173%252CDS_1620%252CDS_1610%252Cca_494%252Cca_016%252CDS_1076%252CDS_559%252CDS_1201%252CDS_1187%252CDS_1054%252CDS_150%252CDS_647%252CDS_526%252CDS_1303%252CDS_629%252CDS_1382%252Cca_019%252CDS_670%252CDS_1195%252CDS_530%252CDS_1396%252CDS_1176%252CDS_1325%252CDS_1389%252CDS_712%252CDS_750%252CDS_654%252CDS_1200%252CDS_1060%252CDS_1193%252CDS_168%252CDS_1307%252CDS_175%252CDS_633%252CDS_528%252CDS_1188%252CDS_574%252CDS_678%252CDS_1071%252CDS_1181%252CDS_1206%252CDS_657%252CDS_1184%252Cca_176%252CDS_639%252CDS_1180%252CDS_652%252CDS_638%252Cca_230%252CDS_640%252CDS_1311%252Cca_021%252CDS_1204%252CDS_558%252CDS_1314%252CDS_176%252CDS_665%252CDS_714%252Cca_171%252CDS_1171%252CDS_625%252CDS_696%252CDS_1189%252Cca_080%252CDS_1309%252CDS_756%252CDS_1621%252CDS_738%252Cca_102%252Cca_174%252Cca_177%252CDS_525%252CDS_1172%252Cca_022%252CDS_1601%252CDS_671%252CDS_167%252CDS_1388%252CDS_1198%252CDS_1207%252CDS_523%252CDS_653%252Cca_038%252CDS_645%252CDS_1385%252CDS_1219%252CDS_674%252CDS_650%252CDS_677%252CDS_641%252CDS_1191%252CDS_1208%252CDS_512%252CDS_646%252CDS_1078%252CDS_1190%252CDS_1395%252CDS_1383%252CDS_1604%252CDS_1081%252CDS_1205%252CDS_656%252CDS_675%252CDS_662%252CDS_1384%252CDS_553%252CDS_672%252CDS_1394%252Cca_036%252CDS_1324%252CDS_1051%252Call%252CDS_643%252CDS_1061%252CDS_1179%252CDS_1074%252CDS_1178%252CDS_1185%252CDS_679%252CDS_576%252CDS_166%252CDS_164%252CDS_1210%252CDS_177%252CDS_181%252CDS_1231%252CDS_1203%252CDS_1197%26inskin_desktop_yes%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1635226125&dt=1635226125646&dlt=1635226123263&idt=1342&frm=20&biw=1600&bih=1200&oid=2&adxs=1010&adys=152&adks=1728226594&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&vis=1&dmc=8&scr_x=0&scr_y=0&psz=405x2627&msz=300x0&ga_vid=2023701743.1635226124&ga_sid=1635226125&ga_hid=629848678&ga_fc=true&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
44f46c8b13ee24c473d9c9605a1df324cbbf26eb47625ca34d7bb8ed8560da37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8962
x-xss-protection
0
google-lineitem-id
5818772300
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138368888335
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
hit
hit.api.useinsider.com/ 		16 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hit.api.useinsider.com/hit
Requested by
Host: newstraitstimesmalaysia.api.useinsider.com
URL: https://newstraitstimesmalaysia.api.useinsider.com/ins.js?id=10001457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.169.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
request-id
583c482d-beab-46bf-a838-4f8b686c9b43
cf-ray
6a4148770e56411a-PRG
content-length
16
vodus-mp.js
api.vodus.com/cc/scripts/ 		2 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.vodus.com/cc/scripts/vodus-mp.js?v=1635226125764
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.98.74 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5224e0d0f42b4b7b5157aea952edca48312aed15ccef397b4c731dbdc0e75c54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:45 GMT
content-encoding
gzip
etag
"1d7c3234636f8cd"
last-modified
Sun, 17 Oct 2021 06:50:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
916
v1
prg.smartadserver.com/prebid/ 		815 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
298b3071e789b3d36913814f319e6a973fcb6ef5dcd0514b135727a6c3d171cb

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:46 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b16%3b84
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
arj
mediaprima-d.openx.net/w/1.0/ 		172 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mediaprima-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=28adc7eb-1432-4e2e-8446-6c2e99ea0ba7&nocache=1635226125891&pubcid=41039164-7947-4ff4-875b-f90298ae5a0d&aus=300x250%2C300x600&divIds=div-gpt-ad-1497838820026-0&auid=543531563
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
8e092967f74b579ae1700b233cd0900c3c728360179dfbcc16cff9e9201e9cab

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:46 GMT
content-encoding
gzip
server
OXGW/16.217.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.nst.com.my
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=503579&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2261833bd7a9604d6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2262ee64329d435a2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503579%22%2C%22sid%22%3A%225%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22634c93f643984bc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503579%22%2C%22sid%22%3A%225%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b0e47ef0aee38750e68139747cf5e05d9f48d501bdccee58da9dd0831b026182

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:46 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.217], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nst.com.my
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Tue, 26 Oct 2021 05:28:46 GMT
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nst.com.my
date
Tue, 26 Oct 2021 05:28:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		53 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 05:28:46 GMT
X-Proxy-Origin
216.131.114.217; 216.131.114.217; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
582adff2-4102-413b-aabb-69771bc6e2b1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nst.com.my
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bridge3.486.2_en.html
imasdk.googleapis.com/js/core/ Frame F818 		0
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 26 Oct 2021 05:28:46 GMT
default-hotspots.js
player.ivideosmart.com/ivshotspots/js/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivshotspots/js/default-hotspots.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9ac442b673ba2d232f592393f82260ece7d59a4105aab8894586cfedbdb340ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 26 Oct 2021 05:28:46 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
LHR61-C1
Connection
keep-alive
Akamai-Mon-Iucid-Del
1125181
Content-Length
10806
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Tue, 21 Sep 2021 09:40:54 GMT
Server
AmazonS3
ETag
W/"3b1c936b69d69f0174ccc87f29308378"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
K9Vs-_-BMPZaE8Y80CC-kJLRH-DJgV6ScN3KV8mE3S7hm5rE9ezP1Q==
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&page-ref=&charset=utf-8&brows...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&page-ref&charset=utf-8&brow...
167 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyyr48ospah85ar%3Afp%3A1048%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A2%3Adp%3A0%3Als%3A8729165474%3Ahid%3A253787053%3Az%3A0%3Ai%3A202101026052845%3Aet%3A1635226126%3Ac%3A1%3Arn%3A660572560%3Arqn%3A1%3Au%3A1635226126732349688%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635226122394%3Ads%3A18%2C37%2C809%2C75%2C0%2C0%2C%2C77%2C0%2C1171%2C1171%2C2%2C1049%3Adsn%3A18%2C37%2C809%2C75%2C0%2C0%2C%2C5%2C0%2C1170%2C1170%2C3%2C1049%3Aco%3A0%3Ast%3A1635226126&t=gdpr%2814%29ti%282%29
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
b673444dccaee520d7ac885452590d06ecabaf158188308c8a6bd44f4ee8ac86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:46 GMT
x-content-type-options
nosniff
last-modified
Tue, 26-Oct-2021 05:28:46 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nst.com.my
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Tue, 26-Oct-2021 05:28:46 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:46 GMT
last-modified
Tue, 26-Oct-2021 05:28:46 GMT
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyyr48ospah85ar%3Afp%3A1048%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A2%3Adp%3A0%3Als%3A8729165474%3Ahid%3A253787053%3Az%3A0%3Ai%3A202101026052845%3Aet%3A1635226126%3Ac%3A1%3Arn%3A660572560%3Arqn%3A1%3Au%3A1635226126732349688%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635226122394%3Ads%3A18%2C37%2C809%2C75%2C0%2C0%2C%2C77%2C0%2C1171%2C1171%2C2%2C1049%3Adsn%3A18%2C37%2C809%2C75%2C0%2C0%2C%2C5%2C0%2C1170%2C1170%2C3%2C1049%3Aco%3A0%3Ast%3A1635226126&t=gdpr%2814%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.nst.com.my
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 26-Oct-2021 05:28:46 GMT
1
mc.yandex.ru/watch/49007009/
Redirect Chain
  • https://mc.yandex.ru/watch/49007009?wmode=7&page-url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&charset=utf-8&browser-...
  • https://mc.yandex.ru/watch/49007009/1?wmode=7&page-url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&charset=utf-8&browse...
350 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/49007009/1?wmode=7&page-url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyyr48ospah85ar%3Afp%3A1048%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A294707275812%3Ahid%3A253787053%3Az%3A0%3Ai%3A202101026052845%3Aet%3A1635226126%3Ac%3A1%3Arn%3A528232888%3Arqn%3A1%3Au%3A1635226126732349688%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635226122394%3Ads%3A18%2C37%2C809%2C75%2C0%2C0%2C%2C77%2C0%2C1171%2C1171%2C2%2C1049%3Adsn%3A18%2C37%2C809%2C75%2C0%2C0%2C%2C5%2C0%2C1170%2C1170%2C3%2C1049%3Aco%3A0%3Arqnl%3A1%3Ast%3A1635226126%3At%3ARussian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&t=gdpr%2814%29ti%282%29
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
f83e10a26b56cd40a0d1329b2129e6ac391d69982444cd6edbff8adce2643784
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:46 GMT
x-content-type-options
nosniff
last-modified
Tue, 26-Oct-2021 05:28:46 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nst.com.my
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Tue, 26-Oct-2021 05:28:46 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:46 GMT
last-modified
Tue, 26-Oct-2021 05:28:46 GMT
location
/watch/49007009/1?wmode=7&page-url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyyr48ospah85ar%3Afp%3A1048%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A294707275812%3Ahid%3A253787053%3Az%3A0%3Ai%3A202101026052845%3Aet%3A1635226126%3Ac%3A1%3Arn%3A528232888%3Arqn%3A1%3Au%3A1635226126732349688%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635226122394%3Ads%3A18%2C37%2C809%2C75%2C0%2C0%2C%2C77%2C0%2C1171%2C1171%2C2%2C1049%3Adsn%3A18%2C37%2C809%2C75%2C0%2C0%2C%2C5%2C0%2C1170%2C1170%2C3%2C1049%3Aco%3A0%3Arqnl%3A1%3Ast%3A1635226126%3At%3ARussian%20hackers%20behind%20fresh%20US%20cyberattack%3A%20Microsoft&t=gdpr%2814%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.nst.com.my
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 26-Oct-2021 05:28:46 GMT
3001495-1782838-720-master.m3u8
3001496-new-straits-times.cf.ivideosmart.com/3001495/1782838/ 		653 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://3001496-new-straits-times.cf.ivideosmart.com/3001495/1782838/3001495-1782838-720-master.m3u8?Expires=1635233325&Key-Pair-Id=K2NBAOB0YS34PG&Signature=C9gwPSMQcjAA3TU6saztvz~BTdg5ENZVqPHi5ZrjJnV1A32sLa6YDrC2JHSUL7cMk3q5~nfQod5NpUXO1yuDb9v6ehGjx6S0VUe4H88B-klnrm-qMDE0iyOiJILGFqYuCR~eno7gCj7uxCePK0KtyyJzZZMHgAvTcBO-mpreQxkv-C51gHFqrl64Yf54dhfzZUOKDM~7oBJc8xWT9QElW6uOj8yktbyGzTVhDERm7hnO3620pQUfOpnwXeKVNSaG13U5T1dgfLc6bQnI52DTYtiY2-NhYunhdfHxZN9ulMSodgtKYRsY9fEpYqi3IaRCJTYWiZu8-TSLa5ZPHmmQig__
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
753584f46703a628d123654f8374f810ec4eaff6f8474beafc1eadcea7a6f91b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:47 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
content-length
653
last-modified
Sun, 26 Sep 2021 11:51:45 GMT
server
AmazonS3
etag
"e0cae4d95f824a0d8a760ec95502e012"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
https://www.nst.com.my
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
mOWJD41H__DX-CQwQB9-Gb_QXrfyPmD3nB2VH_TKyouMVcaFFsPTlg==
shares-post.json
api-public.addthis.com/url/serviceapi/ 		2 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
surrogate-key
sFbt=https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
last-modified
Tue, 26 Oct 2021 05:00:00 GMT
server
nginx/1.15.8
date
Tue, 26 Oct 2021 05:28:46 GMT
content-type
application/json
access-control-allow-origin
https://www.nst.com.my
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
shares.json
api-public.addthis.com/url/ 		33 B
338 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&callback=_ate.cbs.rcb_drfj0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
d3cf33b63eb0628996513da291795b90a0d745055fe9d7b9a1ef7aeab0f82688
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
last-modified
Tue, 26 Oct 2021 05:28:46 GMT
server
nginx/1.15.8
date
Tue, 26 Oct 2021 05:28:46 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
53
shares.json
api-public.addthis.com/url/ 		33 B
338 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&callback=_ate.cbs.rcb_8d2q0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
0763dc88e8ecca9d2ed938724ed3214b08f4e257b549f3fe5940eb93dc210e82
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
last-modified
Tue, 26 Oct 2021 05:28:46 GMT
server
nginx/1.15.8
date
Tue, 26 Oct 2021 05:28:46 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
53
ads
securepubads.g.doubleclick.net/gampad/ 		970 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=542465142768040&correlator=2212151000562326&output=ldjh&impl=fifs&eid=31063136%2C31063263%2C31062524&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=1009103%2CNST_Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=pwtsid_pubmatic%3D48e307ba411f6ce%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=lotauds%3DDS_1070%252CDS_1196%252CDS_659%252CDS_1175%252CDS_1186%252CDS_757%252CDS_1596%252CDS_1327%252Cca_173%252CDS_664%252CDS_1199%252CDS_560%252Cca_012%252CDS_141%252CDS_1192%252CDS_1202%252CDS_1182%252CDS_1194%252CDS_644%252CDS_1209%252CDS_658%252CDS_1174%252Cca_020%252CDS_1177%252CDS_1173%252CDS_1620%252CDS_1610%252Cca_494%252Cca_016%252CDS_1076%252CDS_559%252CDS_1201%252CDS_1187%252CDS_1054%252CDS_150%252CDS_647%252CDS_526%252CDS_1303%252CDS_629%252CDS_1382%252Cca_019%252CDS_670%252CDS_1195%252CDS_530%252CDS_1396%252CDS_1176%252CDS_1325%252CDS_1389%252CDS_712%252CDS_750%252CDS_654%252CDS_1200%252CDS_1060%252CDS_1193%252CDS_168%252CDS_1307%252CDS_175%252CDS_633%252CDS_528%252CDS_1188%252CDS_574%252CDS_678%252CDS_1071%252CDS_1181%252CDS_1206%252CDS_657%252CDS_1184%252Cca_176%252CDS_639%252CDS_1180%252CDS_652%252CDS_638%252Cca_230%252CDS_640%252CDS_1311%252Cca_021%252CDS_1204%252CDS_558%252CDS_1314%252CDS_176%252CDS_665%252CDS_714%252Cca_171%252CDS_1171%252CDS_625%252CDS_696%252CDS_1189%252Cca_080%252CDS_1309%252CDS_756%252CDS_1621%252CDS_738%252Cca_102%252Cca_174%252Cca_177%252CDS_525%252CDS_1172%252Cca_022%252CDS_1601%252CDS_671%252CDS_167%252CDS_1388%252CDS_1198%252CDS_1207%252CDS_523%252CDS_653%252Cca_038%252CDS_645%252CDS_1385%252CDS_1219%252CDS_674%252CDS_650%252CDS_677%252CDS_641%252CDS_1191%252CDS_1208%252CDS_512%252CDS_646%252CDS_1078%252CDS_1190%252CDS_1395%252CDS_1383%252CDS_1604%252CDS_1081%252CDS_1205%252CDS_656%252CDS_675%252CDS_662%252CDS_1384%252CDS_553%252CDS_672%252CDS_1394%252Cca_036%252CDS_1324%252CDS_1051%252Call%252CDS_643%252CDS_1061%252CDS_1179%252CDS_1074%252CDS_1178%252CDS_1185%252CDS_679%252CDS_576%252CDS_166%252CDS_164%252CDS_1210%252CDS_177%252CDS_181%252CDS_1231%252CDS_1203%252CDS_1197%26inskin_desktop_yes%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1635226126&dt=1635226126025&dlt=1635226123263&idt=1342&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=3654439494&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=2023701743.1635226124&ga_sid=1635226125&ga_hid=629848678&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
838a0754f89d844556ba3d4ea7e5886b48c9de9d796719e1a9f48575006a5ae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
534
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads_2021102101.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021102101.js?cb=31063263
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
20de046ccbac77d387a0ae9aa99bf88971dda9c28b725ade7dc266011bafe92d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13421
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 08:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 05:28:46 GMT
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHXukbZ-QMssgT0XLJzWUdbXe0h8CcCWKMevV8zcSShGwAIkwuK2hZTn6uK3-6ER3kotd3GtHBsq6dbyvbKWxpebsA2jkTTE_vttFy0EFVqRsrmelNQdTYIxpuPgeTfZSGH2GFlpu4x1x6D6WODkjlfwISsAEZcASacBqWidk8MK7vf3iKYD1uVO9OzXlNHb-Wfoo4auluaO-4TWFX9wGkl3W9BTggNAuDlFmwH7LnWI1p0HUDB4VGNvL9JlCTs588xd5nD50VF31TmFt-HOregJd6R8RPYvUoTNk3d90AdaI-l8jKmbMOeaEjczY0uBEuoncEzovJ8BOeu7-sRkneNQ&sig=Cg0ArKJSzCMIGQ8mhmE1EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 05:28:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 26 Oct 2021 05:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 05:27:35 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:21:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 05:21:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 26 Oct 2021 05:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 05:28:46 GMT
2491568092358929240
tpc.googlesyndication.com/simgad/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2491568092358929240
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
56403487b9febac7f3d89dbf3ab8b6c89f1f6b608ebeb14fecf0ad756b9fe6d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:29:44 GMT
x-content-type-options
nosniff
age
428342
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
95050
x-xss-protection
0
last-modified
Wed, 01 Apr 2020 09:28:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Oct 2022 06:29:44 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
27cf5ee5ae2f3f496bbdc1cda924a35eba5003163589044a7a6b6c56aa335d4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 05:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8570
x-xss-protection
0
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=6c332515d61c5e67da75ccde4193d1d8_3508_1635226125296&tm=2021&eT=0&widgetWidth=0&widgetHeight=0&widgetX=0&widgetY=0&wRV=2000484&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=1196&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 26 Oct 2021 05:28:46 GMT
content-encoding
gzip
X-TraceId
b80e3e63680b107aa5f42619b9033100
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nst.com.my
date
Tue, 26 Oct 2021 05:28:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		53 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 05:28:46 GMT
X-Proxy-Origin
216.131.114.217; 216.131.114.217; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c13e97bd-cec6-4d6e-8666-1158267b9890
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nst.com.my
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nst.com.my
date
Tue, 26 Oct 2021 05:28:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
622.json
id5-sync.com/g/v2/ 		213 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/622.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.47 , Germany, ASN16276 (OVH, FR),
Reverse DNS
p02.id5-sync.com
Software
/
Resource Hash
6dc49e64c55df20931a1ffb638364e2efb42e65b692dd4aa5759c6868ae2294e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.nst.com.my
Date
Tue, 26 Oct 2021 05:28:40 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		44 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 05:28:46 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.nst.com.my
access-control-allow-credentials
true
alt-svc
clear
content-length
44
id
id.crwdcntrl.net/ 		154 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?fp=b4c56f95bac52e3b10afe9f58c865b97
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
f6811758de71db83adc969de9f51a0b249b3a228e0ac701aca211802458c7d76

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache
x-server
10.45.20.211
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
rid
match.adsrvr.org/track/ 		109 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
b0e5f79c37d09a5c3207d815d266c8d85526e57546a73c0cbbcbdc2230190bcf

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 05:28:46 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nst.com.my
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Thu, 25 Nov 2021 05:28:46 GMT
1574304145947553
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1574304145947553?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
596d1162b5761bba0b28f0454e88472bd0a91664f00a84c5b89187934f94b758
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
svyCkrJ+n3cgHpbuN21atSUvr2rYvVeRlZ2KJr6vzP4kTbUfF1L/B50wcoqK38eSTInzqf2bnQipBPOwyndljA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 26 Oct 2021 05:28:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=283031649327915&ev=PageView&dl=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&rl=&if=false&ts=1635226126202&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.2.1635226125156.314776689&it=1635226124129&coo=false&rqm=GET
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 26 Oct 2021 05:28:46 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=542465142768040&correlator=2135858234528414&output=ldjh&impl=fifs&eid=31063136%2C31063263%2C31062524&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=1009103%2CNST_Island_Ad_400x200&enc_prev_ius=%2F0%2F1&prev_iu_szs=400x200%7C300x250&prev_scp=site%3Dnst%26section%3Dworld%26pos%3Darticle%26key%3DUS%2CRussia%2Cit%2Capril%2CWashington%2Cespionage%2CMicrosoft%2C300%2CMoscow%2Chacking%2Chack%2CTom%2520Burt%2Cxnstp%2CDan%2520Ives%2CBurt%2CMSTIC%2CThreat%2520Intelligence%2520Center%2C000-strong%26pwtsid_pubmatic%3D5083d1e709956c1%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=lotauds%3DDS_1070%252CDS_1196%252CDS_659%252CDS_1175%252CDS_1186%252CDS_757%252CDS_1596%252CDS_1327%252Cca_173%252CDS_664%252CDS_1199%252CDS_560%252Cca_012%252CDS_141%252CDS_1192%252CDS_1202%252CDS_1182%252CDS_1194%252CDS_644%252CDS_1209%252CDS_658%252CDS_1174%252Cca_020%252CDS_1177%252CDS_1173%252CDS_1620%252CDS_1610%252Cca_494%252Cca_016%252CDS_1076%252CDS_559%252CDS_1201%252CDS_1187%252CDS_1054%252CDS_150%252CDS_647%252CDS_526%252CDS_1303%252CDS_629%252CDS_1382%252Cca_019%252CDS_670%252CDS_1195%252CDS_530%252CDS_1396%252CDS_1176%252CDS_1325%252CDS_1389%252CDS_712%252CDS_750%252CDS_654%252CDS_1200%252CDS_1060%252CDS_1193%252CDS_168%252CDS_1307%252CDS_175%252CDS_633%252CDS_528%252CDS_1188%252CDS_574%252CDS_678%252CDS_1071%252CDS_1181%252CDS_1206%252CDS_657%252CDS_1184%252Cca_176%252CDS_639%252CDS_1180%252CDS_652%252CDS_638%252Cca_230%252CDS_640%252CDS_1311%252Cca_021%252CDS_1204%252CDS_558%252CDS_1314%252CDS_176%252CDS_665%252CDS_714%252Cca_171%252CDS_1171%252CDS_625%252CDS_696%252CDS_1189%252Cca_080%252CDS_1309%252CDS_756%252CDS_1621%252CDS_738%252Cca_102%252Cca_174%252Cca_177%252CDS_525%252CDS_1172%252Cca_022%252CDS_1601%252CDS_671%252CDS_167%252CDS_1388%252CDS_1198%252CDS_1207%252CDS_523%252CDS_653%252Cca_038%252CDS_645%252CDS_1385%252CDS_1219%252CDS_674%252CDS_650%252CDS_677%252CDS_641%252CDS_1191%252CDS_1208%252CDS_512%252CDS_646%252CDS_1078%252CDS_1190%252CDS_1395%252CDS_1383%252CDS_1604%252CDS_1081%252CDS_1205%252CDS_656%252CDS_675%252CDS_662%252CDS_1384%252CDS_553%252CDS_672%252CDS_1394%252Cca_036%252CDS_1324%252CDS_1051%252Call%252CDS_643%252CDS_1061%252CDS_1179%252CDS_1074%252CDS_1178%252CDS_1185%252CDS_679%252CDS_576%252CDS_166%252CDS_164%252CDS_1210%252CDS_177%252CDS_181%252CDS_1231%252CDS_1203%252CDS_1197%26inskin_desktop_yes%3Dtrue&cookie=ID%3D09b4fa402ea27937%3AT%3D1635226125%3AS%3DALNI_MZASOLitNw4ukMJAScH5flt9Xl8Ag&bc=31&abxe=1&lmt=1635226126&dt=1635226126215&dlt=1635226123263&idt=1342&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=2628638369&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H92ExXKrK_S64bsIJw7E8usrni65RXuJPp0D0jZaaqWxAB81VSLudN7ZJflWN5TI9P4q-q67-4%2CAGkb-H9whM-plXrtQbEcSyC_pQWse3yQISkBkFrS6ptqbFX-HA2sSUUVU9YoMwQ8Zox4ajKTLYV426Y%2CAGkb-H8cSZl11uXbBhL_Yg-fibTQApad6K_KD6EbKXfPoH6Ia9x4UqrjlkpiTFWRx8T0PbUAJvhGQZU&ga_vid=2023701743.1635226124&ga_sid=1635226125&ga_hid=629848678&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
86f10078e62c98e55ec569665babe860af9f50a4b4684a575a9bf97c91f70f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10548
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nst.com.my
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=542465142768040&correlator=2414103593951882&output=ldjh&impl=fifs&eid=31063136%2C31063263%2C31062524&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=1009103%2C970x250_NST&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=site%3Dnst%26section%3Dworld%26pos%3Darticle%26key%3DUS%2CRussia%2Cit%2Capril%2CWashington%2Cespionage%2CMicrosoft%2C300%2CMoscow%2Chacking%2Chack%2CTom%2520Burt%2Cxnstp%2CDan%2520Ives%2CBurt%2CMSTIC%2CThreat%2520Intelligence%2520Center%2C000-strong%26pwtsid_pubmatic%3D515fdfb2e6eef8c%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=lotauds%3DDS_1070%252CDS_1196%252CDS_659%252CDS_1175%252CDS_1186%252CDS_757%252CDS_1596%252CDS_1327%252Cca_173%252CDS_664%252CDS_1199%252CDS_560%252Cca_012%252CDS_141%252CDS_1192%252CDS_1202%252CDS_1182%252CDS_1194%252CDS_644%252CDS_1209%252CDS_658%252CDS_1174%252Cca_020%252CDS_1177%252CDS_1173%252CDS_1620%252CDS_1610%252Cca_494%252Cca_016%252CDS_1076%252CDS_559%252CDS_1201%252CDS_1187%252CDS_1054%252CDS_150%252CDS_647%252CDS_526%252CDS_1303%252CDS_629%252CDS_1382%252Cca_019%252CDS_670%252CDS_1195%252CDS_530%252CDS_1396%252CDS_1176%252CDS_1325%252CDS_1389%252CDS_712%252CDS_750%252CDS_654%252CDS_1200%252CDS_1060%252CDS_1193%252CDS_168%252CDS_1307%252CDS_175%252CDS_633%252CDS_528%252CDS_1188%252CDS_574%252CDS_678%252CDS_1071%252CDS_1181%252CDS_1206%252CDS_657%252CDS_1184%252Cca_176%252CDS_639%252CDS_1180%252CDS_652%252CDS_638%252Cca_230%252CDS_640%252CDS_1311%252Cca_021%252CDS_1204%252CDS_558%252CDS_1314%252CDS_176%252CDS_665%252CDS_714%252Cca_171%252CDS_1171%252CDS_625%252CDS_696%252CDS_1189%252Cca_080%252CDS_1309%252CDS_756%252CDS_1621%252CDS_738%252Cca_102%252Cca_174%252Cca_177%252CDS_525%252CDS_1172%252Cca_022%252CDS_1601%252CDS_671%252CDS_167%252CDS_1388%252CDS_1198%252CDS_1207%252CDS_523%252CDS_653%252Cca_038%252CDS_645%252CDS_1385%252CDS_1219%252CDS_674%252CDS_650%252CDS_677%252CDS_641%252CDS_1191%252CDS_1208%252CDS_512%252CDS_646%252CDS_1078%252CDS_1190%252CDS_1395%252CDS_1383%252CDS_1604%252CDS_1081%252CDS_1205%252CDS_656%252CDS_675%252CDS_662%252CDS_1384%252CDS_553%252CDS_672%252CDS_1394%252Cca_036%252CDS_1324%252CDS_1051%252Call%252CDS_643%252CDS_1061%252CDS_1179%252CDS_1074%252CDS_1178%252CDS_1185%252CDS_679%252CDS_576%252CDS_166%252CDS_164%252CDS_1210%252CDS_177%252CDS_181%252CDS_1231%252CDS_1203%252CDS_1197%26inskin_desktop_yes%3Dtrue&cookie=ID%3D09b4fa402ea27937%3AT%3D1635226125%3AS%3DALNI_MZASOLitNw4ukMJAScH5flt9Xl8Ag&bc=31&abxe=1&lmt=1635226126&dt=1635226126234&dlt=1635226123263&idt=1342&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=94056655&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H92ExXKrK_S64bsIJw7E8usrni65RXuJPp0D0jZaaqWxAB81VSLudN7ZJflWN5TI9P4q-q67-4%2CAGkb-H9whM-plXrtQbEcSyC_pQWse3yQISkBkFrS6ptqbFX-HA2sSUUVU9YoMwQ8Zox4ajKTLYV426Y%2CAGkb-H8cSZl11uXbBhL_Yg-fibTQApad6K_KD6EbKXfPoH6Ia9x4UqrjlkpiTFWRx8T0PbUAJvhGQZU&ga_vid=2023701743.1635226124&ga_sid=1635226125&ga_hid=629848678&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
0f5fd8fd304c26e98b9ec45b747d9df6230423efbebefd6d6b7a30ea589a7677
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17363
x-xss-protection
0
google-lineitem-id
5816919276
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138368481999
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=542465142768040&correlator=3515408644296499&output=ldjh&impl=fifs&eid=31063136%2C31063263%2C31062524&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=1009103%2CNST_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&prev_scp=site%3Dnst%26section%3Dworld%26pos%3Darticle%26key%3DUS%2CRussia%2Cit%2Capril%2CWashington%2Cespionage%2CMicrosoft%2C300%2CMoscow%2Chacking%2Chack%2CTom%2520Burt%2Cxnstp%2CDan%2520Ives%2CBurt%2CMSTIC%2CThreat%2520Intelligence%2520Center%2C000-strong%26pwtsid_pubmatic%3D49d002adc133078%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=lotauds%3DDS_1070%252CDS_1196%252CDS_659%252CDS_1175%252CDS_1186%252CDS_757%252CDS_1596%252CDS_1327%252Cca_173%252CDS_664%252CDS_1199%252CDS_560%252Cca_012%252CDS_141%252CDS_1192%252CDS_1202%252CDS_1182%252CDS_1194%252CDS_644%252CDS_1209%252CDS_658%252CDS_1174%252Cca_020%252CDS_1177%252CDS_1173%252CDS_1620%252CDS_1610%252Cca_494%252Cca_016%252CDS_1076%252CDS_559%252CDS_1201%252CDS_1187%252CDS_1054%252CDS_150%252CDS_647%252CDS_526%252CDS_1303%252CDS_629%252CDS_1382%252Cca_019%252CDS_670%252CDS_1195%252CDS_530%252CDS_1396%252CDS_1176%252CDS_1325%252CDS_1389%252CDS_712%252CDS_750%252CDS_654%252CDS_1200%252CDS_1060%252CDS_1193%252CDS_168%252CDS_1307%252CDS_175%252CDS_633%252CDS_528%252CDS_1188%252CDS_574%252CDS_678%252CDS_1071%252CDS_1181%252CDS_1206%252CDS_657%252CDS_1184%252Cca_176%252CDS_639%252CDS_1180%252CDS_652%252CDS_638%252Cca_230%252CDS_640%252CDS_1311%252Cca_021%252CDS_1204%252CDS_558%252CDS_1314%252CDS_176%252CDS_665%252CDS_714%252Cca_171%252CDS_1171%252CDS_625%252CDS_696%252CDS_1189%252Cca_080%252CDS_1309%252CDS_756%252CDS_1621%252CDS_738%252Cca_102%252Cca_174%252Cca_177%252CDS_525%252CDS_1172%252Cca_022%252CDS_1601%252CDS_671%252CDS_167%252CDS_1388%252CDS_1198%252CDS_1207%252CDS_523%252CDS_653%252Cca_038%252CDS_645%252CDS_1385%252CDS_1219%252CDS_674%252CDS_650%252CDS_677%252CDS_641%252CDS_1191%252CDS_1208%252CDS_512%252CDS_646%252CDS_1078%252CDS_1190%252CDS_1395%252CDS_1383%252CDS_1604%252CDS_1081%252CDS_1205%252CDS_656%252CDS_675%252CDS_662%252CDS_1384%252CDS_553%252CDS_672%252CDS_1394%252Cca_036%252CDS_1324%252CDS_1051%252Call%252CDS_643%252CDS_1061%252CDS_1179%252CDS_1074%252CDS_1178%252CDS_1185%252CDS_679%252CDS_576%252CDS_166%252CDS_164%252CDS_1210%252CDS_177%252CDS_181%252CDS_1231%252CDS_1203%252CDS_1197%26inskin_desktop_yes%3Dtrue&cookie=ID%3D09b4fa402ea27937%3AT%3D1635226125%3AS%3DALNI_MZASOLitNw4ukMJAScH5flt9Xl8Ag&bc=31&abxe=1&lmt=1635226126&dt=1635226126260&dlt=1635226123263&idt=1342&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=755216543&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H92ExXKrK_S64bsIJw7E8usrni65RXuJPp0D0jZaaqWxAB81VSLudN7ZJflWN5TI9P4q-q67-4%2CAGkb-H9whM-plXrtQbEcSyC_pQWse3yQISkBkFrS6ptqbFX-HA2sSUUVU9YoMwQ8Zox4ajKTLYV426Y%2CAGkb-H8cSZl11uXbBhL_Yg-fibTQApad6K_KD6EbKXfPoH6Ia9x4UqrjlkpiTFWRx8T0PbUAJvhGQZU&ga_vid=2023701743.1635226124&ga_sid=1635226125&ga_hid=629848678&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
e2685129ff1375b236e63180357cc86e357c371851242a48de77c85571e83abe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8278
x-xss-protection
0
google-lineitem-id
5109042945
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138258811345
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 26 Oct 2021 05:28:46 GMT
collect
f.clarity.ms/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.24/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://www.nst.com.my
date
Tue, 26 Oct 2021 05:28:46 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nst.com.my
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 05:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=542465142768040&correlator=1769961266626170&output=ldjh&impl=fifs&eid=31063136%2C31063263%2C31062524&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=1009103%2CNST_1x1_Programmatic&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&prev_scp=site%3Dnst%26section%3Dworld%26pos%3Darticle%26key%3DUS%2CRussia%2Cit%2Capril%2CWashington%2Cespionage%2CMicrosoft%2C300%2CMoscow%2Chacking%2Chack%2CTom%2520Burt%2Cxnstp%2CDan%2520Ives%2CBurt%2CMSTIC%2CThreat%2520Intelligence%2520Center%2C000-strong&eri=1&cust_params=lotauds%3DDS_1070%252CDS_1196%252CDS_659%252CDS_1175%252CDS_1186%252CDS_757%252CDS_1596%252CDS_1327%252Cca_173%252CDS_664%252CDS_1199%252CDS_560%252Cca_012%252CDS_141%252CDS_1192%252CDS_1202%252CDS_1182%252CDS_1194%252CDS_644%252CDS_1209%252CDS_658%252CDS_1174%252Cca_020%252CDS_1177%252CDS_1173%252CDS_1620%252CDS_1610%252Cca_494%252Cca_016%252CDS_1076%252CDS_559%252CDS_1201%252CDS_1187%252CDS_1054%252CDS_150%252CDS_647%252CDS_526%252CDS_1303%252CDS_629%252CDS_1382%252Cca_019%252CDS_670%252CDS_1195%252CDS_530%252CDS_1396%252CDS_1176%252CDS_1325%252CDS_1389%252CDS_712%252CDS_750%252CDS_654%252CDS_1200%252CDS_1060%252CDS_1193%252CDS_168%252CDS_1307%252CDS_175%252CDS_633%252CDS_528%252CDS_1188%252CDS_574%252CDS_678%252CDS_1071%252CDS_1181%252CDS_1206%252CDS_657%252CDS_1184%252Cca_176%252CDS_639%252CDS_1180%252CDS_652%252CDS_638%252Cca_230%252CDS_640%252CDS_1311%252Cca_021%252CDS_1204%252CDS_558%252CDS_1314%252CDS_176%252CDS_665%252CDS_714%252Cca_171%252CDS_1171%252CDS_625%252CDS_696%252CDS_1189%252Cca_080%252CDS_1309%252CDS_756%252CDS_1621%252CDS_738%252Cca_102%252Cca_174%252Cca_177%252CDS_525%252CDS_1172%252Cca_022%252CDS_1601%252CDS_671%252CDS_167%252CDS_1388%252CDS_1198%252CDS_1207%252CDS_523%252CDS_653%252Cca_038%252CDS_645%252CDS_1385%252CDS_1219%252CDS_674%252CDS_650%252CDS_677%252CDS_641%252CDS_1191%252CDS_1208%252CDS_512%252CDS_646%252CDS_1078%252CDS_1190%252CDS_1395%252CDS_1383%252CDS_1604%252CDS_1081%252CDS_1205%252CDS_656%252CDS_675%252CDS_662%252CDS_1384%252CDS_553%252CDS_672%252CDS_1394%252Cca_036%252CDS_1324%252CDS_1051%252Call%252CDS_643%252CDS_1061%252CDS_1179%252CDS_1074%252CDS_1178%252CDS_1185%252CDS_679%252CDS_576%252CDS_166%252CDS_164%252CDS_1210%252CDS_177%252CDS_181%252CDS_1231%252CDS_1203%252CDS_1197%26inskin_desktop_yes%3Dtrue&cookie=ID%3Dc661d3eca26a20f8%3AT%3D1635226126%3AS%3DALNI_MZmxEmSCGqYmKcG6u95ABjqQcIsAQ&bc=31&abxe=1&lmt=1635226126&dt=1635226126543&dlt=1635226123263&idt=1342&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=1156111754&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H92ExXKrK_S64bsIJw7E8usrni65RXuJPp0D0jZaaqWxAB81VSLudN7ZJflWN5TI9P4q-q67-4%2CAGkb-H9whM-plXrtQbEcSyC_pQWse3yQISkBkFrS6ptqbFX-HA2sSUUVU9YoMwQ8Zox4ajKTLYV426Y%2CAGkb-H_B-k5pWppo9TCCYeV3agmfKv6K5GqUj-tbjXpV9VyBe2Mzjxre9ayE3osDoBWyoxOH_6U4rqQ%2CAGkb-H8cSZl11uXbBhL_Yg-fibTQApad6K_KD6EbKXfPoH6Ia9x4UqrjlkpiTFWRx8T0PbUAJvhGQZU%2CAGkb-H8wD6H5otBIVx79Pwcj_ZO1HnWYfSL-ND-l8TaMEiUg%2CAGkb-H9JvRBN9_9WkjHDvtqq9yYWUd51ZY7ZZNpJqx2XKPqpQr9TBXSeXRIaFuascudmnEWPZF4dPfM&ga_vid=2023701743.1635226124&ga_sid=1635226125&ga_hid=629848678&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
be8bf5f51a87d5f3d8f069ce9add21558c07b363f25122d54c478fcdb69291cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7809
x-xss-protection
0
google-lineitem-id
5801574842
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138366085204
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=542465142768040&correlator=3113554762566150&output=ldjh&impl=fifs&eid=31063136%2C31063263%2C31062524&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=1009103%2CNST_pixel&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&prev_scp=site%3Dnst%26section%3Dworld%26pos%3Darticle%26key%3DUS%2CRussia%2Cit%2Capril%2CWashington%2Cespionage%2CMicrosoft%2C300%2CMoscow%2Chacking%2Chack%2CTom%2520Burt%2Cxnstp%2CDan%2520Ives%2CBurt%2CMSTIC%2CThreat%2520Intelligence%2520Center%2C000-strong&eri=1&cust_params=lotauds%3DDS_1070%252CDS_1196%252CDS_659%252CDS_1175%252CDS_1186%252CDS_757%252CDS_1596%252CDS_1327%252Cca_173%252CDS_664%252CDS_1199%252CDS_560%252Cca_012%252CDS_141%252CDS_1192%252CDS_1202%252CDS_1182%252CDS_1194%252CDS_644%252CDS_1209%252CDS_658%252CDS_1174%252Cca_020%252CDS_1177%252CDS_1173%252CDS_1620%252CDS_1610%252Cca_494%252Cca_016%252CDS_1076%252CDS_559%252CDS_1201%252CDS_1187%252CDS_1054%252CDS_150%252CDS_647%252CDS_526%252CDS_1303%252CDS_629%252CDS_1382%252Cca_019%252CDS_670%252CDS_1195%252CDS_530%252CDS_1396%252CDS_1176%252CDS_1325%252CDS_1389%252CDS_712%252CDS_750%252CDS_654%252CDS_1200%252CDS_1060%252CDS_1193%252CDS_168%252CDS_1307%252CDS_175%252CDS_633%252CDS_528%252CDS_1188%252CDS_574%252CDS_678%252CDS_1071%252CDS_1181%252CDS_1206%252CDS_657%252CDS_1184%252Cca_176%252CDS_639%252CDS_1180%252CDS_652%252CDS_638%252Cca_230%252CDS_640%252CDS_1311%252Cca_021%252CDS_1204%252CDS_558%252CDS_1314%252CDS_176%252CDS_665%252CDS_714%252Cca_171%252CDS_1171%252CDS_625%252CDS_696%252CDS_1189%252Cca_080%252CDS_1309%252CDS_756%252CDS_1621%252CDS_738%252Cca_102%252Cca_174%252Cca_177%252CDS_525%252CDS_1172%252Cca_022%252CDS_1601%252CDS_671%252CDS_167%252CDS_1388%252CDS_1198%252CDS_1207%252CDS_523%252CDS_653%252Cca_038%252CDS_645%252CDS_1385%252CDS_1219%252CDS_674%252CDS_650%252CDS_677%252CDS_641%252CDS_1191%252CDS_1208%252CDS_512%252CDS_646%252CDS_1078%252CDS_1190%252CDS_1395%252CDS_1383%252CDS_1604%252CDS_1081%252CDS_1205%252CDS_656%252CDS_675%252CDS_662%252CDS_1384%252CDS_553%252CDS_672%252CDS_1394%252Cca_036%252CDS_1324%252CDS_1051%252Call%252CDS_643%252CDS_1061%252CDS_1179%252CDS_1074%252CDS_1178%252CDS_1185%252CDS_679%252CDS_576%252CDS_166%252CDS_164%252CDS_1210%252CDS_177%252CDS_181%252CDS_1231%252CDS_1203%252CDS_1197%26inskin_desktop_yes%3Dtrue&cookie=ID%3Dc661d3eca26a20f8%3AT%3D1635226126%3AS%3DALNI_MZmxEmSCGqYmKcG6u95ABjqQcIsAQ&bc=31&abxe=1&lmt=1635226126&dt=1635226126554&dlt=1635226123263&idt=1342&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=1753964729&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H92ExXKrK_S64bsIJw7E8usrni65RXuJPp0D0jZaaqWxAB81VSLudN7ZJflWN5TI9P4q-q67-4%2CAGkb-H9whM-plXrtQbEcSyC_pQWse3yQISkBkFrS6ptqbFX-HA2sSUUVU9YoMwQ8Zox4ajKTLYV426Y%2CAGkb-H_B-k5pWppo9TCCYeV3agmfKv6K5GqUj-tbjXpV9VyBe2Mzjxre9ayE3osDoBWyoxOH_6U4rqQ%2CAGkb-H8cSZl11uXbBhL_Yg-fibTQApad6K_KD6EbKXfPoH6Ia9x4UqrjlkpiTFWRx8T0PbUAJvhGQZU%2CAGkb-H8wD6H5otBIVx79Pwcj_ZO1HnWYfSL-ND-l8TaMEiUg%2CAGkb-H9JvRBN9_9WkjHDvtqq9yYWUd51ZY7ZZNpJqx2XKPqpQr9TBXSeXRIaFuascudmnEWPZF4dPfM&ga_vid=2023701743.1635226124&ga_sid=1635226125&ga_hid=629848678&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
d4bddeadeda017ccd60ad04f29ae031af6bd78465ceea895cc988acff3330c98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8118
x-xss-protection
0
google-lineitem-id
5204063485
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138324130233
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=542465142768040&correlator=2424962825677739&output=ldjh&impl=fifs&eid=31063136%2C31063263%2C31062524&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=1009103%2CNST_Multisize_HouseAds&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=site%3Dnst%26section%3Dworld%26pos%3Darticle%26key%3DUS%2CRussia%2Cit%2Capril%2CWashington%2Cespionage%2CMicrosoft%2C300%2CMoscow%2Chacking%2Chack%2CTom%2520Burt%2Cxnstp%2CDan%2520Ives%2CBurt%2CMSTIC%2CThreat%2520Intelligence%2520Center%2C000-strong&eri=1&cust_params=lotauds%3DDS_1070%252CDS_1196%252CDS_659%252CDS_1175%252CDS_1186%252CDS_757%252CDS_1596%252CDS_1327%252Cca_173%252CDS_664%252CDS_1199%252CDS_560%252Cca_012%252CDS_141%252CDS_1192%252CDS_1202%252CDS_1182%252CDS_1194%252CDS_644%252CDS_1209%252CDS_658%252CDS_1174%252Cca_020%252CDS_1177%252CDS_1173%252CDS_1620%252CDS_1610%252Cca_494%252Cca_016%252CDS_1076%252CDS_559%252CDS_1201%252CDS_1187%252CDS_1054%252CDS_150%252CDS_647%252CDS_526%252CDS_1303%252CDS_629%252CDS_1382%252Cca_019%252CDS_670%252CDS_1195%252CDS_530%252CDS_1396%252CDS_1176%252CDS_1325%252CDS_1389%252CDS_712%252CDS_750%252CDS_654%252CDS_1200%252CDS_1060%252CDS_1193%252CDS_168%252CDS_1307%252CDS_175%252CDS_633%252CDS_528%252CDS_1188%252CDS_574%252CDS_678%252CDS_1071%252CDS_1181%252CDS_1206%252CDS_657%252CDS_1184%252Cca_176%252CDS_639%252CDS_1180%252CDS_652%252CDS_638%252Cca_230%252CDS_640%252CDS_1311%252Cca_021%252CDS_1204%252CDS_558%252CDS_1314%252CDS_176%252CDS_665%252CDS_714%252Cca_171%252CDS_1171%252CDS_625%252CDS_696%252CDS_1189%252Cca_080%252CDS_1309%252CDS_756%252CDS_1621%252CDS_738%252Cca_102%252Cca_174%252Cca_177%252CDS_525%252CDS_1172%252Cca_022%252CDS_1601%252CDS_671%252CDS_167%252CDS_1388%252CDS_1198%252CDS_1207%252CDS_523%252CDS_653%252Cca_038%252CDS_645%252CDS_1385%252CDS_1219%252CDS_674%252CDS_650%252CDS_677%252CDS_641%252CDS_1191%252CDS_1208%252CDS_512%252CDS_646%252CDS_1078%252CDS_1190%252CDS_1395%252CDS_1383%252CDS_1604%252CDS_1081%252CDS_1205%252CDS_656%252CDS_675%252CDS_662%252CDS_1384%252CDS_553%252CDS_672%252CDS_1394%252Cca_036%252CDS_1324%252CDS_1051%252Call%252CDS_643%252CDS_1061%252CDS_1179%252CDS_1074%252CDS_1178%252CDS_1185%252CDS_679%252CDS_576%252CDS_166%252CDS_164%252CDS_1210%252CDS_177%252CDS_181%252CDS_1231%252CDS_1203%252CDS_1197%26inskin_desktop_yes%3Dtrue&cookie=ID%3Dc661d3eca26a20f8%3AT%3D1635226126%3AS%3DALNI_MZmxEmSCGqYmKcG6u95ABjqQcIsAQ&bc=31&abxe=1&lmt=1635226126&dt=1635226126572&dlt=1635226123263&idt=1342&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=955972911&ucis=b&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H92ExXKrK_S64bsIJw7E8usrni65RXuJPp0D0jZaaqWxAB81VSLudN7ZJflWN5TI9P4q-q67-4%2CAGkb-H9whM-plXrtQbEcSyC_pQWse3yQISkBkFrS6ptqbFX-HA2sSUUVU9YoMwQ8Zox4ajKTLYV426Y%2CAGkb-H_B-k5pWppo9TCCYeV3agmfKv6K5GqUj-tbjXpV9VyBe2Mzjxre9ayE3osDoBWyoxOH_6U4rqQ%2CAGkb-H8cSZl11uXbBhL_Yg-fibTQApad6K_KD6EbKXfPoH6Ia9x4UqrjlkpiTFWRx8T0PbUAJvhGQZU%2CAGkb-H8wD6H5otBIVx79Pwcj_ZO1HnWYfSL-ND-l8TaMEiUg%2CAGkb-H9JvRBN9_9WkjHDvtqq9yYWUd51ZY7ZZNpJqx2XKPqpQr9TBXSeXRIaFuascudmnEWPZF4dPfM&ga_vid=2023701743.1635226124&ga_sid=1635226125&ga_hid=629848678&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
78f5b4df79e3334e6dd8aef82ee49878f8e119d628a8e402d606c3f34bc07bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17414
x-xss-protection
0
google-lineitem-id
5816919276
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138368481996
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad3cdcf42b1f1e15473b86288efdbb013bb30bb6f00a72a8f0a6b3ee74da722f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7H54dR6lI1UgFdgE-CUc6uyJeU7gnMnBHJP-s83fj9DD_g6HEp0cs7nHHeL2KNuaeBXc3rOZe_F6GcBHC2kdzWFlCCb9d1s8xkQ899rQDseAiYT8kngtoqxp3XZRQAC-lVbok50lMzDlRexDd4DBydl_o1ZTVgaJvsyi_CTRx87P4-ddXOiusSrEfkCSgn5XlZxobCY83oPmHpvAA89GIkrIuxch9XFttH4vn4BKOlTAk6jn8CQnP447kR7iq7jcxuuXUWgJR3vz8D8bE_Cv9UNe8keEGTnD22Qlm2Ete-wN8kQEtlz8&sig=Cg0ArKJSzIjSEwpo1nUQEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 05:28:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 26 Oct 2021 05:28:46 GMT
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check?t=ti(4)
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9438.64QX4h12bhtW1zd124BXTp_OkAEpPJoWHWYX_gtncGCHn0PSmLhKOdgDw-UvinzT.mTrLWkwjdRXH4VZCLsTB__suwXg%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9438.1p7dk8evvmNFL6BE0ybIhAgQbZgna6t6IsOaZXBTGZwx1XYN6qLLK7ty7NIaO4WBzvWG_yIk2HlIIRSi5kcouYx4przHwsLsW5J6E5zflOs%2C.YSo252YCPVbF6U2FnlR816TvMH...
43 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=9438.1p7dk8evvmNFL6BE0ybIhAgQbZgna6t6IsOaZXBTGZwx1XYN6qLLK7ty7NIaO4WBzvWG_yIk2HlIIRSi5kcouYx4przHwsLsW5J6E5zflOs%2C.YSo252YCPVbF6U2FnlR816TvMHw%2C
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.5.244.199 Helsinki, Finland, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:47 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.webvisor.org/sync_cookie_image_decide?token=9438.1p7dk8evvmNFL6BE0ybIhAgQbZgna6t6IsOaZXBTGZwx1XYN6qLLK7ty7NIaO4WBzvWG_yIk2HlIIRSi5kcouYx4przHwsLsW5J6E5zflOs%2C.YSo252YCPVbF6U2FnlR816TvMHw%2C
date
Tue, 26 Oct 2021 05:28:47 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
1
mc.yandex.ru/watch/49007009/ 		43 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/49007009/1?page-url=goal%3A%2F%2Fwww.nst.com.my%2FpageLoad&page-ref=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A9ezyyr48ospah85ar%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A1%3Als%3A294707275812%3Ahid%3A253787053%3Az%3A0%3Ai%3A202101026052846%3Aet%3A1635226127%3Ac%3A1%3Arn%3A331434706%3Arqn%3A2%3Au%3A1635226126732349688%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1635226122394%3Aco%3A0%3Arqnl%3A1%3Ast%3A1635226127%3At%3A&t=gdpr(14)ti(2)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:46 GMT
last-modified
Tue, 26-Oct-2021 05:28:46 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.nst.com.my
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 26-Oct-2021 05:28:46 GMT
1
mc.yandex.ru/watch/49007009/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/49007009/1?page-url=goal%3A%2F%2Fwww.nst.com.my%2FplayerViewable&page-ref=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A9ezyyr48ospah85ar%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A1%3Als%3A294707275812%3Ahid%3A253787053%3Az%3A0%3Ai%3A202101026052846%3Aet%3A1635226127%3Ac%3A1%3Arn%3A465078464%3Arqn%3A3%3Au%3A1635226126732349688%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1635226122394%3Aco%3A0%3Arqnl%3A1%3Ast%3A1635226127%3At%3A&t=gdpr(14)ti(2)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:46 GMT
last-modified
Tue, 26-Oct-2021 05:28:46 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.nst.com.my
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 26-Oct-2021 05:28:46 GMT
vodus-main.js
api.vodus.com/cc/scripts/ 		421 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.vodus.com/cc/scripts/vodus-main.js?buildId=202110171449
Requested by
Host: api.vodus.com
URL: https://api.vodus.com/cc/scripts/vodus-mp.js?v=1635226125764
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.98.74 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
182e92b39b0565d8412432f2f318d51e68b1c0c879fc9edac0527285bbb743bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:46 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 09:10:32 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"1d7c65b7fdfe04f"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1574304145947553&ev=PageView&dl=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&rl=&if=false&ts=1635226126708&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.2.1635226125156.314776689&it=1635226124129&coo=false&rqm=GET
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 26 Oct 2021 05:28:46 GMT
/
www.facebook.com/tr/ Frame 8130 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
3415
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.nst.com.my
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nst.com.my/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://www.nst.com.my
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.nst.com.my
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
date
Tue, 26 Oct 2021 05:28:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 647A 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nst.com.my/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 25 Oct 2021 17:55:00 GMT
expires
Tue, 25 Oct 2022 17:55:00 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
41627
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 213A 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
c7c5d2ff8388dfe32e17e61da3d010954a90f56f52e088e169be8d98286d3099
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/mFsvlZ6JRJTC4vZKpxSNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nst.com.my/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 26 Oct 2021 05:28:47 GMT
date
Tue, 26 Oct 2021 05:28:47 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-/mFsvlZ6JRJTC4vZKpxSNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
3001495-1782838-240-180.m3u8
3001496-new-straits-times.cf.ivideosmart.com/3001495/1782838/ 		488 B
1010 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://3001496-new-straits-times.cf.ivideosmart.com/3001495/1782838/3001495-1782838-240-180.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96ce69a7e6d839f6895f9f03a2abc47740148cf71912e11fa386ddd86cb39d32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:48 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
content-length
488
last-modified
Sun, 26 Sep 2021 11:51:45 GMT
server
AmazonS3
etag
"701229cef64231638cba0c78f6920c12"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
https://www.nst.com.my
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
kDLuvmafjye3g0OMj6L50mdbtfxWc4xW46WNbNsxC9BPOpmsc3wJ5w==
sodar
pagead2.googlesyndication.com/pagead/ Frame 213A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102101&jk=542465142768040&rc=
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame 647A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 18:55:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
37989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 25 Oct 2022 18:55:38 GMT
fp.min.js
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js
Requested by
Host: api.vodus.com
URL: https://api.vodus.com/cc/scripts/vodus-main.js?buildId=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.85.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
31302
x-jsd-version
3.3.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19176-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"7bda-6e3Kg5ngt2AnGXK7N79XP7Iku90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a4148809ec24113-PRG
wl
t.pubmatic.com/ 		17 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=121793
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:47 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=121793
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:47 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=121793
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:47 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=121793
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:47 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=121793
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:47 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=121793
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:47 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=121793
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:47 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=121793
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:47 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=121793
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:47 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=121793
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:47 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.nst.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		0
0
vodus-common.js
voduscdn.azureedge.net/cc/scripts/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://voduscdn.azureedge.net/cc/scripts/vodus-common.js?build=202110171449
Requested by
Host: api.vodus.com
URL: https://api.vodus.com/cc/scripts/vodus-main.js?buildId=202110171449
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
781f42373d0f68c4c15dcc3aa3c4469523de3d54198a6e0997edaa8ebfe0d7d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:47 GMT
content-encoding
gzip
etag
"1d75b7688cb6cb1"
last-modified
Mon, 07 Jun 2021 08:24:29 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0D5J3YQAAAAA1OVbON3QqSaQGeIjJJ2YXUFJHMDFFREdFMDcxNgBiODRmYjVkZi02MGExLTQyZWQtOTlhNS05ZWRmMjY2NTQ0ZmM=
x-azure-ref-originshield
0tn12YQAAAAB8kNougrmWS4cNSQw0GyW0TE9OMjFFREdFMDIwOQBiODRmYjVkZi02MGExLTQyZWQtOTlhNS05ZWRmMjY2NTQ0ZmM=
accept-ranges
bytes
content-length
6658
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13171
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8t1IvRHYRs9Z%2B%2FXihc3h%2Bssn9PNO1lmYC1qDPicfdPKxDSHPLcVCavH0jDbd9FrjG%2FpsOzjne6UuDPMLAgrZX8pnJdYc9g9cG8cOugD9JLXd%2Fuq2ujw42J2E1qh4xszis3VM0Y2%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a4148810d954138-PRG
expires
Sun, 16 Oct 2022 05:28:47 GMT
bootstrap-vodus.css
voduscdn.azureedge.net/cc/scripts/plugins/bootstrap-vodus/css/ 		98 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://voduscdn.azureedge.net/cc/scripts/plugins/bootstrap-vodus/css/bootstrap-vodus.css?build=202110171449
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
49505b85b3f6577dcbcbcdb4f40056a81b655d416c868d44d36737838c87af33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:47 GMT
content-encoding
gzip
etag
"1d6f0162e40061e"
last-modified
Thu, 21 Jan 2021 16:55:11 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
text/css
x-azure-ref
0D5J3YQAAAADn8EdPNkmCQYAgvEKfWFPsUFJHMDFFREdFMDcxNgBiODRmYjVkZi02MGExLTQyZWQtOTlhNS05ZWRmMjY2NTQ0ZmM=
x-azure-ref-originshield
0Rjp2YQAAAABOhbIqBfnlQYjDCOEWWiQlTE9OMjFFREdFMTUyMgBiODRmYjVkZi02MGExLTQyZWQtOTlhNS05ZWRmMjY2NTQ0ZmM=
accept-ranges
bytes
tingle.css
voduscdn.azureedge.net/cc/scripts/plugins/tingle/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://voduscdn.azureedge.net/cc/scripts/plugins/tingle/tingle.css?build=202110171449
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ef00fbcaac23ad8aa2a6c230d1ffccb345dcb62885bc2660bf4159fcf0cf9721

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:47 GMT
content-encoding
gzip
etag
"1d6f0162eda0c28"
last-modified
Thu, 21 Jan 2021 16:55:12 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
TCP_REMOTE_HIT
content-type
text/css
x-azure-ref
0D5J3YQAAAACaI6efmTBZTrsRZUNdVkYNUFJHMDFFREdFMDcxNgBiODRmYjVkZi02MGExLTQyZWQtOTlhNS05ZWRmMjY2NTQ0ZmM=
x-azure-ref-originshield
0D5J3YQAAAAA0CVIpzhehS5/AmYwx2Mg3TE9OMjFFREdFMTUwNwBiODRmYjVkZi02MGExLTQyZWQtOTlhNS05ZWRmMjY2NTQ0ZmM=
accept-ranges
bytes
content-length
1710
survey.css
voduscdn.azureedge.net/cc/css/creator/ 		88 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
38a25ba1c3d266a3326449ea62d90174a54fcadcb6823e6a863a8339f187adc5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:47 GMT
content-encoding
gzip
etag
"1d7c0b53fa230b7"
last-modified
Thu, 14 Oct 2021 04:37:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
text/css
x-azure-ref
0D5J3YQAAAACwyY/cnoWFTqHopho/HPY7UFJHMDFFREdFMDcxNgBiODRmYjVkZi02MGExLTQyZWQtOTlhNS05ZWRmMjY2NTQ0ZmM=
x-azure-ref-originshield
0JFp2YQAAAACiDqUrCMZZQ53AWPJnQyYRTE9OMjFFREdFMDIxMgBiODRmYjVkZi02MGExLTQyZWQtOTlhNS05ZWRmMjY2NTQ0ZmM=
accept-ranges
bytes
toastr.min.css
voduscdn.azureedge.net/cc/scripts/plugins/toastr/ 		7 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://voduscdn.azureedge.net/cc/scripts/plugins/toastr/toastr.min.css?build=202110171449
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a461c27035a07006accddf473b2e3fd2430c1db950baae35b8ff5048e1ff8103

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:47 GMT
content-encoding
gzip
etag
"1d6f0162eda040a"
last-modified
Thu, 21 Jan 2021 16:55:12 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
text/css
x-azure-ref
0D5J3YQAAAAD5ywX24NeBTaVXgWnFMV+VUFJHMDFFREdFMDcxNgBiODRmYjVkZi02MGExLTQyZWQtOTlhNS05ZWRmMjY2NTQ0ZmM=
x-azure-ref-originshield
0eWZ2YQAAAACKMVdmOhHtTbou/LaRg2MLTE9OMjFFREdFMDIwOQBiODRmYjVkZi02MGExLTQyZWQtOTlhNS05ZWRmMjY2NTQ0ZmM=
accept-ranges
bytes
content-length
3729
toastr.min.js
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.js
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
472608
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1885
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-15a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ft3a13byBCfA4N4aGhREjX1woFC7DDg%2Bzx1oV6QVqsZUw7UUZKC1shvDqPagAc%2BhD50RVpcHg8i6YOckJYRPqjyy9CirYykQOFjZQqkGZ2OXzl613gF%2FW6%2F7y7ThTo6NvDUmvh6r"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a4148810d944138-PRG
expires
Sun, 16 Oct 2022 05:28:47 GMT
tingle.min.js
cdnjs.cloudflare.com/ajax/libs/tingle/0.13.2/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tingle/0.13.2/tingle.min.js
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e23a4e032b9b1dc7ed992b680df42bcc5ae15bf7e8573a6ff2cc694235adcd38
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2618809
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1561
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffd-1bfc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xVW%2FocO66LPJhgjxlH5Gqt05kTTU1M4Q2cfMEmbVUvdwBDjcEphNoe0fS8ImswRxDxOHVvMB2mTjsnRTs6eZ1D%2F%2Bqjr9nfRooOpWT9sTo1AAc50zUWijsQkvSt0csOJgo8%2FnhER"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a4148810d994138-PRG
expires
Sun, 16 Oct 2022 05:28:47 GMT
i18next.min.js
cdnjs.cloudflare.com/ajax/libs/i18next/8.4.3/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/i18next/8.4.3/i18next.min.js
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d659b0ebd2557d1e35fba8bf8fcd3aedc04ff08d2d737e38633548180f35df4e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
471875
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9349
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:10 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9e-8fd1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEPIMdpl0A%2BVxuoWM3%2FXtaO7NAzZXawGrKNYE%2FhssMDufY8Qw%2BPCJcifV9dW37Z5Xc2ANG5M1tjMmSmlsL6b9ybaJzseph4mlXpmdmirctRcp6we%2BnXuGig9WvhoE3hao2a6vYNk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a4148810d964138-PRG
expires
Sun, 16 Oct 2022 05:28:47 GMT
jquery-i18next.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-i18next/1.2.0/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-i18next/1.2.0/jquery-i18next.min.js
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e37a6f5b4a9288dad70a0cabf87c08989b4042bc6ca7fa3b1fef3f6ab4cc509a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2718318
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
770
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-740"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14Hy0W%2FBnSxHUhhxcITplJquwQ2a1Vpi%2B4aL%2FKrYUzg6Tx3a4V3Qt25RmsKqheWoSOvOKKkTEHYnIHlBUKI0ad55lMP5FnqsPgwVOkWZ%2B87CLDGzpQt2gUYxOeGocQv1YAQlhNqc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a4148810d9b4138-PRG
expires
Sun, 16 Oct 2022 05:28:47 GMT
thirdparty-cookie-check-start.html
api.vodus.com/ Frame 0659 		177 B
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.vodus.com/thirdparty-cookie-check-start.html
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.98.74 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
255dc1412e7a81505c786c462f6c6f795092d6a98a707b04aca457749e28ee92

Request headers

:method
GET
:authority
api.vodus.com
:scheme
https
:path
/thirdparty-cookie-check-start.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nst.com.my/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

content-length
231
content-type
text/html
content-encoding
gzip
last-modified
Fri, 22 Jan 2021 03:54:31 GMT
accept-ranges
bytes
etag
"1d6f07249da7531"
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
date
Tue, 26 Oct 2021 05:28:47 GMT
jquery-ui.min.js
code.jquery.com/ui/1.12.1/ 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by
Host: api.vodus.com
URL: https://api.vodus.com/cc/scripts/vodus-main.js?buildId=202110171449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:47 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2016 16:34:16 GMT
server
nginx
etag
W/"57d97c08-3dee4"
vary
Accept-Encoding
x-hw
1635226127.dop216.fr8.t,1635226127.cds246.fr8.hn,1635226127.cds151.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
67751
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f14.1e100.net
Software
ESF /
Resource Hash
e21aa289818ac270e2647b8f04a0b04a78716f57797940f6fea477c6d03b7e56
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QPoSCTdivxhxPLzWnndgBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"b25f111da50a2c91d2f1bce5d2447ba4"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-QPoSCTdivxhxPLzWnndgBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Tue, 26 Oct 2021 05:28:47 GMT
jquery.ui.touch-punch.min.js
cdnjs.cloudflare.com/ajax/libs/jqueryui-touch-punch/0.2.3/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jqueryui-touch-punch/0.2.3/jquery.ui.touch-punch.min.js
Requested by
Host: api.vodus.com
URL: https://api.vodus.com/cc/scripts/vodus-main.js?buildId=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3659607
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
493
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-50b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5Jf%2BN5vP7TO5hMSYPtaIrpVTnf3ZJT9KgZkPK3oznwmMFAh%2BY0cSsxM65Tu7nVG456vGW08uhZF8S%2BgL0zs%2Bja0XzVoBrHVHaDIk0AyQFWaKMeUBZKEoaCAXLbK7il%2FfQjg6H4J"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a414881be684138-PRG
expires
Sun, 16 Oct 2022 05:28:47 GMT
css
fonts.googleapis.com/ 		1 KB
430 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Dosis:400
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
33205051f6e37b9dc8139fbcfc22640e42adee6c5e26964f33850cb61c28a3f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 04:15:14 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
css
fonts.googleapis.com/ 		382 B
309 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Serif:700
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
b5e7e9e27e469ad93a5ae8b4dbc4f87e3e9cc41815d8564d123e13eb007f17c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 05:16:05 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
css
fonts.googleapis.com/ 		1 KB
476 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inconsolata:700
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
c8139748fb3309fcea3646bde94855641e2e422552f67013142ae92a8a113aa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 04:54:27 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
css
fonts.googleapis.com/ 		2 KB
518 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lora:700
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
d4cbc8dfae5d75eaf03110760378ed5c27145748e09057a0a3346bf9360de912
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 05:28:47 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
css
fonts.googleapis.com/ 		2 KB
520 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:700
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
a3b7eaa94adc989307a86839dd51e44b4d2beb5476ab52594a813f25820369e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 05:05:18 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
css
fonts.googleapis.com/ 		677 B
361 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oxygen:400
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
854eeab54c92762230493a02ad6c7227d0ae34a0605605b5fd5f668f0310d241
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 05:28:47 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
css
fonts.googleapis.com/ 		2 KB
480 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:400
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
eda144dea7a719010fe6c2e87514f5eca490b3c74f120f6ac8cb514596d4ef48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 05:12:24 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
css
fonts.googleapis.com/ 		3 KB
623 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 04:24:49 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
css
fonts.googleapis.com/ 		664 B
356 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 05:24:52 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
css
fonts.googleapis.com/ 		2 KB
538 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 03:50:22 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
css
fonts.googleapis.com/ 		2 KB
563 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
89217528ff779a9d3836efde9904ba13979c9cd01666796dabbb1ba533b1126a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 05:07:41 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
css
fonts.googleapis.com/ 		2 KB
522 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:700
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
1d05b65fe018b033643449c09121df2d26dd5ea4bf41dc5ce69a065ee5487974
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 05:17:59 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
css
fonts.googleapis.com/ 		2 KB
504 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Pangolin
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
2d7dd7f017c48a5382f703aaf0bfa16716d3191ec4f70b32f41eb6e7d4f72ca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 05:28:47 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
css
fonts.googleapis.com/ 		2 KB
511 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 03:57:59 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
css
fonts.googleapis.com/ 		1 KB
497 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
9d83121a5242fd08642d5791a2c7536b9f20291498977184992a6a1db5808f05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 04:25:34 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
css
fonts.googleapis.com/ 		722 B
380 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
ecd8799f73c6448e0900077d29c47a134dc4e755c1a3d2d1b17171fad091f65a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 04:41:01 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
css
fonts.googleapis.com/ 		1 KB
470 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans+Narrow
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
1433a1588f74d9dd724983361df4defe48901f200c54e7cdcd64fe9cf06fd433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 05:06:22 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
css
fonts.googleapis.com/ 		381 B
308 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Indie+Flower
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
3ba204eb6b5ddfd1793407cdd021c7c3f02b0a6d07ea711283a502f3b594e448
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 05:22:58 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
css
fonts.googleapis.com/ 		1 KB
433 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins&display=swap
Requested by
Host: voduscdn.azureedge.net
URL: https://voduscdn.azureedge.net/cc/css/creator/survey.css?build=202110171449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
f94fc133e3ddaef1a9c299f5d7b4f608753ef156544ba9d591284ddff0e40fd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://voduscdn.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 04:21:25 GMT
server
ESF
date
Tue, 26 Oct 2021 05:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 05:28:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102101&jk=542465142768040&bg=!CgmlCU3NAAbUs_yW1LM7ACkAdvg8WrrDSKsBbhYd4p6Hf8zciWh5Ntkoi0AfqvmGUz1GsnonE7TPVAIAAAG0UgAAABhoAQcKAEoo-pyGiJS8S5His2zb4L_Ew_LmwAkIoQy1WcB9QfSceEy4btrY47Bdu1PZcAxeGNerflahVh0zEFquMo7oAzr-1DGf6lU1B6bcBZkCtyi0nKWFtKlyhAai9AoRx7SAic5h26nVAfI4lv9S2amtYSzV7rO5RA0CkUXempTWHTVA3T80bj9gyDlq1YmL4TaSbaTPsoxXUIijtqDQ7EUVKfrJx06_UVayc6_snVTGnDwTKhmkiqupi14G8pxrFeyRTJf82-fpVe7hsfr-J3ttr0qk-4dGtTycO3qIEYsoTNc89C9rWtRCBuew48usOAt9Gd_-FTlzRbZxL2hxP8UaVk0uy2REzKSjJ23SYRcpyaHSmBybuCTqrhpLHf1RRiZ4O4MflVal8WpypVmREhwYiHw_pKBfFapP7dJehBEFQr3REh-KUOCAzqz9NXpaGWkuC05we0LvjJ4D6O11dlptT3HZVk-rlFTC0CiGBdl3u_dtckIZJpK_QnTCgqrGB5Szx-sYpYGRSWFeh9MxCLa6SAgmH_8nHTyHhinwbsdMnrz9y7e3PZCGYyWLgm-EozFgCtLj9GdRHa5XzFYuEJqS4pm8PYrPHKhGGYos7bCxi86VxH1U6h-r8jtxsuZY1heU9X3dhR4mpwDtVVyrK6IvM-NE8WddXGntzlBBwG8UlHjF8kXmyrK0ilFWxe3dFYPDsgyixWwJCCRv3z4Zcdcjv_Tx-wBa8o7nyaWxZCEYVXuwjO9DJo7m38qpkMPwcqdJuUmCyK2cIRTU8qpZAn5p25jrQGnnfZwE7tdWz4lAZT5mAwGvjF9Sv3ZRdCwcoMp0Qr99Jdv-zMMtpkZXwYqBoB5I_VkwT9dMoQL-Vd8Cfk1J_87spKrB8_-QsIAhAwV37IESuh5BAyuB2Pk2q2R7X1ocF88abP0izoyzX3dxZE65WvdH_VSGNZ8_EdYXhe74PCJh7CDSCCp4xAwr2oK2e29VDW9Js48URqsyV3tiYytOJWaQe-BY30qINXpg29hy7nYwEW4d
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
thirdparty-cookie-check-complete.html
api.vodus.com/ Frame 0659 		282 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.vodus.com/thirdparty-cookie-check-complete.html
Requested by
Host: api.vodus.com
URL: https://api.vodus.com/thirdparty-cookie-check-start.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.98.74 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d224bf6607246117f6fb37fcf1f83f1c1d14d5c99d46d8aed600f85ea1447f44

Request headers

:method
GET
:authority
api.vodus.com
:scheme
https
:path
/thirdparty-cookie-check-complete.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://api.vodus.com/thirdparty-cookie-check-start.html
accept-encoding
gzip, deflate, br
cookie
thirdparty=yes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://api.vodus.com/thirdparty-cookie-check-start.html

Response headers

content-length
261
content-type
text/html
content-encoding
gzip
last-modified
Thu, 21 Jan 2021 16:55:12 GMT
accept-ranges
bytes
etag
"1d6f0162eda191a"
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
date
Tue, 26 Oct 2021 05:28:47 GMT
3001495-1782838-240-180-0000.ts
3001496-new-straits-times.cf.ivideosmart.com/3001495/1782838/ 		116 KB
116 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://3001496-new-straits-times.cf.ivideosmart.com/3001495/1782838/3001495-1782838-240-180-0000.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e2fccb877b1db9c1178c0d4b8b576658a91f8e2572620b6a173c5d59a2a3f60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:49 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
content-length
118440
last-modified
Sun, 26 Sep 2021 11:51:45 GMT
server
AmazonS3
etag
"15adde541ab1826a2f7286ce80f0c33c"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
video/mp2t
access-control-allow-origin
https://www.nst.com.my
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
eeAGD6bPYEshHHQFHJ2aFY2R5TTOopJL9cwjVWqO6aB5NMItaB2s4Q==
af318a0d-d6cb-4c2b-bd17-3bdc394bd708
https://www.nst.com.my/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.nst.com.my/af318a0d-d6cb-4c2b-bd17-3bdc394bd708
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaQGbE7cQAmjMrPbEOkNXT4k_ZQRbSWQ6acONn-ViE8HE-LYzNa2NN9TXP1E-DQDoAyRKoh1eBQDXBA6QtizUyIfcWdWsfdDJ_iwwXMpE6cLcvMJHb&sig=Cg0ArKJSzC7yJmWPJiggEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211020&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=473888136&rs=4&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635226122394&rpt=4256&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 05:28:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
serverless
api.vodus.com/v1/token/ Frame 0346 		2 KB
945 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.vodus.com/v1/token/serverless?partnerCode=
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.98.74 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
25e89d49cf99e6300d198a012894ffe80b242bf217b9681bb25b715c72b97641

Request headers

:method
GET
:authority
api.vodus.com
:scheme
https
:path
/v1/token/serverless?partnerCode=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nst.com.my/
accept-encoding
gzip, deflate, br
cookie
thirdparty=yes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

content-length
887
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
date
Tue, 26 Oct 2021 05:28:47 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=283031649327915&ev=Microdata&dl=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&rl=&if=false&ts=1635226127799&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.2.1635226125156.314776689&it=1635226124129&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.nst.com.my
URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 26 Oct 2021 05:28:48 GMT
check
vodus-api-serverless.azurewebsites.net/api/token/ Frame 0346 		198 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vodus-api-serverless.azurewebsites.net/api/token/check
Requested by
Host: api.vodus.com
URL: https://api.vodus.com/v1/token/serverless?partnerCode=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.98.74 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
88e8afcece48b20f360bd0ea0d5503d2787970fe83f09ea92b374b06d363533d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.vodus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 26 Oct 2021 05:28:48 GMT
Content-Encoding
gzip
Content-Length
336
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1574304145947553&ev=Microdata&dl=https%3A%2F%2Fwww.nst.com.my%2Fworld%2Fworld%2F2021%2F10%2F739628%2Frussian-hackers-behind-fresh-us-cyberattack-microsoft&rl=&if=false&ts=1635226128225&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.2.1635226125156.314776689&it=1635226124129&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 26 Oct 2021 05:28:48 GMT
3001495-1782838-240-180-0001.ts
3001496-new-straits-times.cf.ivideosmart.com/3001495/1782838/ 		114 KB
115 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://3001496-new-straits-times.cf.ivideosmart.com/3001495/1782838/3001495-1782838-240-180-0001.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9536bbef911d2487ce7c66e1dd1be85105e1edace8b00daadcd6eddaa9431018

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:50 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
content-length
116936
last-modified
Sun, 26 Sep 2021 11:51:45 GMT
server
AmazonS3
etag
"9432ec5393ceb1a6218c539421fc4410"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
video/mp2t
access-control-allow-origin
https://www.nst.com.my
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
wr8PjMdR0aATpmgJ2zjKaWm0DNbdsH85r5q5qTcqVVjaCsT2LQcZOw==
getCCParameter
vodus-api-serverless.azurewebsites.net/api/ 		689 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vodus-api-serverless.azurewebsites.net/api/getCCParameter
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.98.74 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
359f5ba822b2b6605fe5f4f38d2fbab678e12b742a43419536dcf418406f1e93

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 26 Oct 2021 05:28:49 GMT
Content-Encoding
gzip
Content-Length
577
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
resync
vodus-api-serverless.azurewebsites.net/api/token/ 		198 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vodus-api-serverless.azurewebsites.net/api/token/resync
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.98.74 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
88e8afcece48b20f360bd0ea0d5503d2787970fe83f09ea92b374b06d363533d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 26 Oct 2021 05:28:49 GMT
Content-Encoding
gzip
Content-Length
336
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Cookie set create-temporary-points
vodus.my//token/ Frame C42C 		0
655 B 		Document
General
Check archive.org
Download Go to
Full URL
https://vodus.my//token/create-temporary-points?token=eTltTFFtc2tGY2k1RWE1K1pURGtBWUJHOTYxWkRiWHovVGVmSGxkMzJ2SmRYY2ZJOWN3RzV3d1Z2b2U2OHFqZUd0TU9DMWlaa2xzWU45Z09IYUUvMjk5NXVCNlE2b0RjOFc0bEpYRmFsYjA9
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.76.245.96 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Host
vodus.my
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.nst.com.my/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Set-Cookie
Vodus.Token=eTltTFFtc2tGY2k1RWE1K1pURGtBWUJHOTYxWkRiWHovVGVmSGxkMzJ2SmRYY2ZJOWN3RzV3d1Z2b2U2OHFqZUd0TU9DMWlaa2xzWU45Z09IYUUvMjk5NXVCNlE2b0RjOFc0bEpYRmFsYjA9; expires=Fri, 24 Oct 2031 05:28:50 GMT; domain=.vodus.com; path=/; secure; samesite=none
Strict-Transport-Security
max-age=2592000
X-Powered-By
ASP.NET
Date
Tue, 26 Oct 2021 05:28:49 GMT
sync
api.vodus.com//v1/token/ Frame C30E 		2 KB
865 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.vodus.com//v1/token/sync?token=eTltTFFtc2tGY2k1RWE1K1pURGtBWUJHOTYxWkRiWHovVGVmSGxkMzJ2SmRYY2ZJOWN3RzV3d1Z2b2U2OHFqZUd0TU9DMWlaa2xzWU45Z09IYUUvMjk5NXVCNlE2b0RjOFc0bEpYRmFsYjA9
Requested by
Host: assets.nst.com.my
URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.98.74 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
17ca0c3d686759045c7ee0a22cf8510fe4e2178a9ed8b72e894e01dd19f6177f

Request headers

:method
GET
:authority
api.vodus.com
:scheme
https
:path
//v1/token/sync?token=eTltTFFtc2tGY2k1RWE1K1pURGtBWUJHOTYxWkRiWHovVGVmSGxkMzJ2SmRYY2ZJOWN3RzV3d1Z2b2U2OHFqZUd0TU9DMWlaa2xzWU45Z09IYUUvMjk5NXVCNlE2b0RjOFc0bEpYRmFsYjA9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nst.com.my/
accept-encoding
gzip, deflate, br
cookie
thirdparty=yes; Vodus.Token=eTltTFFtc2tGY2k1RWE1K1pURGtBWUJHOTYxWkRiWHovVGVmSGxkMzJ2SmRYY2ZJOWN3RzV3d1Z2b2U2OHFqZUd0TU9DMWlaa2xzWU45Z09IYUUvMjk5NXVCNlE2b0RjOFc0bEpYRmFsYjA9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/

Response headers

content-length
803
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
date
Tue, 26 Oct 2021 05:28:49 GMT
collect
f.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.24/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.nst.com.my/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://www.nst.com.my
date
Tue, 26 Oct 2021 05:28:49 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
3001495-1782838-240-180-0002.ts
3001496-new-straits-times.cf.ivideosmart.com/3001495/1782838/ 		117 KB
118 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://3001496-new-straits-times.cf.ivideosmart.com/3001495/1782838/3001495-1782838-240-180-0002.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
67078959ea97bf1c45d7fdee4667409bef9e877c9305d0961daffbc1bf4fc2fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:51 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
content-length
119756
last-modified
Sun, 26 Sep 2021 11:51:45 GMT
server
AmazonS3
etag
"1b5d9c246a052f7df2bdc59588074f22"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
video/mp2t
access-control-allow-origin
https://www.nst.com.my
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
5lQAz5NENV0u2tGyZ9oOE8SGXJNAveMRvrHvVw90JzR8W99peAm0Dg==
3001495-1782838-240-180-0003.ts
3001496-new-straits-times.cf.ivideosmart.com/3001495/1782838/ 		118 KB
119 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://3001496-new-straits-times.cf.ivideosmart.com/3001495/1782838/3001495-1782838-240-180-0003.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2631ed02ef233f24053282523599cf99516637ce3eed1e685061b45e1fda662

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nst.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 05:28:52 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
content-length
120884
last-modified
Sun, 26 Sep 2021 11:51:45 GMT
server
AmazonS3
etag
"27ea1a18e69409b89b05fef46d550d24"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
video/mp2t
access-control-allow-origin
https://www.nst.com.my
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
NqH8UeXxw-o0w8Eeki3WUqv0Qdj_ZOrTPRaD8WgTNSgemvViRHBhRA==
3001495-1782838-240-180-0004.ts
3001496-new-straits-times.cf.ivideosmart.com/3001495/1782838/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
mpdrec.nstp.com.my
URL
https://mpdrec.nstp.com.my/articles/2023701743.1635226124
Domain
sync.aralego.com
URL
https://sync.aralego.com/idsync?
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html
Domain
t.pubmatic.com
URL
https://t.pubmatic.com/wl?pubid=121793
Domain
3001496-new-straits-times.cf.ivideosmart.com
URL
https://3001496-new-straits-times.cf.ivideosmart.com/3001495/1782838/3001495-1782838-240-180-0004.ts

Verdicts & Comments Add Verdict or Comment

421 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect boolean| originAgentCluster object| __cfQR object| __cfBeacon string| dfpSection string| dfpPos object| PWT object| googletag number| adslots object| dataLayer object| lotame_7270 function| lotameIsCompatible function| lt7270_ba function| lt7270_b undefined| lt7270_c undefined| lt7270_ca undefined| lt7270_d function| lt7270_e function| lt7270_da function| lt7270_ea object| lt7270_fa object| lt7270_ object| lt7270_2 function| lt7270_aa function| lt7270_a function| lt7270_f function| lt7270_g function| lt7270_h function| lt7270_i function| lt7270_j function| lt7270_k function| lt7270_m function| lt7270_ga function| lt7270_l function| lt7270_n function| lt7270_o function| lt7270_p function| lt7270_q function| lt7270_r function| lt7270_s function| lt7270_t function| lt7270_u function| lt7270_v function| lt7270_ha function| lt7270_ia function| lt7270_x function| lt7270_ja function| lt7270_y function| lt7270_z function| lt7270_A function| lt7270_w function| lt7270_B function| lt7270_C function| lt7270_D function| lt7270_E function| lt7270_F function| lt7270_G function| lt7270_H function| lt7270_I function| lt7270_J function| lt7270_K function| lt7270_L function| lt7270_N function| lt7270_O function| lt7270_P function| lt7270_M function| lt7270_ka function| lt7270_la function| lt7270_R function| lt7270_Q function| lt7270_S function| lt7270_T function| lt7270_U function| lt7270_V function| lt7270_ma function| lt7270_na function| lt7270_oa function| lt7270_ra function| lt7270_W function| lt7270_pa function| lt7270_qa function| lt7270_sa function| lt7270_ua function| lt7270_ta function| lt7270_X function| lt7270_va function| lt7270_wa function| lt7270_xa function| lt7270_ya function| lt7270_za function| lt7270_Aa function| lt7270_Ba function| lt7270_Ca function| lt7270_Da function| lt7270_Ea function| lt7270_Fa function| lt7270_Ga function| lt7270_Y function| lt7270_Z function| lt7270_Ha function| lt7270_Ja function| lt7270_Ia function| lt7270__ function| lt7270_Ka function| lt7270_La function| lt7270_Ma function| lt7270_Na function| lt7270_Oa function| lt7270_Pa function| lt7270_Qa function| lt7270_Ra function| lt7270_0 function| lt7270_1 function| lt7270_Sa function| lt7270_Ta function| lt7270_Ua function| lt7270_Va function| lt7270_Wa function| lt7270_Xa function| lt7270_Ya function| lt7270_Za function| lt7270__a function| lt7270_3 function| lt7270_4 function| lt7270_2a function| lt7270_3a function| lt7270_1a function| lt7270_0a function| lt7270_5a function| lt7270_4a function| lt7270_7a function| lt7270_6a function| lt7270_5 function| lt7270_8a function| lt7270_9a function| lt7270_$a function| lt7270_ab function| lt7270_bb function| lt7270_db function| lt7270_gb function| lt7270_fb function| lt7270_cb function| lt7270_ib function| lt7270_eb function| lt7270_hb function| lt7270_kb function| lt7270_jb function| lt7270_lb function| lt7270_6 function| lt7270_mb function| lt7270_nb function| lt7270_ob function| lt7270_7 function| lt7270_pb function| lt7270_qb function| lt7270_rb function| lt7270_sb function| lt7270_tb function| lt7270_8 function| lt7270_ub function| lt7270_vb function| lt7270_wb function| lt7270_xb function| lt7270_yb function| lt7270_$ function| lt7270_zb function| lt7270_Ab function| lt7270_9 object| regeneratorRuntime function| setImmediate function| clearImmediate function| _ function| Popper function| jQuery function| $ function| axios function| Vue object| google_tag_manager function| postscribe object| google_tag_manager_external function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key object| google_tag_data string| GoogleAnalyticsObject function| ga object| _sf_async_config object| _comscore function| getCookie function| timeBucket function| getAdblockExists function| adBlockChecker function| wordCount function| page404 function| getArticleId function| getArticleTitle function| getAuthor function| getPublicationDate function| getPublicationTime function| getCategory function| articleView function| getPageType function| pageType function| setupNewPlayer function| getFotoCaption function| getPhotographer function| photoView function| gtmImageView function| content_impressions function| socialShare function| fbq function| _fbq function| clarity function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater function| udm_ object| ns_p object| COMSCORE object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| _cb_shared object| _cbv object| CollapsibleMenu boolean| __cfRLUnblockHandlers object| addthis_config object| addthis_share function| fireYTPlayer undefined| googleTagManager string| adId boolean| __@@##MUH function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| __ctcg_65349_0_exec object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies function| onYouTubeIframeAPIReady object| webpackChunkplayersdk_html5 object| IVS function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| google_reactive_ads_global_state object| _cbm object| google_noFurtherRedirects string| __INSIDER_SCRIPT_VERSION_newstraitstimesmalaysia__ object| msgData function| pm function| sQuery object| spApi object| Insider object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| bugsnag function| initMoatTracking object| ivsAdsClientJSBlob function| ivsVideoPbjsChunk object| ivsVideoPbjs function| HBEnrichedAdCallsSchedulerObjCreate function| HBEnrichedAdCallsCoreObjCreate object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks object| vttjs function| WebVTT object| Ya function| Hls object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google string| ccParameters string| partnerData string| mpAdId number| isMobile object| adDiv object| parentIframe object| vodusBanner object| vodusScript1 object| vodusScript2 function| yourFunctionToCall function| showResult string| VodusObject object| vodus object| closure_lm_401883 boolean| _firstAdRequestFired object| _ads_settings object| _hbparams function| fcnEarlyAdFoundAdviseHoldTimeCB_ string| jscVersion object| google_casm function| su object| dicnf object| viewReq function| vu function| init_ssb function| accbk function| xy function| ss function| st function| ha function| ia function| ja object| GoogleGcLKhOms function| tns function| buildAttribution object| google_logging_queue undefined| goog_delegate_deferred_token number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ string| vodusBuild object| closure_lm_635930 object| HSBigObj string| mainpart object| window_focus_for_click object| GlobalParameter function| extractHostname function| repositionMobileImage function| resizeMobileImage function| VodusRewardClickToClose function| closeAllVodusModal function| BackButtonClick function| addLogoutEvent function| addShowLoginModalEvent function| addShowSignupModalEvent function| addShowAboutUsModalEvent function| scrollToBannerDiv function| addShowGetQuestionModal function| reinitModalEvent function| getQuestionHandler function| getSignupLoginButtonHandler function| type2Close undefined| globalGoogleUser undefined| auth2 function| onSuccess function| onFailure function| initGoogleLogin function| signinChanged function| userChanged function| scrollFunction function| NoCCCheckIsSurveyFallbackScript function| ResponseCloseCheckIsSurveyFallbackScript function| updateRecoRewardImpression function| logDelay function| getBrowser function| vodusInit object| FingerprintJS object| tingle object| toastr object| jqueryI18next object| i18next object| gapi object| ___jsl function| resizeMobileFontSize_Preview function| makeMCQAnswersSortable function| makeRankingAnswerSortable function| getRandomInt function| updateRankingAnswerOrderNumber function| enableSubmitButtonRanking function| displayPlaceholderContent function| initMcqOpenEndedAnswer function| getCurrentQuestionTier function| resetFakePassAndFailAnswer object| google_image_requests number| el

77 Cookies

Domain/Path Name / Value
www.nst.com.my/world/world/2021/10/739628 Name: enableAds
Value: no
.nst.com.my/ Name: lotame_domain_check
Value: nst.com.my
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_domain
Value: .cc.nst.com.my
.crwdcntrl.net/ Name: _cc_id
Value: b4c56f95bac52e3b10afe9f58c865b97
.nst.com.my/ Name: _cc_id
Value: b4c56f95bac52e3b10afe9f58c865b97
.nst.com.my/ Name: _cc_cc
Value: ACZ4XmNQSDJJNjVLszRNSkw2NUo1TjI0SExLtUwztUi2MDNNsjRnAILE8kncIBoCeI5vmsLC%2BMyC4T8jI8PHz5Yw5vI%2FhTDm8aOHmGHsS6cescHYu%2FddFoCxPzTch7MPL54DN3H6CXWYkndLEMJrNjzlholP%2FDhBG8YGACWSPms%3D
.nst.com.my/ Name: _cc_aud
Value: ABR4XmNgYGBILJ%2FEDaQggImB8cZyEJPxxlIgCQA%2FegR2
www.nst.com.my/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.nst.com.my/ Name: pbjs-pubCommonId
Value: 41039164-7947-4ff4-875b-f90298ae5a0d
.nst.com.my/ Name: _gcl_au
Value: 1.1.967178468.1635226124
www.nst.com.my/ Name: cto_bidid
Value: Ry_4Ul9GMFh0c2p0anBoUHFrVkFMYmVEeXNsZ1VUQnlWU25qVUk1ZmNEUFR0QVFYQXJGRUQ3THZNRjQ2RW1zWUV5JTJGJTJCRkpnJTJCRG9LQjZ5b2tqRHpjNmZDeGJ6USUzRCUzRA
www.nst.com.my/ Name: cto_bundle
Value: bQTa1F9yaExFRmNGdlBJaFdKUEVESVU3QnFJOSUyQkdRMlFQQU9TNEJ6JTJCUm16QnJoTFFjdXEybHJHRjRTdk9MbXQ4JTJGeVhCem9FMWJkNkQ5ZjVLOXpTVHpPZEx0aVZwaU90ZVhuRzF4Y0VGOTB1aDhubHV2c1loQUU5VGUwaXluNkolMkI0MGwy
.scorecardresearch.com/ Name: UID
Value: 10YVTCCLVBESNSX9PRLOKQg1635226124
.nst.com.my/ Name: _ga
Value: GA1.3.2023701743.1635226124
.nst.com.my/ Name: _gid
Value: GA1.3.1851048285.1635226124
www.nst.com.my/ Name: _cb_ls
Value: 1
www.nst.com.my/ Name: __atuvc
Value: 1%7C43
www.nst.com.my/ Name: __atuvs
Value: 6177920cada536f2000
www.clarity.ms/ Name: CLID
Value: d201ba96400e4bb18daa426949e58e3b.20211026.20221026
.nst.com.my/ Name: _dc_gtm_UA-1357345-6
Value: 1
www.nst.com.my/ Name: _cb
Value: X49i-DW4br5Z2Pg5
www.nst.com.my/ Name: _chartbeat2
Value: .1635226124502.1635226124502.1.Dr00Z4BYgffSBPtvVX5YfzDBlA5Qr.1
www.nst.com.my/ Name: _cb_svref
Value: null
.spotxchange.com/ Name: audience
Value: 96808430-361d-11ec-a063-1ee5b9e10306
.doubleclick.net/ Name: IDE
Value: AHWqTUkbaLvuzlnEsHhePmYCdNSAM7V7eGZnuPWs9EostaVDKCY1hiSFMJlOVSRZ
www.nst.com.my/ Name: enableAds
Value: no
.c.bing.com/ Name: SRM_B
Value: 004281E472716277313491387333634D
obs.cheqzone.com/ Name: cg_uuid
Value: 6d20c45031d0754df6df82aef86c08d4
.openx.net/ Name: i
Value: 41039164-7947-4ff4-875b-f90298ae5a0d|1635226125
.addthis.com/ Name: uvc
Value: 1%7C43
.smartadserver.com/ Name: pbw
Value: %24b%3d16930%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 370834=4637128
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1309657985%3B%24ql%3DHigh%3B%24qpc%3D75219%3B%24qt%3D152_507_40976t%3B%24dma%3D623
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1309657985%3B%24ql%3DHigh%3B%24qpc%3D75219%3B%24qt%3D152_507_40976t%3B%24dma%3D623&c=1&l=474544638&lo=1274008498&lt=637708301250980510&o=1
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 004281E472716277313491387333634D
.c.clarity.ms/ Name: ANONCHK
Value: 0
.nst.com.my/ Name: _clck
Value: 1xkjmjj|1|evw|0
.nst.com.my/ Name: _fbp
Value: fb.2.1635226125156.314776689
.nst.com.my/ Name: browse_abandonment_article
Value: 1
.addthis.com/ Name: loc
Value: MDAwMDBFVURFQlcyMjc4MTg5ODAwNDAwMDBDSA==
.smartadserver.com/ Name: pid
Value: 2822817571359180848
.smartadserver.com/ Name: pdomid
Value: 16
.openx.net/ Name: pd
Value: v2|1635226125|gekin0vNiygu
.nst.com.my/ Name: _ym_uid
Value: 1635226126732349688
.nst.com.my/ Name: _ym_d
Value: 1635226126
www.nst.com.my/ Name: _lr_retry_request
Value: true
www.nst.com.my/ Name: _lr_env_src_ats
Value: false
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDJJNjVLszRNSkw2NUo1TjI0SExLtUwztUi2MDNNsjRnAILE8kl8IBoKAGR6Csk%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBILJ%2FEB6SgAAAS3QF5"
.yandex.ru/ Name: ymex
Value: 1666762126.yrts.1635226126#1666762126.yrtsi.1635226126
.yandex.ru/ Name: yandexuid
Value: 9359048871635226126
.yandex.ru/ Name: yuidss
Value: 9359048871635226126
mc.yandex.ru/ Name: yabs-sid
Value: 2420867761635226126
.yandex.ru/ Name: i
Value: 4pV+l1/9HFZea9jJKj4Lxlrh4sQOlgQnnXf53rlb/CYdOqGs+h4nqZNpnw0OHxH4ETTiFMwJAxmxhYyUTKaMilAfHio=
.adsrvr.org/ Name: TDID
Value: 9d1cd784-0906-44e2-8fcd-fae755cc31e7
.nst.com.my/ Name: _clsk
Value: 4brka6|1635226126382|1|0|f.clarity.ms/collect
.nst.com.my/ Name: __gads
Value: ID=c661d3eca26a20f8:T=1635226126:S=ALNI_MZmxEmSCGqYmKcG6u95ABjqQcIsAQ
www.nst.com.my/ Name: id5_storage
Value: %7B%22created_at%22%3A%222021-10-26T05%3A28%3A40.534376Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
.nst.com.my/ Name: panoramaId_expiry
Value: 1635830926411
.nst.com.my/ Name: panoramaId
Value: 345a26adab0939f19867ec71e9f54945a702fa4057012218b13fc08834a26c96
www.nst.com.my/ Name: pubmatic-unifiedid
Value: %7B%22TDID%22%3A%229d1cd784-0906-44e2-8fcd-fae755cc31e7%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222021-10-26T05%3A28%3A46%22%7D
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 1076647013fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1346863572fake
.webvisor.org/ Name: yandexuid
Value: 9359048871635226126
.webvisor.org/ Name: yuidss
Value: 9359048871635226126
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced
.google.com/ Name: NID
Value: 511=KfyPG_2PzOK9af1Y7cEVQCasbEd9de7DldXk6cgAdPE1PB6_yqZx3ZzCZEq1IvB0h_M6U1s74qBfPGgP0Ut8sPrNZL167cbaQt8fogwb2QftjqCv3g4UF96aBsP88jaMVoJ3aYuoUmV3lYXCADJHhFuq2IJvZ0KafEVVchOjYmI
api.vodus.com/ Name: thirdparty
Value: yes
.api.vodus.com/ Name: Vodus.Token
Value: eTltTFFtc2tGY2k1RWE1K1pURGtBWUJHOTYxWkRiWHovVGVmSGxkMzJ2SmRYY2ZJOWN3RzV3d1Z2b2U2OHFqZUd0TU9DMWlaa2xzWU45Z09IYUUvMjk5NXVCNlE2b0RjOFc0bEpYRmFsYjA9
.www.nst.com.my/ Name: Vodus.Token
Value: eTltTFFtc2tGY2k1RWE1K1pURGtBWUJHOTYxWkRiWHovVGVmSGxkMzJ2SmRYY2ZJOWN3RzV3d1Z2b2U2OHFqZUd0TU9DMWlaa2xzWU45Z09IYUUvMjk5NXVCNlE2b0RjOFc0bEpYRmFsYjA9
.www.nst.com.my/ Name: vodus_cc_parameter_last_sync
Value: Tue Oct 26 2021 05:28:49 GMT+0000 (GMT)
.www.nst.com.my/ Name: vodus_cc_parameter
Value: {"Interval":"240","Delay":0,"CTCTimer":5,"CTCInterval":60,"Language":"en","ModalClosable":1,"MinSessionCount":1,"NoDemo":0,"CCType":3,"DailyAllowance":0,"DemographicCCType":3,"DemographicCTCTimer":0,"DemographicInterval":0,"CCScrollTrigger":20,"CatFishPosition":"bottom-right","ChainQuota":0,"BannerMode":"0","IntervalBannerMode":0,"STOAfterTotalNoResponse":20,"DMPType":2,"DMPCode":"7270","DMPTargetAudience":"ca_495","DMPTargetCode":"5e6ad014-1f46-4c4f-94a3-1107d60775a8","IsAdminCCControl":false,"IsJSConsoleLogEnabled":true}
www.nst.com.my/ Name: pageType
Value: channel

52 Console Messages

Source Level URL
Text
security error URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
network error URL: https://podcast.mediaprimalabs.com/index.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://s7.addthis.com/js/300/addthis_widget.js(Line 69)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://s7.addthis.com/js/300/addthis_widget.js(Line 69)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://s7.addthis.com/js/300/addthis_widget.js(Line 69)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://newstraitstimesmalaysia.api.useinsider.com/ins.js?id=10001457
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263(Line 17)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/360/pwt.js
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74)
Message:
Origin trial controlled feature not enabled: 'trust-token-redemption'.
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security error URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 548)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 518)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 518)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263(Line 9)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263(Line 9)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()
security error URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 26)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 26)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
network error URL: https://t.pubmatic.com/wl?pubid=121793
Message:
Failed to load resource: net::ERR_FAILED
worker error URL: https://www.nst.com.my/world/world/2021/10/739628/russian-hackers-behind-fresh-us-cyberattack-microsoft
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
deprecation warning URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Message:
Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
security error URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://assets.nst.com.my/assets/js/desktop/app.js?id=4bac2d8a48f451c792e9
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3001496-new-straits-times.cf.ivideosmart.com
7690f6bf04f3c74273fbe89bb0e7ba87.safeframe.googlesyndication.com
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
api-public.addthis.com
api.rlcdn.com
api.vodus.com
apis.google.com
assets.nst.com.my
bcp.crwdcntrl.net
c.bing.com
c.clarity.ms
cdn.aralego.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
d2wy8f7a9ursnm.cloudfront.net
eu-u.openx.net
f.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hdrbd.ivstracker.net
hit.api.useinsider.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
images.says.com
imasdk.googleapis.com
ivxplayer.ivideosmart.com
js-sec.indexww.com
location.api.useinsider.com
log.api.useinsider.com
log.outbrainimg.com
m.addthis.com
mab.chartbeat.com
match.adsrvr.org
mc.webvisor.org
mc.yandex.ru
mcdp-nydc1.outbrain.com
mediaprima-d.openx.net
mpdrec.nstp.com.my
newstraitstimesmalaysia.api.useinsider.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
p-events.ivideosmart.com
pagead2.googlesyndication.com
ping.chartbeat.net
player.ivideosmart.com
podcast.mediaprimalabs.com
prg.smartadserver.com
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
segment.api.useinsider.com
static.chartbeat.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.aralego.com
sync.search.spotxchange.com
t.pubmatic.com
tags.crwdcntrl.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
v1.addthisedge.com
vodus-api-serverless.azurewebsites.net
vodus.my
voduscdn.azureedge.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.nst.com.my
z.moatads.com
3001496-new-straits-times.cf.ivideosmart.com
imasdk.googleapis.com
mpdrec.nstp.com.my
s7.addthis.com
sync.aralego.com
t.pubmatic.com
104.16.18.94
104.16.85.20
104.16.95.65
104.17.168.114
104.17.169.114
104.17.171.114
104.18.12.80
104.18.18.113
104.18.19.238
104.212.67.232
104.26.4.103
104.75.88.126
13.107.213.45
13.224.190.164
13.224.196.32
13.224.196.43
13.225.78.101
13.225.78.13
13.225.78.37
13.225.84.38
13.76.245.96
142.250.184.234
142.250.185.134
142.250.185.161
142.250.185.226
142.250.185.66
142.250.185.98
142.250.185.99
142.250.186.100
142.250.186.129
142.250.186.130
142.250.186.138
149.5.244.199
151.101.114.132
151.101.193.108
151.101.66.202
157.240.20.19
157.240.20.35
172.217.16.130
172.217.16.142
172.217.23.98
178.250.2.146
184.31.84.150
185.33.223.178
185.64.189.112
185.64.189.226
185.86.138.32
185.94.180.125
2.16.186.10
2.16.186.27
2.18.232.28
2.18.233.180
2.18.234.190
2.18.234.21
2.18.235.40
20.188.98.74
20.84.22.197
204.79.197.200
216.58.212.136
216.58.212.142
34.120.133.55
35.244.159.8
50.16.211.97
52.142.114.2
52.209.129.133
54.36.109.47
54.86.215.174
69.16.175.10
70.42.32.159
74.125.133.155
76.223.111.131
77.88.21.119
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
0290f0d61a6b94aca37bd874640ee172d86ec3743f3c0a611063036261074f92
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0763dc88e8ecca9d2ed938724ed3214b08f4e257b549f3fe5940eb93dc210e82
080a485f94dee0e757572d6258ffb9faa1bf8876bef1aa5f60e15a81d54c4709
0b52dc3851559db81b5517ed0d7f0ae732f1f758f09834c62d09c02189ca2155
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0e2fccb877b1db9c1178c0d4b8b576658a91f8e2572620b6a173c5d59a2a3f60
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f5fd8fd304c26e98b9ec45b747d9df6230423efbebefd6d6b7a30ea589a7677
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
1433a1588f74d9dd724983361df4defe48901f200c54e7cdcd64fe9cf06fd433
1453bf9973d7a5f036de806193894a36df7296fac0c5b9c5ad0319bbdba87953
164e25b728d69e104cff2679fdbe9f1bb302c63b0d48954316019b1901747bb0
173d0fa2811e259341dfe113b1af3b7b29ab7165a136b3f7d5183caf6f266b5b
17ca0c3d686759045c7ee0a22cf8510fe4e2178a9ed8b72e894e01dd19f6177f
182e92b39b0565d8412432f2f318d51e68b1c0c879fc9edac0527285bbb743bb
189cd4000dc90e8b2ce95089c9b360465ede5611242a8fbaf33c08d6db1dbace
1b2cfccaad64e8d3a7c431218b2924a433c08b3a89f8d003d49da62e8d078c0b
1bb5f107c579ed9e47a5c25bc7bfc9cf4ef97e11e652b43a720711a2c3d69378
1ceb4793aace2aa50366c235aee789749d7212e0e3b39616893fe4c55f44d9e4
1d05b65fe018b033643449c09121df2d26dd5ea4bf41dc5ce69a065ee5487974
1ec4ebbd64514a58c9f89f8dabeadd5f79d2839c054ee325ec5b2f264c404907
1f51166899f96e582bc10b3361c7452d1b54eb4be542b1ae61dc3c57c567c20e
1fd0515fff09f54086050f9300c9a25d154b83af457a37e33688e905745e986b
200b50d88a2a44f1b44b3b3bbd0cbd996fa4d3b7f618c058c566526a5f20e707
200d53517adf1ab1f6e29e336151289561a233c1d07c953b2ad2f715713bbb23
209373112ec7c64611a0a236a1f4ef26fe0f2732d6513160e9185b98d8b6da6d
20de046ccbac77d387a0ae9aa99bf88971dda9c28b725ade7dc266011bafe92d
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1
255dc1412e7a81505c786c462f6c6f795092d6a98a707b04aca457749e28ee92
25e89d49cf99e6300d198a012894ffe80b242bf217b9681bb25b715c72b97641
25ff6c340c9ca854b842a8474ad3287abba48f5de15983ac999d3ec16f8fd5d0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27cf5ee5ae2f3f496bbdc1cda924a35eba5003163589044a7a6b6c56aa335d4e
298b3071e789b3d36913814f319e6a973fcb6ef5dcd0514b135727a6c3d171cb
2d7dd7f017c48a5382f703aaf0bfa16716d3191ec4f70b32f41eb6e7d4f72ca2
2db4a24b6838d16e6ad8c006448c75ef04b6aa3b3a96c749d7b100252b6a5e0a
2eb5e61cae897b70f29ed1ae87775f171cd4c40bbb1d337086443b9bde31090a
30bace2a4efc20c4c38131eee9e2906bdde40b6714ab7534295230ca493bb434
33205051f6e37b9dc8139fbcfc22640e42adee6c5e26964f33850cb61c28a3f5
359f5ba822b2b6605fe5f4f38d2fbab678e12b742a43419536dcf418406f1e93
36a40717c9e66d212c9a11f312c0a2f56a77bf497b1214433d2c846175724e35
37fb546f8426b457a1ad6fa0f6eef42a199837d34d79cd3c4df1162c2c19abd6
38a25ba1c3d266a3326449ea62d90174a54fcadcb6823e6a863a8339f187adc5
38c509e7eb5026c7ae0327841927fc90695055c770dad4b41695209dd7582e96
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3b1a9ea322a63b6f0e2b915b99f0496dc7b026a068b1753d7e7287e178227923
3ba204eb6b5ddfd1793407cdd021c7c3f02b0a6d07ea711283a502f3b594e448
3c805049772d7a07272b57fe9dd27b4ff5e5cca40a3b6ff0295ddeb5aa8a45bd
3d54f1bb0e7bb7f7a8d5a4ed048cfb8fac028077d537660033f67c99c3ec7f8f
4325234993fd7fca892b655018e0f70a51582869cb038cfdebe0576bc4154fa8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f46c8b13ee24c473d9c9605a1df324cbbf26eb47625ca34d7bb8ed8560da37
49505b85b3f6577dcbcbcdb4f40056a81b655d416c868d44d36737838c87af33
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4dabd1b9630e605dca0078d805fff2b99121cfb2d3fb3f4b2ff309f47fb060dd
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5224e0d0f42b4b7b5157aea952edca48312aed15ccef397b4c731dbdc0e75c54
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
56134bdb4b4108a798f7a820f4d8e4bf7df4c7a3150f9e61e6c5f4c9c783d436
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4
56403487b9febac7f3d89dbf3ab8b6c89f1f6b608ebeb14fecf0ad756b9fe6d7
596d1162b5761bba0b28f0454e88472bd0a91664f00a84c5b89187934f94b758
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60ae7042861cf43c2e66c97bc534e2fe493d9d64b6fd6313845627429c01d6e6
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
627d1d5f13f6055a68058845719f2775e5fe6de104b6d68c54ad1558bcbca061
647a39224ced6f2cb726683451872eb2e0d9b9bdcfb74a197ed52883b5f3a9b6
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
67078959ea97bf1c45d7fdee4667409bef9e877c9305d0961daffbc1bf4fc2fb
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
68353ac443f78deb984d00996402bda635485ccca37bad66f8b84f91ab50ce84
69bb700117e1c4431a95eaf1d70411b17453e9cb35242d9da0254a877f4c1281
6b685959b75a7053c70278505ebd718fa6a1af70ed0acf2dc418fbb70ae35192
6bbb5e354138bdacaf7fe81409ec991637f79792f4a140480764628a993e7251
6dc49e64c55df20931a1ffb638364e2efb42e65b692dd4aa5759c6868ae2294e
6fa6ed9d3aec30cb607f4fee66144d2d3192124d3a6722367ee11c128fed8c89
7222bdb705a3d4af9ac5d4f1375a3709bc77578dcc0e1f3b5caf55fd14af959c
74a36b5e7aa86dea54216c82390d18b821bc597647db38a459c4c1657d4b2bd2
753584f46703a628d123654f8374f810ec4eaff6f8474beafc1eadcea7a6f91b
762b993a82d1c3c930d86f222059b0bbcd0faba40f0e7d4b34799bcc3cca0e7a
7746c1c5183c0461a0296140659b9c16d75cc4b274861ff009585bc1a0fc7142
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
781f42373d0f68c4c15dcc3aa3c4469523de3d54198a6e0997edaa8ebfe0d7d6
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
78f5b4df79e3334e6dd8aef82ee49878f8e119d628a8e402d606c3f34bc07bc8
794fd6e8fd3e9efba6728cbb7729e6245036343d96cc9241a747e4f1f6fa92c7
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7fcb57eb9682bc01ed2a77c8bffe1a5f1c5ab42a20993c4b2e9b729755e3b628
80e112f302dc9e0e4167ec6030a7be016734cbddf0fbcb5bad8476b5290ec39f
827aeb41ea8092f1806ef3d4de3b2fc9cd60b5db524dc1186d6f662ca9a7e7d5
828e2359ff39cad670818dd76a29609e0f30f217b6b59a58094328cf67d1c59f
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838a0754f89d844556ba3d4ea7e5886b48c9de9d796719e1a9f48575006a5ae5
8491e6705bdb33a52dce45f3e5299aab11aa555537f6a6e869e4a0bd9af3d7be
84986d42eb31805610b2dbad9b34194433ef92058a436a6c5f13eda4502b85b4
854eeab54c92762230493a02ad6c7227d0ae34a0605605b5fd5f668f0310d241
86336b4ed2e23c85cad3232ac599703ddda1fc74e36aecd38564d6066b9d9b33
86f10078e62c98e55ec569665babe860af9f50a4b4684a575a9bf97c91f70f79
88e8afcece48b20f360bd0ea0d5503d2787970fe83f09ea92b374b06d363533d
89217528ff779a9d3836efde9904ba13979c9cd01666796dabbb1ba533b1126a
8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031
8e092967f74b579ae1700b233cd0900c3c728360179dfbcc16cff9e9201e9cab
92e84db6987ce882afbf7bf6a990760008eb6f08af890a00b0ee7f1301e5f7d2
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9536bbef911d2487ce7c66e1dd1be85105e1edace8b00daadcd6eddaa9431018
96ce69a7e6d839f6895f9f03a2abc47740148cf71912e11fa386ddd86cb39d32
9809cf3cdac218fd53416478f37f4490e1b848d1a1000dc2ee5b16abf672c619
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
993045a931944bc733d47a35ad05beb326d03bd5b821476925993d85ae4d6883
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a70ce75334bf797f6483993e6c7563e26de663be65be43925d3b0907ceae075
9ac442b673ba2d232f592393f82260ece7d59a4105aab8894586cfedbdb340ce
9d83121a5242fd08642d5791a2c7536b9f20291498977184992a6a1db5808f05
9dab05836d6330b376d4a649ab812cec030e5a1d2530097cccabb8f41605d83d
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a333384462c0747d7c2cdb7504053fc25bd568427e6dfe9cd9d9b05b908aa18a
a3b7eaa94adc989307a86839dd51e44b4d2beb5476ab52594a813f25820369e9
a461c27035a07006accddf473b2e3fd2430c1db950baae35b8ff5048e1ff8103
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
aac0a35ab89f973a07523687c4adb7cc0842453537ca651dc77fdd08b0f172e6
ab3064db5604c5db6ae21d949a6edbd2ca6352152518bc87b6432ee4e68726a3
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
ad0bcf4fc728dd8c9aab8d2c72a627b67f0906698fd5130cbf8c68a254dc2a27
ad3cdcf42b1f1e15473b86288efdbb013bb30bb6f00a72a8f0a6b3ee74da722f
adbd2d20a9543ad40a5a66a187209902d1013e67b569fbee9bac3f7d9dafc474
adfb79a26803aedc9e5880eed1c452c32ab63a237614d1d6c5c10b1527ef856c
af25308f5b720e91d96b9c79c2a2bcbcbb1051b4b5f08233b4e48fc992d1a8aa
b005a277a69f1f133d71be508aa8509685d06fb0783aeab37e33895108731218
b0e47ef0aee38750e68139747cf5e05d9f48d501bdccee58da9dd0831b026182
b0e5f79c37d09a5c3207d815d266c8d85526e57546a73c0cbbcbdc2230190bcf
b1290b86b3cc26df40a5317afa35187b41827af9330879ffca0f727f12321a7c
b2631ed02ef233f24053282523599cf99516637ce3eed1e685061b45e1fda662
b3c311f12f59910a0e295ef30baf0a06a558cf6c03537707c332f40d21f7f3ee
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5e5e666649d948dfea9068869116af29cc9186d19d611496e395eeb410c2592
b5e7e9e27e469ad93a5ae8b4dbc4f87e3e9cc41815d8564d123e13eb007f17c0
b673444dccaee520d7ac885452590d06ecabaf158188308c8a6bd44f4ee8ac86
b7ef7497d2d27a0884f3eedf383f2144a734ea0c8fb0a8ae1798b62990495fcd
b946d55019679e639858dd3cb561b516b0329ef2cdaa4be7e30234defa506b5a
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50
be8bf5f51a87d5f3d8f069ce9add21558c07b363f25122d54c478fcdb69291cb
beb6dbf3c8d424f3197bada989796b249ce027faf265261581e4cfd543f93600
c0670a1c73e650c4dc1b521e54081021efaeb3d57ca0283b3a1e8989883ccfa2
c3160d4eb1326fe436d7a1edde158f5d5756ee4de884c40ae20c308b4cdf1fd3
c68c032c34622727351e76727fa64f8aee23b90b8924a2ab8cb5fa73a9fba1cc
c76853b9b64b3fb4b4cfbd22885e4cc2e3f14918020efb69a1df8eaeeb2a3b8e
c7c5d2ff8388dfe32e17e61da3d010954a90f56f52e088e169be8d98286d3099
c8139748fb3309fcea3646bde94855641e2e422552f67013142ae92a8a113aa7
c82d3cf22203ba7ff9a677ae42fe9567d8a7b0ce834456e91f7e7687a7c3aa7a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca36f873de4179ff98881f5ffe29fab13c4a0327bc5539347bb4d671609b156d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd842109bb80029dd1cf8231b73444120478d211da502d9a23e3f3e5139920b1
cf15467d3e2b0a260dd0075fd0c234947455ecc684fede410b014bb5eb59e10d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d224bf6607246117f6fb37fcf1f83f1c1d14d5c99d46d8aed600f85ea1447f44
d3cf33b63eb0628996513da291795b90a0d745055fe9d7b9a1ef7aeab0f82688
d4bddeadeda017ccd60ad04f29ae031af6bd78465ceea895cc988acff3330c98
d4cbc8dfae5d75eaf03110760378ed5c27145748e09057a0a3346bf9360de912
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50
d63100ed4bbce728893122b768e7ab006f4a415d8001731899bbf8c0ddea2b93
d659b0ebd2557d1e35fba8bf8fcd3aedc04ff08d2d737e38633548180f35df4e
d933a2cea24a2cbfa1c749c127db4f222a425463fbaf8f6fdd24c5a3a2fc3c95
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dbaaaac62efda76a2053d058c682c09fa801ecf1f7eb8967c3ea9c40c6375258
dd5a327cacc6d55aaf0fbd27f6c312e0dfeac90d75c625ef085d0b7cf076886c
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
e0034c436625653fddeda1284739402f2237dd48533a17cf92585725cde07d28
e0b6a43356cf66c59980d2ad8dcf09d41c04fb219a422fd4ad6c8fa4fed7a898
e0e83c5616ed511922ad60ab6c29720d0bb8b7325c08e745b1cfdfb2e82153c2
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e21aa289818ac270e2647b8f04a0b04a78716f57797940f6fea477c6d03b7e56
e23a4e032b9b1dc7ed992b680df42bcc5ae15bf7e8573a6ff2cc694235adcd38
e24b68c44e525ab549052d6691eb27280a003523df1c6e6713cc980d4ce6f67a
e2685129ff1375b236e63180357cc86e357c371851242a48de77c85571e83abe
e37a6f5b4a9288dad70a0cabf87c08989b4042bc6ca7fa3b1fef3f6ab4cc509a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83ef45650ff1cf64961dceea45696d656b412d8f1885fccccb5e4925d1a5fe1
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ec2bf6a7a80f155c4e013762780384afc0804cdce41de7ca50682d6607e19154
ecd8799f73c6448e0900077d29c47a134dc4e755c1a3d2d1b17171fad091f65a
ed02212bdc9d93554d8645301fb1b7123480302e0492e770bb43c8e13e7b75b5
ed0d99d45018b58a8210d98eb679d0c54d7722604ef6a1eb594ed5430df6ccec
eda144dea7a719010fe6c2e87514f5eca490b3c74f120f6ac8cb514596d4ef48
ef00fbcaac23ad8aa2a6c230d1ffccb345dcb62885bc2660bf4159fcf0cf9721
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e32026d7bf748f81aebc6ec1e8be7be1449e447a457b293120be942c79e2cc
f65bbe2421e8490072159f5e96fc4c192a16fdf907a6f6f96a6046eb5ea10d4f
f6811758de71db83adc969de9f51a0b249b3a228e0ac701aca211802458c7d76
f83e10a26b56cd40a0d1329b2129e6ac391d69982444cd6edbff8adce2643784
f8795ef8355b65a92168f864d5bbd589b08e7472c0e9eca4b250acd91d0a858f
f899ff7b79b09d5aac742b446aa8be019cd687e3781f76be8030a01cc567081d
f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32
f94fc133e3ddaef1a9c299f5d7b4f608753ef156544ba9d591284ddff0e40fd5
f99580135a88896363c691eb4a5c8d00351e120484fdd120dd29bc9202713db9
f9a2c72426ae89dbcd29f7cf81307d4a4940f643627b21bc5031276ffe058b94
fb275a4170a097ee1163244167c39ff0c316fec506ce21f52fbb4af11c739f13
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
ff29c8b43098b8cc4ad6ec2f1c90eb705bb73beb780b3621dee7bc91b684281f