urlscan.io logo urlscan.io
SecurityTrails logo

www.straitstimes.com Open in urlscan Pro
152.195.53.15  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-wa...
Submission: On May 19 via api from TH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 79 IPs in 9 countries across 49 domains to perform 464 HTTP transactions. The main IP is 152.195.53.15, located in United States and belongs to EDGECAST, US. The main domain is www.straitstimes.com. The Cisco Umbrella rank of the primary domain is 89632.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 29th 2023. Valid for: a year.
This is the only time www.straitstimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 90 152.195.53.15 15133 (EDGECAST)
10 152.195.53.10 15133 (EDGECAST)
1 2600:9000:21f... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 13.225.78.116 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
2 65.9.66.122 16509 (AMAZON-02)
25 143.204.215.113 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 52.74.214.156 16509 (AMAZON-02)
1 35.241.9.51 15169 (GOOGLE)
2 37.252.171.22 29990 (ASN-APPNEX)
1 104.19.150.54 13335 (CLOUDFLAR...)
8 34.107.254.252 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
12 2a02:2638:3::3 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 95.101.149.35 16625 (AKAMAI-AS)
1 18.156.109.169 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
2 18.66.147.116 16509 (AMAZON-02)
84 23.32.185.60 16625 (AKAMAI-AS)
7 151.101.194.244 54113 (FASTLY)
1 2a04:4e42:600... 54113 (FASTLY)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 143.204.215.13 16509 (AMAZON-02)
6 54.251.221.242 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 5 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 3 13.32.99.105 16509 (AMAZON-02)
2 18.138.40.123 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f08... 32934 (FACEBOOK)
2 13.225.78.89 16509 (AMAZON-02)
40 70.42.32.191 13789 (INTERNAP-...)
1 178.250.7.13 44788 (ASN-CRITE...)
1 1 3.33.189.110 16509 (AMAZON-02)
1 5 93.184.219.231 15133 (EDGECAST)
1 3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 34.233.50.152 14618 (AMAZON-AES)
1 2a05:d014:5d3... 16509 (AMAZON-02)
2 18.198.157.165 16509 (AMAZON-02)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
13 146.75.122.132 54113 (FASTLY)
1 3.65.115.184 16509 (AMAZON-02)
6 2a03:2880:f17... 32934 (FACEBOOK)
2 2620:1ec:4e:1... 8075 (MICROSOFT...)
1 212.82.100.181 34010 (YAHOO-IRD)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
4 52.220.136.47 16509 (AMAZON-02)
2 20.62.48.180 8075 (MICROSOFT...)
2 2001:4de0:ac1... 20446 (STACKPATH...)
1 178.250.1.6 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:2638:d::13 44788 (ASN-CRITE...)
2 2a02:2638:d::11 44788 (ASN-CRITE...)
12 151.101.66.137 54113 (FASTLY)
1 2a03:2880:f08... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 68.219.88.97 8075 (MICROSOFT...)
2 151.101.129.44 54113 (FASTLY)
1 99.80.210.150 16509 (AMAZON-02)
2 162.247.241.14 23467 (NEWRELIC-...)
2 141.226.228.48 200478 (TABOOLA-AS)
1 13.248.245.213 ()
464 79
90    152.195.53.15 (United States)

ASN15133 (EDGECAST, US)
www.straitstimes.com
10    152.195.53.10 (United States)

ASN15133 (EDGECAST, US)
adtag.sphdigital.com
cdp.activation.sph.com.sg
1    2600:9000:21f3:9600:1:d14c:f1c0:21 (United States)

ASN16509 (AMAZON-02, US)
dsuwzj1tch87b.cloudfront.net
1    2606:4700::6812:1af (United States)

ASN13335 (CLOUDFLARENET, US)
5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app
5    13.225.78.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-116.fra2.r.cloudfront.net
cdp.sph.com.sg
2    2600:9000:2057:2c00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
25    143.204.215.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-113.fra53.r.cloudfront.net
static.mysph.sph.com.sg
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
3    2606:4700:20::681a:d56 (United States)

ASN13335 (CLOUDFLARENET, US)
www.queryly.com
5    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    52.74.214.156 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-214-156.ap-southeast-1.compute.amazonaws.com
suid.sphlabs.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
5f876161-9740-4cc8-9b64-4585990b2690.prmutv.co
2    37.252.171.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
8    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
12    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
6    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
1    18.156.109.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-109-169.eu-central-1.compute.amazonaws.com
tlx.3lift.com
13    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    18.66.147.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-116.fra60.r.cloudfront.net
global.oktacdn.com
84    23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com
amplify.outbrain.com
widgets.outbrain.com
widget-pixels.outbrain.com
7    151.101.194.244 (United States)

ASN54113 (FASTLY, US)
static1.straitstimes.com.sg
1    2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    143.204.215.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-13.fra53.r.cloudfront.net
neuron.platform.sphdigital.com.sg
6    54.251.221.242 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-221-242.ap-southeast-1.compute.amazonaws.com
streams.cablecar.sph.com.sg
1    2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
5    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
3    13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    18.138.40.123 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-40-123.ap-southeast-1.compute.amazonaws.com
segment.api.sphdigital.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    13.225.78.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-89.fra2.r.cloudfront.net
sg-config.sensic.net
40    70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
tr.outbrain.com
mcdp-nydc1.outbrain.com
amplify-imp.outbrain.com
b1-nydc1.zemanta.com
b1t-nydc1.zemanta.com
widgetmonitor.outbrain.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    3.33.189.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: af77c9e516730cc51.awsglobalaccelerator.com
idp.mysph.sph.com.sg
5    93.184.219.231 (United States)

ASN15133 (EDGECAST, US)
tagweb.straitstimes.com
3    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2600:9000:20eb:dc00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    34.233.50.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-50-152.compute-1.amazonaws.com
ping.chartbeat.net
1    2a05:d014:5d3:cea0:34bd:20cd:7c62:c2d5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
1684467802528bdf94ceb08543450737941e2aa1e7646dac90ec9179.trk.sensic.net
2    18.198.157.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-157-165.eu-central-1.compute.amazonaws.com
sg2-s2s.sensic.net
5    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com
13    146.75.122.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
mv.outbrain.com
zem.outbrainimg.com
1    3.65.115.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-115-184.eu-central-1.compute.amazonaws.com
fc-id.sensic.net
6    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
6    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    52.220.136.47 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-136-47.ap-southeast-1.compute.amazonaws.com
highway.cablecar.sph.com.sg
2    20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e.clarity.ms
2    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
2    2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
12    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    2a03:2880:f083:10e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
graph.facebook.com
5    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    99.80.210.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-210-150.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
1    13.248.245.213 (None, )

ASN- ()
eb2.3lift.com
Apex Domain
Subdomains		 Transfer
105 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 2968
widgets.outbrain.com — Cisco Umbrella Rank: 1399
tr.outbrain.com — Cisco Umbrella Rank: 2826
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3415
mv.outbrain.com — Cisco Umbrella Rank: 1929
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5858
amplify-imp.outbrain.com — Cisco Umbrella Rank: 4240
widgetmonitor.outbrain.com — Cisco Umbrella Rank: 8859
256 KB
95 straitstimes.com
www.straitstimes.com — Cisco Umbrella Rank: 89632
tagweb.straitstimes.com — Cisco Umbrella Rank: 165020
626 KB
47 sph.com.sg
cdp.sph.com.sg — Cisco Umbrella Rank: 135128
static.mysph.sph.com.sg — Cisco Umbrella Rank: 123839
streams.cablecar.sph.com.sg — Cisco Umbrella Rank: 175337
idp.mysph.sph.com.sg — Cisco Umbrella Rank: 130328
cdp.activation.sph.com.sg — Cisco Umbrella Rank: 147108
highway.cablecar.sph.com.sg — Cisco Umbrella Rank: 128860
1 MB
22 zemanta.com
b1-nydc1.zemanta.com — Cisco Umbrella Rank: 4794
b1t-nydc1.zemanta.com — Cisco Umbrella Rank: 4152
3 KB
18 criteo.net
static.criteo.net — Cisco Umbrella Rank: 639
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9070
csm.eu.criteo.net — Cisco Umbrella Rank: 8905
94 KB
13 googlesyndication.com
308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
59 KB
13 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
188 KB
12 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 389
40 KB
10 outbrainimg.com
zem.outbrainimg.com — Cisco Umbrella Rank: 2625
380 KB
9 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2499
api.permutive.com — Cisco Umbrella Rank: 1909
9 KB
9 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
142 KB
7 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
graph.facebook.com — Cisco Umbrella Rank: 134
930 B
7 straitstimes.com.sg
static1.straitstimes.com.sg — Cisco Umbrella Rank: 124838
99 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 952
e.clarity.ms — Cisco Umbrella Rank: 19669
c.clarity.ms — Cisco Umbrella Rank: 1495
22 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 68
2 KB
6 sensic.net
sg-config.sensic.net — Cisco Umbrella Rank: 104830
1684467802528bdf94ceb08543450737941e2aa1e7646dac90ec9179.trk.sensic.net
sg2-s2s.sensic.net — Cisco Umbrella Rank: 90718
fc-id.sensic.net — Cisco Umbrella Rank: 48412
22 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 413
mug.criteo.com — Cisco Umbrella Rank: 2837
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15150
ads.eu.criteo.com — Cisco Umbrella Rank: 8856
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10084
56 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
68 KB
6 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 3728
30 KB
6 sphdigital.com
adtag.sphdigital.com — Cisco Umbrella Rank: 115109
segment.api.sphdigital.com — Cisco Umbrella Rank: 134440
110 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 339
www.linkedin.com — Cisco Umbrella Rank: 603
px4.ads.linkedin.com — Cisco Umbrella Rank: 6328
4 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 6080
adservice.google.de — Cisco Umbrella Rank: 9037
1 KB
5 bing.com
bat.bing.com — Cisco Umbrella Rank: 343
c.bing.com — Cisco Umbrella Rank: 232
15 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 899
trc.taboola.com — Cisco Umbrella Rank: 635
trc-events.taboola.com — Cisco Umbrella Rank: 1846
20 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 157
242 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
362 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 155
844 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1351
mp.4dex.io — Cisco Umbrella Rank: 1975
25 KB
3 queryly.com
www.queryly.com — Cisco Umbrella Rank: 10129
15 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1025
bcp.crwdcntrl.net — Cisco Umbrella Rank: 863
19 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1564
mab.chartbeat.com — Cisco Umbrella Rank: 2400
25 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 239
940 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 696
92 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 558
7 KB
2 oktacdn.com
global.oktacdn.com — Cisco Umbrella Rank: 11905
58 KB
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 508
eb2.3lift.com
666 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
78 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 199
5 KB
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1099
633 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1280
201 B
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 825
391 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 725
5 KB
1 sphdigital.com.sg
neuron.platform.sphdigital.com.sg — Cisco Umbrella Rank: 184532
6 KB
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1373
393 B
1 prmutv.co
5f876161-9740-4cc8-9b64-4585990b2690.prmutv.co — Cisco Umbrella Rank: 172051
397 B
1 sphlabs.com
suid.sphlabs.com — Cisco Umbrella Rank: 244897
395 B
1 permutive.app
5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app — Cisco Umbrella Rank: 110154
112 KB
1 cloudfront.net
dsuwzj1tch87b.cloudfront.net
2 KB
464 49
Domain Requested by
90 www.straitstimes.com 2 redirects www.straitstimes.com
static.mysph.sph.com.sg
82 widgets.outbrain.com www.straitstimes.com
widgets.outbrain.com
25 static.mysph.sph.com.sg www.straitstimes.com
static.mysph.sph.com.sg
13 fonts.googleapis.com client
static.mysph.sph.com.sg
12 js-agent.newrelic.com www.straitstimes.com
12 static.criteo.net www.straitstimes.com
ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
11 b1t-nydc1.zemanta.com widgets.outbrain.com
11 b1-nydc1.zemanta.com widgets.outbrain.com
11 amplify-imp.outbrain.com widgets.outbrain.com
10 zem.outbrainimg.com www.straitstimes.com
8 api.permutive.com 5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app
www.straitstimes.com
7 static1.straitstimes.com.sg www.straitstimes.com
6 tpc.googlesyndication.com 308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com
www.straitstimes.com
6 www.facebook.com www.straitstimes.com
6 cdp.activation.sph.com.sg www.straitstimes.com
6 streams.cablecar.sph.com.sg www.straitstimes.com
6 www.google-analytics.com www.straitstimes.com
6 static.addtoany.com www.straitstimes.com
static.addtoany.com
5 pagead2.googlesyndication.com www.straitstimes.com
www.googletagservices.com
tpc.googlesyndication.com
5 www.google.com 1 redirects www.straitstimes.com
308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com
5 tagweb.straitstimes.com 1 redirects www.google-analytics.com
www.straitstimes.com
5 securepubads.g.doubleclick.net www.googletagservices.com
www.straitstimes.com
5 cdp.sph.com.sg www.straitstimes.com
4 imageproxy.eu.criteo.net ads.eu.criteo.com
4 highway.cablecar.sph.com.sg www.straitstimes.com
4 mcdp-nydc1.outbrain.com www.straitstimes.com
4 www.google.de www.straitstimes.com
4 connect.facebook.net www.straitstimes.com
4 bat.bing.com www.straitstimes.com
4 www.googletagmanager.com www.straitstimes.com
static.mysph.sph.com.sg
4 adtag.sphdigital.com www.straitstimes.com
3 mv.outbrain.com www.straitstimes.com
3 px.ads.linkedin.com 3 redirects
3 stats.g.doubleclick.net 1 redirects www.straitstimes.com
www.googletagmanager.com
3 sb.scorecardresearch.com 1 redirects www.straitstimes.com
3 www.queryly.com www.straitstimes.com
2 trc-events.taboola.com www.straitstimes.com
2 bam.nr-data.net www.straitstimes.com
2 c.clarity.ms 1 redirects
2 csm.eu.criteo.net ads.eu.criteo.com
2 code.jquery.com static.mysph.sph.com.sg
2 e.clarity.ms www.straitstimes.com
2 www.clarity.ms www.straitstimes.com
2 308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com www.straitstimes.com
2 sg2-s2s.sensic.net www.straitstimes.com
2 tr.outbrain.com www.straitstimes.com
2 sg-config.sensic.net www.straitstimes.com
2 segment.api.sphdigital.com www.straitstimes.com
2 s.yimg.com www.straitstimes.com
2 gum.criteo.com 1 redirects www.straitstimes.com
2 global.oktacdn.com www.straitstimes.com
static.mysph.sph.com.sg
2 script.4dex.io adtag.sphdigital.com
www.straitstimes.com
2 ib.adnxs.com 5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app
www.straitstimes.com
2 www.googletagservices.com www.straitstimes.com
308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com
2 tags.crwdcntrl.net www.straitstimes.com
2 static.chartbeat.com www.straitstimes.com
1 eb2.3lift.com
1 trc.taboola.com www.straitstimes.com
1 bcp.crwdcntrl.net www.straitstimes.com
1 cdn.taboola.com www.straitstimes.com
1 c.bing.com 1 redirects
1 graph.facebook.com www.straitstimes.com
1 widgetmonitor.outbrain.com widgets.outbrain.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com 308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com
1 rtb.nl3.eu.criteo.com www.straitstimes.com
1 sp.analytics.yahoo.com www.straitstimes.com
1 fc-id.sensic.net www.straitstimes.com
1 adservice.google.com www.straitstimes.com
1 adservice.google.de www.straitstimes.com
1 widget-pixels.outbrain.com www.straitstimes.com
1 1684467802528bdf94ceb08543450737941e2aa1e7646dac90ec9179.trk.sensic.net www.straitstimes.com
1 ping.chartbeat.net www.straitstimes.com
1 px4.ads.linkedin.com www.straitstimes.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io www.straitstimes.com
1 idp.mysph.sph.com.sg 1 redirects
1 mug.criteo.com www.straitstimes.com
1 googleads.g.doubleclick.net www.straitstimes.com
1 snap.licdn.com www.straitstimes.com
1 neuron.platform.sphdigital.com.sg www.straitstimes.com
1 mab.chartbeat.com www.straitstimes.com
1 amplify.outbrain.com www.straitstimes.com
1 tlx.3lift.com www.straitstimes.com
1 a.teads.tv www.straitstimes.com
1 mp.4dex.io www.straitstimes.com
1 cdn.permutive.com 5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app
1 5f876161-9740-4cc8-9b64-4585990b2690.prmutv.co 5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app
1 suid.sphlabs.com dsuwzj1tch87b.cloudfront.net
1 5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app www.straitstimes.com
1 dsuwzj1tch87b.cloudfront.net www.straitstimes.com
464 92
Subject Issuer Validity Valid
pdf.straitstimes.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-29 -
2024-05-29		 a year crt.sh
*.sph.com.sg
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-26 -
2024-03-30		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-05-10 -
2023-08-08		 3 months crt.sh
cdp.sph.com.sg
Amazon RSA 2048 M02		 2023-04-20 -
2024-05-19		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
static.mysph.sph.com.sg
Amazon RSA 2048 M01		 2023-02-24 -
2024-01-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-04 -
2024-05-03		 a year crt.sh
*.sphlabs.com
Amazon RSA 2048 M02		 2023-02-02 -
2023-10-06		 8 months crt.sh
*.prmutv.co
R3		 2023-03-14 -
2023-06-12		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
api.permutive.com
R3		 2023-04-17 -
2023-07-16		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
teads.tv
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-01-02		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.straitstimes.com.sg
R3		 2023-05-04 -
2023-08-02		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
neuron.platform.sphdigital.com.sg
Amazon RSA 2048 M02		 2023-03-15 -
2024-04-12		 a year crt.sh
streams.cablecar.sph.com.sg
Amazon RSA 2048 M01		 2023-01-16 -
2024-02-14		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-10 -
2023-05-31		 2 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.api.sphdigital.com
Amazon RSA 2048 M02		 2023-02-03 -
2023-08-23		 7 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-25 -
2023-05-26		 3 months crt.sh
*.sensic.net
R3		 2023-05-17 -
2023-08-15		 3 months crt.sh
*.sphclass.com.sg
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-10 -
2024-06-09		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-02-24 -
2023-08-06		 5 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.trk.sensic.net
R3		 2023-05-17 -
2023-08-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-01-03 -
2023-06-28		 6 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-18 -
2023-08-18		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-13 -
2023-08-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
cablecar.sph.com.sg
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.outbrainimg.com
R3		 2023-04-02 -
2023-07-01		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-26 -
2023-06-29		 3 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh

This page contains 58 frames:

Primary Page: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Frame ID: 1599E1FECB14633F150D403912A6A419
Requests: 274 HTTP requests in this frame

Frame: https://www.straitstimes.com/concurrencyCheck.html
Frame ID: AAE24475F0D61D55604D3EDFBF30BBA6
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.straitstimes.com
Frame ID: 7968043BC65E6AF6152D1F5719DAAC5B
Requests: 2 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: D59A5AF8F9507397017BA8A165808821
Requests: 1 HTTP requests in this frame

Frame: https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Frame ID: E2100B919C01EA90501923D5AC8039F3
Requests: 27 HTTP requests in this frame

Frame: https://sg-config.sensic.net/3pc.html
Frame ID: EC4FB6AE2F626B4544889CF507CED002
Requests: 1 HTTP requests in this frame

Frame: https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2BCAC9D004CDA43FAE1BBDB4A91B8BD9
Requests: 1 HTTP requests in this frame

Frame: https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DF3CB04B3E2E626922F81BF93378CA73
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q&u=%7Cj3e0nSif39JBK%2BwbNWYHU162yFS%2F5oFypXP%2BPN8A0pA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1m8Dl5fsIQlTl93wzoIAXJHDIf_jrY6uunqMqJdZY7W4skEbYyi2ntA6iUE72UlgUsbDsZiJ3dXwSu5QVzQW4vmMnbZY19AaBAufdM3eJyPgOQoIqjWSRNxVvLRqCbJGjxryNfNhhLFXEBsCkqTb3bLqeEx0CRaedTTbZFn00IGq3DEEaoF0UJiKEO5kjaKNvEOS3neAPcBJVon9vMA6x_F_eV5nhb7Px966H_aIxuIFcXBMHPs5CtKN9EU9a9y1xjb2Vs1gQUpcn--EjHWFgAK_OTpxhQ_gsQokSDXgh8ZRJO0L0SznD2mjyFO39qs5snoCAeRN8bBnkKTemldVimMhuM8dWbvfbOxFYtCsxf84CuZJQ6uMK5u2QSUFRChvsS7WuI0Khw0G1cIP5ownukiYZ_6mkkzFyLRAv6mvtwh60m0bmQtHavJ63q9NrteWhG-rTm0aOrcxc_ssl67AprKGZIO2n1TFvemfP_VU2jG-GRQpMDbyK9I_k25QC_DJkYFs97orso_4iS4XRrtrzaTyb0wdZW4DQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP6GfWvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNgCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLU-yy6k4DOn_CRnRbKW69_EbviaDrgAFdPurrNBeX7Rel39_oyGXkOxDgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ewIXyjLsbTH8MhAjeaWgWpnj6HQ%26client%3Dca-pub-7024551668114021%26adurl%3D
Frame ID: AF1A0BA33AEB9C42A4960B51D4C11C70
Requests: 20 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 44885533493FA60E974D3033E8D22F2E
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: FBBFC2E8A42720FB41B57BA0AF1475E7
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: CCB11BEFD1044B4459CF44EC71AA1477
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 2AA029EFB3A2C7CCD23C0FF59482A47C
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 392646A6C722D18B177836E0C77D064C
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 2386E53483F7780A7B6ECC42C51B1633
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 545BEE8251CF2600FC47A75C64AC90BC
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 402A2AACC13A612B8BFE1908E385BE62
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: CC63AA0C011C5AD016F672AF5F46D80E
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 66FA764BA2B78DBBBDAC05C4C732377E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 33886E18EEA2F29C2C1E18CA19D58286
Requests: 1 HTTP requests in this frame

Frame: https://www.straitstimes.com/concurrencyCheck.html
Frame ID: EB1CA30E74AB3E63388E90AD2C9DC1AE
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-V5J-YQLhMRuFO9okag30VBO7XY-lFg_I6ye4OpZ_ugVw-2qAy9UOU6GS7RiwcZB5bXbkUevyROumSxmH-8Z-jHpX4sGdUbKkLKaxzMqSty4WxWCH0BarJu7FhQVpx4kkYGGqh1l5t_TwwYdY6hwStWQ0EsdwgyPlUWDjbbFCfkapl53Evl5XVDkKFfE-BLoEjPHoJzmytIXXp2gobHL15bUYauYYXoONv_xoF4V2-TRYFpJfDlwBm5LjlSPMB3EOBJdv6GaR1yrhXYB-cXRS-2J4hWUB6xzkWH1kAitCDSpy8lHeQ-6PFbhW0UYWzptj9sxo3V4SEIhn5aVoG92ZEnos1BBekEr9UAR71soXmbxT1_9YxXGJaD14ZZ4DsHhe_lvkVn4BWFpjZaj6I-55r66ymJ0JZcPif0maXu_9k5JQmjp2n74PocldjAva0EUJBJa29sRq_y9i99ZVxCKyuYQClW5cMoAL6cMuEpWX5UgRVF7sSGxh8V-hKkGnD0O9sYVniEQgNYC4UWQhr5dgJwuJ89WQmfQCdwEbnEGPDVaCBU2ifbV-8kuVGrl0kIAijCZB_Bi3TV-uH3CeqJwd99ez_g5wm2uqK6vtvlI-0KedzrXDEMSmx0GdtEysxX6Pk7JudGivx1VMEpE72S5x9m29MLiuhd_YrvP1lwIAL277BCiwFjsg8vomaHzw93XI-FMNAtyg3KkBIDwm_c5_skj9mTfX7ry3ddQG1QTO7_FKc2bJIrUY5r0QCPE4qVGBuCWSLIifhoxYr2sqiiKMN1UMckopEJ83NIewDs7E7F6A_O7KyyFoi3eWuq4Po1MvbnniSxVcW6ZN1JAJ8sljXOuDpS6SQh4goGbT_hmRa41-UktD6LuhQxjEptih6P3lPMTzC9y0qJ-Md3ctL4VooFpVo-5FvdTI8UUJq9OeYnZidC1DmqHRRybW1uBCY-Aod_xetM15kwgRNCMnDenfQ45OefbW99Tffb0Mqv-WC13DLk99x-BeoUNiEQiGznv9DWtZ0JiULZdpoZ7fKfXEl6B2bGzfShAl2QzlQ6O346xgs3X0KXxEAF9Bs0a_5ju631AZi3Q6lnlho0UfqXOYsNDWn2EiEfEhju-CWnMqL7ZVm4pvi3y5IFdTEMqAd_Pkfa_CsXST6ZJBAr7kvd669sW4tlzYY0NlE_IdMxPATqn3pGY9OBGshU2s9x8rip9oZ3HNDqZlZsDjIK2dxhMnODByQWZBh88mYYz51Ae82z1pWFHHqPtpqCRbbEkOsdbkOGbhijowBNausl_K7Vda9VXVthrsiAs4EzVGrWU3FZzMuUB-uivk1tzxIfDHPU8Rto_1qkX-WpjjKmaeoqQtW8_2f6D7BgGD24Znzl-QETXmZ5thmrxlpEmqGw_Ll-j8u9nTtRecpNjvL17f1bHX5bfxv9CuepNrYZQUt2qHm4K_QM5m7lsvFCg2d6pBu7Xm0I9n5akh42Dsx8ERVI1LKzBv0wAj2E3z7CkJN1Sn14ql8K_EW8orjjqPIccs02TLNTr3_P217HqfqsnUMQPeTk5N92E2Fy4e8E3abOGmSPp1Ui3kCre_ldcnmkwKvRzRlw%26c%3D460eb8b4%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Frame ID: DA455ADAF1404DA38E25535A56C44F3D
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: E3A94A449014BB437421F6FFFA1CDCB9
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 1D1831BF807DF8F2CEC79E5EEE84399C
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 1218E357F4DBEA8D9B6E7E9400A38A82
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 167BFFC56276D6CF79B3DC9DDFE648EC
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: A1B2B3C01CC5FB2E7F3C5421C79FF919
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 0701FF86042249B690555F5927918ED9
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 62744F58BF4364891E3FB0B92F6E9E0F
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 7239E3426E2D891B5FA5C4F7ADFE76C0
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: FCF30CF1CD48F8F3492FA13B175F2A78
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: AD3889C387B19F5859D68360E0070527
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 63DC3A0DCF9C816F26B0386030D243A8
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: AE6FBFADCCE14239770B5C01FC5DAC47
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 83EB17F26270F41D1406CBDE57A26290
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: BD890FCF72AF9998305EBCC134AEF6FD
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 867005FEE20F6992F99B6588142421EF
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: C6C290B0C4067CCABD2FA47D989CAD77
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 209FC5AAFA185CB8B4752007960B8E49
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 00529D463D4C05B3DE9BB1ED0BC82391
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 9BAFB85A27D48CC0D88690A745CB664F
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 7CDFAF4A871291AA30F60BB70051C11A
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 847626ECF1037B25405803F1E63C6BA9
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 2BE77711315B186115DA5F79DFB6DC93
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 45A14F788578430A078EF129CE02BC90
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 493D7652E949C94417784F809653B17D
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-V5J-YQLhMRuFO9okag30VBO7XY-lFg_I6ye4OpZ_ugVw-2qAy9UOU6GS7RiwcZB5bXbkUevyROumSxmH-8Z-jHpX4sGdUbKkLKaxzMqSty4WxWCH0BarJu7FhQVpx4kkYGGqh1l5t_TwwYdY6hwStWQ0EsdwgyPlUWDjbbFCfkapl53Evl5XVDkKFfE-BLoEjO1vtFGcHDEfiA-TDY5Y5CXyxBxNNZxtPdnk185c5246wjzgPaMoX_hx-MH1aZNSH-e9mr63MKZGf8uESOpCtjA0C2kaigFXfgqViD9qLanqsRRSpWPORi_5Nm2sXZ5gdazBq1wIi_s-mMT_Eh3Ma1qKJp8inDNFw9V6WcuNTE98npygLWqPa4_sH9m-iI7j8_u_-atAIzbzw7iDsdhjxzX7JXFjOlJQ-Lgv-f5W3JAZJwqYFJ0vDKNVWbk5wrno9wfTiKDuG5yWae-ivmzJcb6exJeKRPskGq_kfdh_iYV3ScYIWHlUJ2DL2l3FyaKa50CHRoANeVD_D4huqgPYoFltE0jp7XDUANfafoBkqD3RVhQ5cdOf-7bZsRT5UoWU8SNAdPwnGJgmoNe_IKbO2zCyrnmWz31HsGCvTQ8aWoTeHRdSHevq2dj-PjT4aneHZvL-OMQzxNyjEfQ16ojalmdPPffnwSw21oiUdLFWrTyabUD9W8DqvMhRIrDX_xOy64_p_tiVhWbSRdu3s0lP2Dayh7SxGBT2iMZrcIAjabT4zzK6kb4pqU0nmt2IcxMFYYjqbRv2A9V05OS-VUmiqtI2FKN9bGxTMeVXQhHhq1Y9BIEnwmW-imFV-O0y4H7zzpHkev9Wi233aDB1EV_Pgi4c-4yM-FgiyzJOMyiu-GfacEWFGdTX4vGc4PD2KBOgpDpuPciOtkP0SnnLdTR9u-_foztED4K8QuCsdPxDe9-8FzUqlfmXAFEIoYoOMpaBTCSEMWD4rDONfwAVIQZfohv9POCAWQv5koNnRzX8AEJdqK8bws1_VcOOu4YuYVcfaoeakdrOJ1XYnEm94G5TGNObh888CPTLCuIL8mQpZPZhrR0KRjHk1RaF1s5Rpgf5zmXQguKQrwiKuarYIUOH93cgw8URu15J1b2fcPD3kEA7fv1WOFEtgtE31x5jRKmc6GgYjB9jlMWIYAR0Y2EO6STDrTEPxYiaU7JNHDsZan5aAvkeTQzSczeLo_VWQEn2T5--nuZIkrEi77gJgQdEeLJSu37x2jjuKvzaktF79D1xFr2fYu_XBsnoyDghqqAXlC6ucbme8wzx0E0WLEqLwnUCIwC_Z3M6EOfd1d7r3IVSaDNdJlmMq54GLS5SKbuz5gduUjrYDb7ZMbUiZIUjalIrbjRrW0pnoL3-va3EfzdH9bbCMM6DeZyNJX1YzN8ji7kC6hhhaSj0cErfp7y6Hmxj3rg7ev6w3KEdBMAvXGesefbtxrrkPwBPENW-jGyp4XOySlgbJDn3bTzYqc2kXLEk8JOPw-3ymf8pfqYT8Mf9gyMVupJwhxU2bTzzEQemFeZWeosJxoniLQEbvZVMvE_Q0eo5jsrTW9mU_5_-JDYKgTwvb_RV2BUmJ5kE2SNRug%26c%3Da5bbcc4d%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Frame ID: 0C8A9855A953BB8FEEBC617F5388212E
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-V5J-YQLhMRuFO9okag30VBO7XY-lFg_I6ye4OpZ_ugVw-2qAy9UOU6GS7RiwcZB5bXbkUevyROumSxmH-8Z-jHpX4sGdUbKkLKaxzMqSty4WxWCH0BarJu7FhQVpx4kkYGGqh1l5t_TwwYdY6hwStWQ0EsdwgyPlUWDjbbFCfkapl53Evl5XVDkKFfE-BLoEjCQW9ov497-2FRKu4wyM-8CLhoW_TDORj8HgQmxlToUGAcnn-MCw6cEPvPl0W005jOYylZSlRND0Ygp-dZjDREXfdlDwOwO_bjseE7juYR3mP4e1NSzCoAk9PrXLA0hz5_B2KzkYChw98nreeWSmFGzTQtfuQKaoLxQV7nkxut3PABLbJDJCCdIR3q5qvl-vGqvDyrQU_yMeItnXbMCNZLBoCMaHuPJDGYOCaMyY7QUqYHI6WNX-awmjcs5bEI8BuxrSmNPZmYL4XDGxQ1qGwUeDvfzeGZjhO1MEtVKx0si6EmojqCbaY1PHuXbaFBn_U-Kfjs7jPAu9hEr4YraQLAV8wrnWmUtHP3JSvjRtQCiWbguJrz7qwhl0FVFI82hMMD86wFScjiR8xtjgPkJ0F8S0H9qVkOe52OynESL-r_GPDPND1w9Zy5j7865cf5LobMCOygWXd1DwyN7gyCrnEPMoIX91c6x2sp68RjSRD8AjiF6_bCj_xxhHZ4kCpODw_VRp7Ym-IfH3YujzQLEeRGZrvuCC2LBn5yeU6eKWx9bp5xnk2yyGqW-aJFJAoeiQBA-_PAlJMk854hGx1MHU3Oyba9hvA8D4wptGsjQxOrWspGRg4MHQAySbwmTGB3v8gjdSHxUGQZqESXvJSxV8251Ke7rkf8e21ulIWffpAj8Yd97_PMQgTyk0nnyWRzuEdCBWmADNEYp1q50GmuLwBFPOFBSmPNCt83KgNDPNUTuqdOsqOAZm8Rqk8TxnqCQsu-KRIL9QhAxTn0c6Y4Asr1s13fGfRimjdBcqPcznH0s848tLpv0D7Rasl47nUPoQ6yIesuDnc0ElRuUtwXziy4-YLdfpwow5vrj-S7R21oo_c7Z3Bg2E9WfZEN5LswcvA3dPyiVGvH9VcV5AqBng5n5DwHzl4kFgB6T5JN-Cc5AxHJDsT162q_3CbdxPA2g5jdSx8bHOF_Ianjno8xtU15NT-s22Rrd-azpWqDyJyTuJq9xLdB_ZqXCB0tInvW4fhpqEFy0fX3YrfnrYpUPfDA6SMoca8FodjFjSsccisfmeevzc6CdAPsUF-KWLNTgUA8etI3z5QlCKBZPZA3R2qPctRf5kbwKCnNgGxygs0x8HOS3crLHnyCYTPCPlO_7nR63tgqfmVO-CUPbJNvBuMHhYVrsVs0Wt-7tJW1ZNy1wiO-19wxfk2R2IjbaOTqFce4GpOZZmEIf9TdV5ICynuZ9ib50JzWO30Hba-Apxj_14KOxqfAcfvSqYHlGmqYnCHStDszqMY5C84TrDP7-BMR7TtAmbNuHjB-w_r1rxQKI0HNUB97HaVHYpIYH0Bik72HDxMiwCYKfe8JFNgd778W4ISv31xUliALGGVqyCFQCbK2kXkmWTcz7q9MFnFqhygA%26c%3D43513145%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Frame ID: F348913285D10924AAA52A083048E06C
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXT_b-O6shlaqjuW9cXqzQ-KN_sNTlpF19bun59OGuR4GRPS_UPhrOusLjyyKxE9r-S2hshbIPbthTk50BSxOtI4UKZ59xY17mLI3PgTFCei9DtWr149B1M14osKKsoEdoPbg84S7sBfcD9DNJKjTwS9CCBQAL_j0ZiLbSP0J5Z4Pp2frgtfYh7p9fAoebifuef_Vkrao_HuzgqWwt_vEkd6c7xrZurf6sIpePVoqUnBETpboH8lKWw-eaTz2J_zu5lp9YrTRJhD8yHKiCzx1r-biBD8Z99whOe3Jm3vZPtamvcS320EjhLRQWtxXPwFAcrzjh6V6jb_-F_LkSh00RXytfOzJb9zmHq3CmzB5qTf-Q_HwYfi0YJ3sC2rjJUkzph8nO_PS9yjHg6pf0XceN6pLIJEKwO7vdWEA3wCnJMSSH8foIuyYeB6Zt1agSVAlfxvRHAlyvhZLzVqemGhERJbomx_wLiYLz213_C7ehLoiwEjkZMkfm5CQY16MEvTCNWcMyN8TIv47twRVzrQpz1IKI4tq9uZV_Kj82tYh5QGnVtxR-ENUq7vfW_-A8JbVJM4oeglSr_Dtw1RHqnttcek-4tR8k3UNgtRaZU2FXZQWrBD4Aucb6WJTFNggHhtViY9lEVT3BQ6-3Yj0stPHTojtJLC6WFdvKe3qe5PGg1dorJiRdI7zJfGnWW9YbbDNB1wuenlVmTYeazLJLIjp_dRp7efmyCT8igOl9SeE0VtUvAnZSxkCU19x7-bVDJZRe_OLVs-n9soX4BEgH4flkAx2gs4sitSwKqZMLy3aXv66yqPB9fi7expbjY7eVqoXs-RnRCU4sL7pP1n-pHi4pqYznMdyZSL5PdNLbgPSLjuO1UX6hWp_OlOUfTdIoPj3LlgiTSgIy3As-amTKCyb1Ug7ewC5nbaPzDSoCpgmiuOIk3zVico4K1A5Pn0PQsz3rf1ajulsEgEJ_5SR_q6MPsXCxSLe8akKrXkjZvejOHSovtvypwiVEq91euvFXqKburTyDE6xQc1ECxzEtrGyH3iRnX6wWTZMa8QNBKJro-44Fd3r3o4zTq5LWgKM4khGBXDNmd9bWJmkk1IE-D9NQY9OCWDjaN_JFaJmCpkhKhiEYndJtujU6AAyEdUdfJ0_KD7m4W3eDpj5vq_TEo18_meAITzUgtWqFVq-kuxzNJVX3D-D-HCtSPfotkHQGQUzW_CWgjGrp-k41fzWlbJEANYEBgTOWhaKoATluTE9lcBtdBTirPx5HwT1HL9dR_LQjM4rB_ZwZ-c1CQnMY0sUWPXUznZjXKwptZqs9-rHt_Y2Sy_ajKRbqKVBsEHmjzjMfzhF_TVTzGvqWoz8oYt8OU9TaFgSAXZ39wpU6bBfOij4LF_rULgRmdKEJOrnHLnhCepCZ5V5fhlzIVS3MfM22hn1MIrrkTv5MHKw8yHT1y30xprPkWV-YI4E9-XifiCrf7FxDyUtophqN_gDvI7A9qjliCeLk7Mkn_kU1nLepyG1RBv7MsMrYedh2EHgP0ETUC0OMDdJdDTKkmeNLtxnHNXQ%26c%3D8a82fe97%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Frame ID: 7D9AB3CB8905EA5865951F6B5E240D9F
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXT_b-O6shlaqjuW9cXqzQ-KN_sNTlpF19bun59OGuR4GRPS_UPhrOusLjyyKxE9r-S2hshbIPbthTk50BSxOtI4UKZ59xY17mLI3PgTFCei9DtWr149B1M14osKKsoEdoPbg84S7sBfcD9DNJKjTwS9AtyClyFM0HZAMjCkZCd_vrjDuEFPSVPBqc7R0WuKTlfXiBjO6MUretnyd1vFfqjT4FBz3Mz3oKBGTnG2rBnCrP7XZwaZHNSK_xWNKDRzLCZummnRBOIfi6uqUTvNrvhKy_lom80DvjJC_EIPYl1IT5yB30fZppF4mI4YEivASWTFSncNd3-JGkkQz9jeO5s_5909mRu0sI7eeTedD_TXyYLRRAM-cRsh7dPnHoCkYfhrr6ga8jM5_aQuCeavVMm3pSHxe72y95NOKsN2a3e9CYVFwG0kiXG-PThmZmGU-qwxF2_l72cV_hMutnEGkLXOtSCwwcs4ynIe4MV0FKvQyQXO0DwoZPYTus7YfQW_b2omF4LnD6qhHty9_-KXKS_XDpljLeP_z63uifQLOU_Cvvh5wv4kTBNwGIWDmVnTgH6Fxe0Q8wmdCxEy84eEQWn4mdsvpTxHVm57AcuzJYsZyheFL62djqZ7oGoi2TQXrGFv4pEAjYkFuWrgNjCj9hkMPukhk0iE48U6E47PElLHYB-tCPvgGXPmJjqHDVq4kksGiEiB2rm1625gmuNGiZvg_sHwhzQwrGCUQGHBzjff3geB9UsN45GfnsiHJDvxVSi3kte8oeQE3thaE34lnoCHTazhnEuQ9zpLordLbAsu3MXWVJWWPc6MX9t2bobuaR-lKcibzAkopTnO6VtTQ3MxTZGuaNuOMJv2SuyWCyy6Or9xGSHaqrBS0GlJbOjwtvPN2XM1ezaIpDNp9vmDXkMW1R0PhRcGLY0W5PzvGG0VrZTbbemIVFNc21SUAAUylyzPMS_uT7X51XZ4IP2pd9-ezhYdISjIbkQiBbyVPE8-j9E624LZNK6ay2aXSUkfPlIVcD4CSmRZ-U1yXbiQmIWcCISL_09Hi9X69RL3XumIpwu_7cpYjI-aU3NrnPcYd8lk1prO-Qas2JUsGtEByMIBqA3WpNXbx6ntgDND7ZSciUc5U9mijVugj_zaoh6jJ0J67kx2TWy3UlNV7Ajv0Mm-eCcNWo0wFGNEtjUasJyI8bUp_AzMua79qx4PTEUsTvroox5j4xL5YC-_ZrQW4zQb2bp7M1NI6YYZ39YWRQWqiLDjcB6LlOwCQ9dlzh_bDNnF6T3PYMBmogA02A5E7Ch1v-ibP65koU4-x7N37cn9_zp6z6jvoF99z6W72MiP16sZ9xT98SwLYytw56qXxIDaQposDNOOrAev4yXszCH7q9yQwGj4txk25yaAof8Sk47A0_KmACd1QiCUOyAeJIYU45kurw7ECkdXRhlzjMleuQbLqN-wap1af6Hetamzc2c0Lwytqw6WfA_G1HFETV0Er-9hUcoI6GRBsnDTFuWW0u6PeYRvg-9FYMt3K6njH5yqwAaRxQpN4PrK-HmT7a1Lw%26c%3De5cd7fe9%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Frame ID: 8E2E59E702F6F9CE26F564A80A5CC80A
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXT_b-O6shlaqjuW9cXqzQ-KN_sNTlpF19bun59OGuR4GRPS_UPhrOusLjyyKxE9r-S2hshbIPbthTk50BSxOtI4UKZ59xY17mLI3PgTFCei9DtWr149B1M14osKKsoEdoPmHmjwOUBPmJLOEbT9H9WJhk0wnQuvuv-gQLc06TybSR_OLpjCGVWcjBt4ZjA-JoB5jXOOPEBd4N8vPL2SaGUsvBSCeLYgvrGiK1XkCGvcATn8CpptZrRWArsED5cTPIVe5YlSFW5p88z2pGaIYXW6ic9FgDiYU1PHIT4OPM1dJu7Eh9oUn1Ny4Sgj46k6jwTXbJB9uyw0u3nxJAIeoVkMziG6ySlumPv9nyPZF4z79gL-9dE9skYaLlTVDXXgWLlgYz1EjR5CgcRvdkbGLsBb_OL9JJ5DicPVTV2nE3z0mo1vmZ9zDVKaIH8PEyA7engs3qWPLKLiKm-aib12OfEolZ0ceYdwSu9cJFae1v13Um2nNpvI0yb0nxy0sHPUsv2OOcF_0ooRexq0TT_zx9F7ayGeOmHNiu0wrXH-EF3-NwlPOuPsztUeMi81AWwOGsId02ghY2xoF6wFOcmvZ1sjG1uOb0IR7S7h1Vr4Jmd2saxZmT8q4nbNM9cE_RmKJ_ITteuQsHyTTSrSuEBCVRx6W_SkM0HxuJ2s5YGNank-RMdmGmxOsk4mRw2CmjaNqK-_lCQmxVAlvjODL6D81GGwQrNlsanAflSyawz6dgdgPswPwMYSGEGQsKrmrxEqmCQKX8moLn8IaycSfF1aK0YDyG4hlH-3rkSae1zdF2BDKxHnx6lUip72n27N0uFMWOQWWHPVDvKgqBxFdNDoZnhA5c7Pwuj7eIoghI2WaiFyguFcH5G_tgbF7z_M-9ReMC_Mzp05fJymCB7ap7kwOcaX-YGgokKLW0iPMTm2Wmrg0g8ZQHin82OjfdN4_lS6XOHpe721o9_6EQxmULF9MBmjBgNdSgfNCgeaMQ8G6xZPGC4rmqZ0mNf0FrDqzLfFtxGPzRpeWHHVHRl9W7yRFjKAWBN7xSFMokssY4jvRcroMulGgb128uUVpIsTVvTN3qMIKGNlSOijRMTUFVyGVI25MpY-jUm9NFm2sM3ZVLmbaYRIHBJN512nX_cnFT0UwoRB0YeB2UzIGivQ2kQY8RnA6Ch9PXxMhGncOGRVn0zHHLa_p20H9jJ9CI_qd_Tjx3chH-JTiJK3XtVcdTb8Ao7mdJEsqQMh_YnlxpwyxHjogZJI9ryBKmHxxnSuwDMtSH8XVTyNnkCqBpKg9scZCnLOlfYoZ4Lbr7J--NVmvVE0XxogeGn2nxktAV4vQ0OCZcKkk_WWv-kc2mwognUqWKl1r2pgRDlWnDIIg7TTcNQtTcIj3UGODtzFFnOBh8gGM34lvJjrKt1DAwiRFc53xOLa076sW2XwJyW_AltVlLHbAWb4ZH9N9pD_6pHljax_KyLs3V72IuKMTM1OQV9UJxufDk1pc7hSV1_TU2pw3ygWohGfLiXMyeg-AJkW8xZwn00ZzQGUqlu8OQsynDrSiyvLHaaLnLnRavqv8gY_LweHi5je3QC4_R2Qc81NajRLR6lUC_nPKhk3wDx1bF95czT72tMJu7eQ583pL_1viWtthc%26c%3D2a6b154a%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Frame ID: FAF6A5A5436D4F4549B58E93EF20F6E1
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXTnRmCGttD5sYBDbJJdNY_b9_mgWzYKdhy2hR15CZboHwxGkcHffvuFz2059BqivIH1SVpcu2SJgeHUxbeARKMtQTnrw8ZXSeHi_hoj0x1VGl2dyh3SnGNtixoads2aHOIKmt_i6WIz32h833JdMWqispUzXX-wObvG0T1adf1vHOYNlt40-UPLq-l-4EMTCxyfC7ekJbWyx4T5JkbQwtzY5fVSHLjFUNzcCTP3MOyUsktg6cbwPKj7sdu5cgl7TUOiL9UsytJEfzlif0eTIXzIuTeyoZJ42gAZq5KczKCP0ez_wNUmeje6G6aVa4_G9ZIjUcFFcNj6Kbh08Vt-u10zwm7ped8pZxvUDZAwubnPUAtJx6F_up2zfnJbULnVrpViVaJZvIPdGYeNP-XyvOw-Xidkw2tRnZjlZr2volqR46e4AMS3yqwA8AZlOxaKcY7kCOkCyIkv3yLxtBPBmsCvRdpzfo6f5Sg9-pcZtt3UP_gltbpfWR5qWh7-qgAtJh58PZQXhP8T1q7GVwOrDd-ee3o03Kk1qWNJYcTRVcT27FX3doV9RwKnF46O1oIvQ6CBqnXUuUF2prdIIx7c6-DT0kUNZA7ym76vaQubiwZjsUBT1ZpAGnH4RBPD8PgH4jOz52VhuJlrYmWw9e6pHn3wQsFwLgpaItAWO0TObhL-RfwU7eNgeZyAjVVD0Rq3FQsbUCUKDhrneaVrmgJh0n_sRiAot-gF72ipaGr35o-SeGVYz2lmB5efKv1hFnGQuWrmx7JGNyWlB9_FUnsTQdYAqOPQZl4LEZKVIcDG3SDF-95xaPPHISgMG_NOjjlApWCFRkqtTeZPMhb_vWLmAEz2sZW-P6zdIei85Fq_LJnyPFt84A6KhlK1QRdooWc5-HzJaWCwDs82fqducopOeehu7ZKFraoHljo3AEVh3yfOulOAU6xhLgAypFCsm2KdP3C853tu8kyWSfmO22CXqzaPnzB_tvmZtc29Ccgya5n68rkmde_z9YAsZ77RpwxJSQOMKxNmOdfv8qAlQeo6l1AvTe2ZZUwXiivnNRHfC5EHtyJJK5m_hQpfurM2I1aXxwHvmxE7j0ZdQ00OK-poaMlRgN7OeOL48CN8uqDW7T_dNfEitELyaZ_p6bM96uNYxgSjuzBDEuFZDJLi46c8JUu7PrEvpXptV5wH8hv_j7AEa3Hy6vtwUHHZLmoxGFDrdRLPu7lYyVUoN9oUXitSzq3TeBJQM5WCbcCL1NNlA7JVBFNuE3Afo525CLkZrT710FiduMHboqIt22olQUOXS9oagM3uLLuGOMOdw1zYer5SkRitdNUkl2tKsFXwHIqiyZOx0qqjgO4PvUJIsurDskAucEK4N66isn5V9K6rvoSqAkTBjhzAu10oTHJIU7OD7c_jlE8XUfkV37c2mQRbM4b5-gdZmxzw3h08HPldQwlzp_2NNE1sOMmH0ZXzRw5I49wwRx91EU1KPdbC76i3nll4N7OKgBIXG4T9vtKRLVmeDuArYRnc4zN8nh6B8p8JO4wYTSTzNX0szPm1y1q273D_A%26c%3D29f925bb%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Frame ID: 6CC9C54B85E4939F5E60DF92BC0952EF
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXTnRmCGttD5sYBDbJJdNY_b9_mgWzYKdhy2hR15CZboHwxGkcHffvuFz2059BqivIH1SVpcu2SJgeHUxbeARKMtQTnrw8ZXSeHi_hoj0x1VGl2dyh3SnGNtixoads2aHOIB5fzvfvd5da6s8qiPmP1uL3JUzvU2mECQlt1l_563ZLBZCC6Kq5EhGle2I7frcmIBtMioTDUwi55BbpSfxWSLI0yzLmuPlNQOUPtYxDDRI3Qm8fJyFEUa_0Zaz9-wUzq-WVfcRhMgS9AXck00pzhRWv_pMr13WFOisWcaE2ooCCSNkVfnFRVyfYzAchtYhpj0PbgbyCe7wNKY-Ow92V4FKxkA12RriYQBp78ux0qDlJ8kUlK5GDSNJZzfOuPDHOZl0juFNXUjc5ahaT0mOkMdvs8PWtvdkr0U7utbWhZUFc-ZPQZjF7isBhy_4tZ6wy-AhwAR3joK-Wtu7yqn2R8Kv2FD8kLcuvXEiucNHXBCNCZD4nUcqTD6Gy70IoVb6Y5Cifp2pKvicGLV80u1h2-m4C6zALlgt7H5SnKx4y4YMi_BoO7f_z_h_gYzDbsfvdP5l5V3_QMdT5xif_bbhoyxfRcLB74fgh5xFxRAEPadVWmgK3RwBMRZY2alWZd8pobYV-z6UajcuKP3Ae-D2_O157s7UVmOJZQ0krNNpY8zYMk5TPir7g42ykKDsx1Hd2_hj4I6f1DumOKR4md7gC6aX4FZIY16y0FPMfbuEj_Dozeks-g8zhstBafyHw-R6AMJKap09II_an5z7ZYyvyNsK9rY6nEpWJz-D7Uy9vN9ABFWHRdhwI7b4YPRw22MvCkW585HX9OihxehiLAcGA0Jh4AP1clJa1_i9WUuoDOd6QG-TiArE4wiDXJT1lh7DN6VZc3xVrW5PGrPLSzrEbHQn7_7u2XlV1x2CeIwTUtyvKyY416SXQMVxVZBk7IZK9eTudIgnbwfPpWmwpxdGFC9kLHNpIo3Y6tg_bxIuST_O3-XYe_CgmeHQuK-VDhWshBYXwtmaIssShUgRjKCMnwEMkKHkovNtJuGuAnyzKYb8DvJwElt54qz_29ivcK1RmnSUHv0OKoNHp9ALDpoFIrPbd71O9jH2n4F74WsoGQT_UzxHlPF3kWrAzT_DmU3uT_bbXDvHFgkZs_Oh4klFJ9AsLuGIyVixhC3ckupSGhwz0FqIHPpwr6M_pyQLdC49CESeG6zkAeFNa5865yOq3nQTc72zBMNASZcLZHNQaQeKT22AQYotav4_krSShe7mU8o90Zb0X7WWtSp3hcAfUveu8YU7qCigXTHDJQtY3wnI9cpXPJC5GXj0C-QZQm_NnryX7OHkKcw-WhA4fQxc9QZybAlkQFEek0ZAvuWWbh8vm0uWRlkkcpGTJP3kab98HR6oab_UOSGF0tBB36GLAECcrQV_OA8P2PIwyKgtyzFjIMpWZyqNaAMUQNbkFQ2UV4ROfvGtcbNCqnHGWxBHXstdXCgRwF0zum7GTl5RaFPV8Hm1PY_2Z4MvRqOTjntyC8XPJT0D3B1dJn_XSTzXrMQw%26c%3D75535e14%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Frame ID: 256D808AF6CB7566E6EFA8DCF139F217
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXTnRmCGttD5sYBDbJJdNY_b9_mgWzYKdhy2hR15CZboHwxGkcHffvuFz2059BqivIH1SVpcu2SJgeHUxbeARKMtQTnrw8ZXSeHi_hoj0x1VGl2dyh3SnGNtixoads2aHOIB5fzvfvd5da6s8qiPmP1uDjf0pIdj9Dd0qsls9UnlOiEIaiMYoS-BVWWm8opLIjV6GhAdxdZ0Q46Ew49diNjQImIHeOVMex5myaxdmJa19UqfczdUNOIHsclYSG9WNIYOq1QWrt0kV-T_iHfBCT-Y7rIpYog5UX1AyrM9QFCTVC7XspxUc69k21BggkZknQ3GOMB6Mk5M3Md__RtTgnc2HAB36jmfVMU0Z63ZCDLhNAU-bXcEECNG_SyP6vDf0D61hsIhcf_iotSxq2jFzBto5D0PYobldOX8hu6ylQh8CKDIoJCMWLdYC392MNmcT-T4tgHKqegwQG8M69CXAT5uCsuOUChKPkZm52WZnebFae4fK0Y8JXUmOhf1q5STDpE6XeZMTEq2au-WkfMsi74f5mOLAQhnn0LJzZq7cakJiPMbfwi6_MnmSlg-hEQUAYIiaz73BLvMeZVVnr1OX8RUWOsFSgUAArPGnu1ZKd2QdekkJZQYT_6qGhOqproJLx_DkG_DcD4SVFBCPXXrnICPPzAaDIYFltj1ji5s_5-ljSqAC65TmmGXS3kUllj2mYIijJG1klhA_95FMPa5v3q_Wcv1jJdF3AI0LhCe6d1bM11p1eEVIr8jp0IcGcpDmy3qWpT_FikdXfXPI9qNneKglAQx58FvtKt22cY-9a307EGWbTjmCORch_iszm2eqUf-oAwCI4DFXJRqzQ2aj70sfSrPTFOAVmTm3Mx8Lv-A-JWH3NDgeeRExBpV3eZI6KB3brrM_J4ULYgtpw20-BDN5eKESQuWAm_MbCtXPMATKRxPEcraIzB0sT6PNv71uxhRPlglakUY9w2qRFEJ-4LkwRuebRBVz3QVmb2baUuZ_TVDWI4H_G4flZeTYgiDdllnOmI6Du3NVSMmziqF4NYRP8dHNoKorFFQJQsOX8TMVPYAkRwQ7w6eRkW8RNkGTuemWUO623PLWdq8oCP59hSAUTrVqHYg2Vh2rlBecUe7PSeySCn4U81Hu9Xi-Mkkmx-HdIbZ_CgT28oauiz7FaOZZR3LDpK7jnN4UW3h-Ghyod1lln6FOSvUtsLiHDIf91wmILaV8OW18zJkuqrnyw1-u5EVY76dbkQ8rLic-K430XqiKEXRLEs1jjToVwGIzdfTEiD1oYDxO3K8M3vR5konsjoc5egQw_x9087KwLYdOgpMOOJqbdzhpxbt8MXB2ewNObe7ZhkJ6tKE2WO2lRxA46-jUHGFOZYYnt4SabZPxAez_HanJDeAQB-FLCcZG22sReki24iGcBx8WxjB6RFy2uAlCH_zyru7iwvMXhcR5LC3GWezFeXL_JSuetZZjUPbzIoUURg_duRLGMOBVv73rbP7ndZ0HRO1x7z2LyPxdupJeHPLD4TvjCjZPlLfWzoY_5RIn1gC_OJb7E7wTzV_A%26c%3Dfc955886%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Frame ID: EA4139617AB3F0274037CBD73B209BEE
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXTnRmCGttD5sYBDbJJdNY_b9_mgWzYKdhy2hR15CZboHwxGkcHffvuFz2059BqivIH1SVpcu2SJgeHUxbeARKMtQTnrw8ZXSeHi_hoj0x1VGl2dyh3SnGNtixoads2aHOIB5fzvfvd5da6s8qiPmP1uE2tR4K4lijU3jOjVh79fUks1j5LZgr5cI62Ym4rqlDgqwmSiuM_tK3D8TqbYwHUiRjwblxhPf5m2JfsHHcrpeO61cqqJcHesFS3cdMZeZiYwXUYoWLu-d02xxyV3zQYvS2fLr6JN7LMFkqyZ9ZtkeFAmdoVCnmqd9UlaeRUPW970zq3_5sRSNkg9xCr1rL8SICbeYhTqUdqQnl0GqWhtB9QLc6L_J8OBPNgca1ERT0SRx3VB4TUMqO_tEF5c8h6_wV8cJLYzvNtfQ9GNGYbheZqwDzCMapl-c3Z57F1OYsEjApxT2_blxizDGdFx4a1vyu9MpEP80OKtX-jxuQ0FDoeWkTiHTVux_OMo9wl6LSvHChvC0UYp9H0ZnQ9q8R0j-CCeD-xd6NEi34zgLub7jBYKPVAw4mXRBaQP4Rb6Tyuh5zW8PXD3kmb6cPUQaiTbqQXWqsxGO347-fg7Jf0GfULhV5AHuiidWVJSGbkXTqg2U8diRyKit9nG_v2LgKeZsloz1AhZuXRdxfqvAq8R7XMck1_I2S1NLCaPnuRA4hDEg_j5TAR_0mBKX7P3lvpxuvwlDdfryqz0gr5iqleSZyBLVKYTCP4PNsInZG0pCTRh-KXaGvIYIp5kNIOF6RhMWa65oFH2SnDqOBYnCxZ6A1nlPmBZ5g_jI9rihluRkgv55jOnrV6dMJJLpjTqWeLAIAod2eyWymu-mFE8vdt5xrZBkWZ6kVCxt4a6fDnZN_QX7pVJrHShkKaVj-InRUX-O5R1QUl0CNq0E3ONbRoqcv2uQDTfxZvUMxfIiE5Pqq4o-pktZB0ZHR7JujaJogwkDU5Mdcqg-op5p7suJ5Wz4dRWsiYFgtxKUaeef5fJnc1nD4zu63pm7Ww2Gu1WBvb9cXGhp7TAu4TsUpj9AvKy54FqMqrZzMNZtehJgfdSb5DOzDQPdg4jJsZ0u0S9S0kp9p4bih7kAX7e5eGaeYz5QdwG49_CejvL9d4kpHBg2Kc3WiSnIWcCdnOTKPE-ufe-D__SE9YuJ5NOlniAlK86RC_2-o5oyG_kYiOdUyw-riAii_coAcdecfQ3eS4gxFqUU2g6j5HQ8tJb5LnvRe2rOqOL0pruSmr5CCK32R3wp80wX_J6OiHXXTGcIIP5VumtGXIpRLY0iiU8VP_TWH_hYGp5TPYL-zV0qI3ob1I1JY3kuW4NzcYXitb2R696alGlXoxGVJhmeaFPo1Lpam4U5PLvM1vbUtbpMjIlxmYmPTqTWu6X-h6yf6wabeCyFonRjwT-x0BzAk1dfqGAeq3unwTBJfnjqblTd3Tev5gMeMsui9Flb1rahaJ040WV-IJA4BoIX61PcXgx3WiuhJFYi9op_snNaZ_p5LgWgM1eroC1NqgR7Drrw-qb3JDMtZdVQ%26c%3D2d41f3af%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Frame ID: 951A55BA00B0106E282DC3A38F020B26
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXTnRmCGttD5sYBDbJJdNY_b9_mgWzYKdhy2hR15CZboHwxGkcHffvuFz2059BqivIH1SVpcu2SJgeHUxbeARKMtQTnrw8ZXSeHi_hoj0x1VGl2dyh3SnGNtixoads2aHOIB5fzvfvd5da6s8qiPmP1uMTBMEx-eauC8cC0ymEwLs5_MuDlhM4wVyFsxFj1RJjHGbgdu4zRZkuWCI5xIPdJMNhyn4Cv5ftVHaIQ15XukVLX1hnesS5PgXEdAX3En2ZMm4Va2008BF7IyJKUDz_szLU0txVyWLnKLvCOx_TCAmVPiznSC1nyUdE57Hc79YybRix9V1VnsVyPFy2k6GY4VCAQNQh4A1lPnV2q5RNWv6fHPbYR1Yl5Vu7EP-k7TgdiEINk0-Zq_tYJVpEVzdKUMUpuzMFRZIE-MHvgXlqFJIsDoo-6Z_6EARUVMnuHvhViR5FKgh9_GFyW5KsX_QOWXId902yrnhVZ0f7YGnu3gswJ_20emq8oBYEXlxhseNEMs3f84MR7YorvPooalyt_1T7oP2KLrkTpArqdKQR7dCO4nPH8YArmk8tnu4zTDJsvFCz5uq7e_hSnE4E6uR-uF9Nv28U1ogF6o0DAEH7IsQerK8kZ7fZGTbN8PbYj_0uHaRbK_-Y8w-aeeLPOSGVXfRumw4mhTYbzTN9sEJFIITZ7sJvsHU9P4K89AY5YQWR4fJMTGIkvuQ-UzAwRcz1b6f9n26qdxdsNx0IqOKXkFo7bNR6v9CCM_asjgBAdK8W65e0F_dI-YdyTPgUfd6Q2sXhPjzzCWg7KW8DqeVrL3vw9Lf-Z4WOaGXd1MZrCmFuDMcCvfB7q_VE61cWN1v5iuywAnoibbnIejM005kFXmnQR8cSPpwg_nAmVFZonrHJooZvyCTnEVHtjjMS5kFNuNvTSS37cg7Vwu2oltaVQ-NSF2l0DyMxOcYLXdAmJqCv1LorE91ch9CFwUaIGhlSZ1g_quIs7M_kb4F5WTQeriYKfoJv3WqRA6tl_IwcW4UX-vpvXz1T0rSEqCSYgC94zW2VLNVJW65AZnjiUD76hjx5C0kn_bK_O8Ts3CYM2cWGyJl20R4XGOAa0jk3CjmrPe7e5UCe1KQQc6LyYEGjHqtyJdfVOAOx-ssRRvsq26sgG584wyYzjnATXiSvwbEnrymkNfttumPlsNguHxd8J6Ai80PHNxmuAVk-b3_Oyn9Hv878rTP1TYSrK-2MiUuWvRmBPHd6emU5D_htcrcvjXWRzmJOKaDdL7ikG1qI4bhdiQwrNRKL7sskVpkXekTZ_vj49U213wHPoahi1gWD7s8tnTUGHJ37OeQJOfjzPhJxG1_0rG-niH2oKg8SiVpWOUmPG99SFL0faO62GBhAk-JCfTvrjAc6T6mnbK6UZmkdhr_tZ55l-C31RWnlPTNE9_yqbqYaj2fVel2LBrBaO-65jQMn0iYwrkHuZplDCViR2-h3OZKRzGjFTa8XVKMx_qxU-91E-HzBo1esJQV53yEFPJXbhEia3I8aDQkz0zo683vxqmgZgC-5Wlkh1qmVNqQ%26c%3Df6ba01%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Frame ID: 8DCC51161B7D077F4D1C512FB45BAC4A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AAD589409EC25EDDD37F4D7B24F6EA44
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0B26CD938662887F5384B4E8B006003D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Woman who scanned QR code with malware lost $20k to bubble tea survey scam while she was sleeping | The Straits Times

Detected technologies

Overall confidence: 100%
Detected patterns
  • drupal\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

464
Requests

98 %
HTTPS

50 %
IPv6

49
Domains

92
Subdomains

79
IPs

9
Countries

4340 kB
Transfer

11840 kB
Size

61
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 163
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=straitstimes.com&sn=ChromeSyncframe&so=0&topUrl=www.straitstimes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=tlAOkHxpZ2JKd2NPRkUxbDZSUmFHRWNwd2FoUERRZVJjdnlUSlUwR0xFa2lDK2VTNFpvOWJvRmlGMXlzeG1jRWxselVEWlM0UGNTZTE2bmJYbW9TbGxUbTVhRzlzVlhvTHl0cTdyYUR2SlFhMUcxTnMwbUJGMWZBWGJkRlZUUmFqRDA1YVhNS0JQeEp6bFhGMyt3ZWhZbE5lV0l0cXgraWxSWEwzeEhGckMxUHVpV1pSSW5ZaGR5Tk5iYjR2K1UzcS9ITzlvRUFpQUdYWlFRcFVkamZpVmNtM1VJWUNpR2o4Z0FGdW1YRkFPN3JOWjJTWW8zbHlxM0VndHE2VDQzcm9uSGRaWis4V2Q4WGZ3S0U1dU8vcDRuRWlzdz09fA&cppv=2
Request Chain 164
  • https://www.straitstimes.com/p/login.php HTTP 302
  • https://idp.mysph.sph.com.sg/app/sph_stwebsite_1/exk3u9w9qw54XJxYH4x7/sso/saml?SAMLRequest=fVLRbuMgEPwVi3cbbCfnGiWR0kan5tRroyY9tX2JMOAGnQ2Exefk70ucu1770D4gxLAzszvaCbC2sXTe%2BZ2%2Bl%2FtOgo8ObaOBDh9T1DlNDQMFVLNWAvWcruc%2Fb2iWEGqd8YabBr2jfM1gANJ5ZTSKlosp2qY1y1hJZFoRRupvWSVFXV0UgtSjLCWcC37Bi6JmtUDRL%2BkgMKcoCAU6QCeXGjzTPkAky2MyjtNyQ3I6ymmWPaNoEaZRmvmBtfPeAsVYCZu0R7C75HS4aRN4wcxaHJ5b8L2sQHm5TbE8%2FM67si%2F3%2FXj0%2BOPwdD06FBjA4NOYKJr%2FG%2BXKaOha6dbS%2FVFcPtzf%2FDfr%2Bz4B75jyoZMQxskP70lVNPr4NMatEV0jE7uzg2hoYbizmHEY0GN5m4u7Kq1QtPob9qXSQumXr3OuzkVArzebVby6W2%2FQbHKSpkNubvYmPMHv4cl5HW6D4HKxMo3ix%2Bi7cS3zn%2FulSTogSsT1UEo7DVZyVSspEJ6dHT7u2OwV&RelayState=https%3A%2F%2Fwww.straitstimes.com%2Fp%2Flogin.php HTTP 302
  • https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Request Chain 181
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4509449&time=1684467802503&url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&tm=gtmv2 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4509449&time=1684467802503&url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&tm=gtmv2&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4509449%26time%3D1684467802503%26url%3Dhttps%253A%252F%252Fwww.straitstimes.com%252Fsingapore%252Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4509449&time=1684467802503&url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4509449&time=1684467802503&url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJFS883moryHAAAAYgyGuMc4ezEhxgmjzuplW0wGkQGgWD8SRLvtNTReagygyl7hUPhAMkS
Request Chain 323
  • https://www.straitstimes.com/sites/default/files/st-logo-blue.png?v=1 HTTP 301
  • https://static1.straitstimes.com.sg/s3fs-public/st-logo-blue.png?v=1
Request Chain 430
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=EE277E41FB864F64A125745FD8C531DD&RedC=c.clarity.ms&MXFR=346E035C9C2A6E8626A2104A982A6052 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EE277E41FB864F64A125745FD8C531DD&MUID=1AF02F0E251163E9138A3C18247A620B
Request Chain 432
  • https://tagweb.straitstimes.com/j/collect?v=1&_v=j100&a=1629550037&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&ul=en-us&de=UTF-8&dt=Woman%20who%20scanned%20QR%20code%20with%20malware%20lost%20%2420k%20to%20bubble%20tea%20survey%20scam%20while%20she%20was%20sleeping%20%7C%20The%20Straits%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=userEvent&ea=ClientID&_u=aHDAAEADQAAAAGADII~&jid=544220171&gjid=1428734739&cid=1849208897.1684467802&tid=UA-11908285-1&_gid=1705824386.1684467802&_r=1&gtm=45He35h0n81W22QHZ9&cd90=48c5b0bb-1ee3-4b69-90a0-a0acad390169&cd92=85978%2C89936%2C92581%2C92959%2C95288%2C96024%2C105102%2C109776&cd95=a4ac49ff02dd406cabff56062ba5d9ea&cd6=1849208897.1684467802&z=1648711006 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11908285-1&cid=1849208897.1684467802&jid=544220171&_gid=1705824386.1684467802&gjid=1428734739&_v=j100&z=1648711006 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11908285-1&cid=1849208897.1684467802&jid=544220171&_v=j100&z=1648711006 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11908285-1&cid=1849208897.1684467802&jid=544220171&_v=j100&z=1648711006&slf_rd=1&random=826684914
Request Chain 433
  • https://sb.scorecardresearch.com/c2/6288331/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js

464 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
www.straitstimes.com/singapore/ 		178 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (sgb/C79C) /
Resource Hash
b4a44daa29915816c58afb132a1ffdf5f3cc6c6b74122cd1696d7f3000076376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
53
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-language
en
content-length
50737
content-type
text/html; charset=UTF-8
date
Fri, 19 May 2023 03:43:20 GMT
etag
W/"1684467747"
expires
Fri, 19 May 2023 03:43:19 GMT
last-modified
Fri, 19 May 2023 03:42:27 GMT
p3p
CP=HONK
permissions-policy
interest-cohort=()
referrer-policy
no-referrer-when-downgrade
server
ECD (sgb/C79C)
strict-transport-security
max-age=31536000; includeSubDomains max-age=15768000
vary
Accept-Encoding
x-auth-group-type
y-anoy
x-cache
HIT
x-content-type-options
nosniff
x-download-options
noopen
x-drupal-dynamic-cache
MISS
x-frame-options
SAMEORIGIN
x-generator
Drupal 9 (https://www.drupal.org)
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
x-ua-compatible
IE=edge
x-vmg-version
v10.5.33
x-xss-protection
1; mode=block
ads_checker.js
adtag.sphdigital.com/tag/ads/ 		21 B
364 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adtag.sphdigital.com/tag/ads/ads_checker.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.10 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/670F) /
Resource Hash
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Sat, 20 May 2023 03:43:20 GMT
date
Fri, 19 May 2023 03:43:20 GMT
last-modified
Mon, 12 Dec 2022 09:58:26 GMT
server
ECD (frb/670F)
age
70970
x-amz-request-id
18XH31C69GESWAM0
etag
"8a68886c66c8ca4dccac563705f5891c"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
21
x-amz-id-2
M/c5+LpamELujyMXw1GnYgPQudF840lWrTfRJnVxuXwQeAjiZgRt+IZoVh0aA/Sa5Vk8lFA1O1w=
ec-rule-version
v1.27, v1.27
x-amz-meta-mtime
1620635037.558856
betterads_head.js
www.straitstimes.com/modules/common/sph_dfp/modules/sph_dfp_betterads/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/modules/common/sph_dfp/modules/sph_dfp_betterads/js/betterads_head.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67F0) /
Resource Hash
26648cb12fd4409cda6ceaf6d58450b4b2688bd4c102020fbc3df2ac6107a113
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
1198
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/67F0)
x-vmg-version
v10.5.33
etag
"d36-5ef483a0a7180+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
suid.min.js
dsuwzj1tch87b.cloudfront.net/suid/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsuwzj1tch87b.cloudfront.net/suid/suid.min.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9600:1:d14c:f1c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06ae5cc5fb744927cc4bd0b2907cd069d4f1c90fef770f4aac917932d2ccc75a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
FCLVynIG4OhQeMcvOuzNTeSbd7Gkov1N
date
Thu, 18 May 2023 12:24:17 GMT
via
1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
last-modified
Mon, 20 Feb 2023 08:37:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
55144
x-amz-server-side-encryption
AES256
etag
"4953c2831a3a7bfec38ed35a64df227a"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1286
x-amz-cf-id
X18ey26avvrrMi8fH1yIMNq7ZJYRh0S7dtuN_0obhQp8XUsaXXESPg==
permutive_script_sphl.js
www.straitstimes.com/themes/custom/straitstimes/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/js/permutive_script_sphl.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/673C) /
Resource Hash
9446f1f8e996d3cf056d2cf65abda52344948c0210dd85d25f6e3d10d7f4a98f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
age
9904474
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
1883
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 24 Jan 2023 12:28:46 GMT
server
ECD (frb/673C)
x-vmg-version
v10.5.33
etag
"19b1-5f285bba0c100+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
5f876161-9740-4cc8-9b64-4585990b2690-web.js
5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app/ 		376 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app/5f876161-9740-4cc8-9b64-4585990b2690-web.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2214d60517cfeb885303081e243b0978c320aee263f034fca492af7dcbdacad5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
5f876161-9740-4cc8-9b64-4585990b2690
age
0
x-guploader-uploadid
ADPycdt0puOzO7accxUMLXVnxEx0CoSRXwkbyZgsSbv8XtPe_jiIpg0mpweanVgcygl_ZnxH0xzHp1Q8sduV_0fv1_dr2g
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Thu, 18 May 2023 08:17:26 GMT
server
cloudflare
etag
W/"66fac3c245b9baf48c5d0fd406a49af0"
vary
Accept-Encoding
x-goog-generation
1684397846981900
content-type
application/javascript
x-goog-hash
crc32c=AgnH5Q==, md5=ZvrDwkW5uvSMXQ/UBqSa8A==
cache-control
public, max-age=900
x-goog-stored-content-length
115966
timing-allow-origin
*
cf-ray
7c9955ca8de8912b-FRA
expires
Fri, 19 May 2023 03:58:20 GMT
prebid.js
adtag.sphdigital.com/tag/smx/ 		298 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adtag.sphdigital.com/tag/smx/prebid.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.10 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/675F) /
Resource Hash
9dae68837251c1692ade6e57bd146378d3158aabd92706c8e3522b09a6b2b84a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
last-modified
Wed, 08 Mar 2023 07:38:53 GMT
server
ECD (frb/675F)
age
74921
x-amz-request-id
CA3CZF1TH3A5BEQB
etag
"5de01dc560f5b2d4abfadfdcdbfb5c64+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=86400
content-length
97792
x-amz-id-2
VI8lwMEN63a2L/SPHJsYs4hL25uu7hgKOtGC6+iPZPHa+Mm9tbu4yO3+3brFIRScuBIBUPfeo58=
ec-rule-version
v1.27, v1.27
expires
Sat, 20 May 2023 03:43:20 GMT
smx_prebid.js
adtag.sphdigital.com/tag/smx/ 		50 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adtag.sphdigital.com/tag/smx/smx_prebid.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.10 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/670F) /
Resource Hash
66fce1b637ab64b90f5f6c6f41685a3b527ddc9b4a3c02c479cebc6f9afa9ba0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
age
67305
x-amz-request-id
W5M3DBWTS8DNQKKK
x-cache
HIT
content-length
11716
x-amz-id-2
O9DPYNCavCw2o11frVuxauAjdfmEbMr8mwha0bOnKpRmWLR+wcO6bn+9LSNxgnVy+cISvFtJbT0=
ec-rule-version
v1.27, v1.27
last-modified
Wed, 17 May 2023 08:56:00 GMT
server
ECD (frb/670F)
etag
"6acc23cb32508bd1cd6e2ef421524773+gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
expires
Fri, 19 May 2023 03:53:20 GMT
betterads.js
www.straitstimes.com/modules/common/sph_dfp/modules/sph_dfp_betterads/js/ 		572 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/modules/common/sph_dfp/modules/sph_dfp_betterads/js/betterads.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/669C) /
Resource Hash
2805fd496c26669f5b66da8300bf980da921a577f84af927b8cba0a2c1c8997e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
11561579
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
304
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Jan 2023 08:10:21 GMT
server
ECD (frb/669C)
x-vmg-version
v10.5.33
etag
"23c-5f17f973c3800+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
ajax-progress.module.css
www.straitstimes.com/core/modules/system/css/components/ 		1 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/ajax-progress.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67F0) /
Resource Hash
c44cd741ad10eaabdf8c70d26491a96d2d6d03be027e92be4b574bea1d4f6bc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
498
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/67F0)
x-vmg-version
v10.5.33
etag
W/"403-5ef483c7c0dc0"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
align.module.css
www.straitstimes.com/core/modules/system/css/components/ 		484 B
333 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/align.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/675F) /
Resource Hash
97fe5992208187911c3daff7fe8556ee254ca0a340ab9af0e3ba04ce7e40e2e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
224
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/675F)
x-vmg-version
v10.5.33
etag
W/"1e4-5ef483c7c0dc0"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
autocomplete-loading.module.css
www.straitstimes.com/core/modules/system/css/components/ 		603 B
384 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/autocomplete-loading.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6737) /
Resource Hash
376c5f84633bc49a8a825b7de7b5f182e26f7db1b01ed01ce89a09600287765b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
age
16077766
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
251
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 14 Nov 2022 01:40:34 GMT
server
ECD (frb/6737)
x-vmg-version
v10.5.33
etag
W/"25b-5ecf13b04d840"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
fieldgroup.module.css
www.straitstimes.com/core/modules/system/css/components/ 		95 B
233 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/fieldgroup.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/670F) /
Resource Hash
c799ec87fb8a6e52bd93a883abdc71eef0dec77d2365ce4c2f46178a3e0909fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
15597623
x-auth-group-type
y-sub
x-cache
HIT
p3p
CP=HONK
content-length
95
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 19 Nov 2022 15:02:57 GMT
server
ECD (frb/670F)
x-vmg-version
v10.5.33
etag
W/"5f-5ed7dc583d700"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
container-inline.module.css
www.straitstimes.com/core/modules/system/css/components/ 		275 B
279 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/container-inline.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67A4) /
Resource Hash
835b971b0367d87a44e8d6c919b9cc8d858887b9327e8573fd4852941876a37b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
169
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/67A4)
x-vmg-version
v10.5.33
etag
W/"113-5ef483c7c0dc0"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
clearfix.module.css
www.straitstimes.com/core/modules/system/css/components/ 		306 B
331 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/clearfix.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/669C) /
Resource Hash
a0645960ade152760a6cefc0b03736a9565c09a46c94b2dd39e54da585bde30d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
222
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/669C)
x-vmg-version
v10.5.33
etag
W/"132-5ef483c7c0dc0"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
details.module.css
www.straitstimes.com/core/modules/system/css/components/ 		127 B
241 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/details.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67A4) /
Resource Hash
f31746cbb75773acc9358471805e24d2f80184a9686f2e4dfbf57530c3a583c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
16336959
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
122
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 11 Nov 2022 01:40:41 GMT
server
ECD (frb/67A4)
x-vmg-version
v10.5.33
etag
W/"7f-5ecf13b04d840"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
hidden.module.css
www.straitstimes.com/core/modules/system/css/components/ 		1 KB
761 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/hidden.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67F0) /
Resource Hash
144c2b996574a2f16003848858de86dc5ad3486fb4fe14a5d5a79d134086e763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
663
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/67F0)
x-vmg-version
v10.5.33
etag
W/"54f-5ef483c7c0dc0"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
item-list.module.css
www.straitstimes.com/core/modules/system/css/components/ 		285 B
278 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/item-list.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/670F) /
Resource Hash
5251ec9a6d7f9cc54b205363d70eb38bf67517f8e02b3ae04e85c9cf5f908228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
15594038
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
157
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 19 Nov 2022 16:02:42 GMT
server
ECD (frb/670F)
x-vmg-version
v10.5.33
etag
W/"11d-5ed7dc583d700"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
js.module.css
www.straitstimes.com/core/modules/system/css/components/ 		402 B
330 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/js.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/675F) /
Resource Hash
35e82b6352906420583967f5c454ad18591a2706e635364ec162dc8e3d06eae0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
233
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/675F)
x-vmg-version
v10.5.33
etag
W/"192-5ef483c7c0dc0"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
nowrap.module.css
www.straitstimes.com/core/modules/system/css/components/ 		96 B
223 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/nowrap.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67F0) /
Resource Hash
4a4fa2a793d87c88f1509f370dbc40b6deec2188b6a918f92365f873b7bc566d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13006554
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
104
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 19 Dec 2022 14:47:26 GMT
server
ECD (frb/67F0)
x-vmg-version
v10.5.33
etag
W/"60-5ef483c7c0dc0"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
position-container.module.css
www.straitstimes.com/core/modules/system/css/components/ 		95 B
226 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/position-container.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6775) /
Resource Hash
92931ceb6a0ad1c9b3e8fc6f335b9dfd6f0c7c8ee36f089bb10241c142a78faa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
15597628
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
94
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 19 Nov 2022 15:02:52 GMT
server
ECD (frb/6775)
x-vmg-version
v10.5.33
etag
W/"5f-5ed7dc583d700"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
progress.module.css
www.straitstimes.com/core/modules/system/css/components/ 		825 B
466 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/progress.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/670F) /
Resource Hash
a5803ddaa8803d2ebad80b4242dea531e65882423af375267e474ffb8048ca60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
15597623
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
368
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 19 Nov 2022 15:02:57 GMT
server
ECD (frb/670F)
x-vmg-version
v10.5.33
etag
W/"339-5ed7dc583d700"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
reset-appearance.module.css
www.straitstimes.com/core/modules/system/css/components/ 		274 B
313 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/reset-appearance.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6775) /
Resource Hash
0ac01ab832b811cdc2dfddaf28ba2f1ee3ef3bb6486cbaeb424226fde71ee625
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
15991364
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
193
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 15 Nov 2022 01:40:36 GMT
server
ECD (frb/6775)
x-vmg-version
v10.5.33
etag
W/"112-5ecf13b04d840"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
resize.module.css
www.straitstimes.com/core/modules/system/css/components/ 		270 B
267 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/resize.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/673C) /
Resource Hash
299064cf3027c5efab4ab6df345de1302dfa562db83eca51965371938480f56c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
157
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/673C)
x-vmg-version
v10.5.33
etag
W/"10e-5ef483c7c0dc0"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
sticky-header.module.css
www.straitstimes.com/core/modules/system/css/components/ 		163 B
241 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/sticky-header.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/670F) /
Resource Hash
0b61e01fa0fa02eba3c6a074427ddf2a6cf98c01727b2796309b2b5b005fac70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
144
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/670F)
x-vmg-version
v10.5.33
etag
W/"a3-5ef483c7c0dc0"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
system-status-counter.css
www.straitstimes.com/core/modules/system/css/components/ 		761 B
437 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/system-status-counter.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6775) /
Resource Hash
4a7faa6dfcd1854a535efc4d1c1969ef3478f9a0e67bf974a5a78ef7e8ba7b9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
16423358
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
316
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Nov 2022 01:40:42 GMT
server
ECD (frb/6775)
x-vmg-version
v10.5.33
etag
W/"2f9-5ecf13b04d840"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
system-status-report-counters.css
www.straitstimes.com/core/modules/system/css/components/ 		557 B
417 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/system-status-report-counters.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6689) /
Resource Hash
da6360a75aac69be7076b4a5a4a2d0bfbd3bc4a674bba2e7a9cb698035719159
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
307
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/6689)
x-vmg-version
v10.5.33
etag
W/"22d-5ef483c7c0dc0"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
system-status-report-general-info.css
www.straitstimes.com/core/modules/system/css/components/ 		255 B
270 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/system-status-report-general-info.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/669C) /
Resource Hash
d106f9ce97021e6ce9a05e593a70ec7e4956667eab83726c9eb1b473b709fb8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
173
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/669C)
x-vmg-version
v10.5.33
etag
W/"ff-5ef483c7c0dc0"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
tabledrag.module.css
www.straitstimes.com/core/modules/system/css/components/ 		2 KB
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/tabledrag.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6737) /
Resource Hash
9ce0a8ccf71a4162136c54067533bacba710fc49a1fa028b61f5c686f1f510de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
16336959
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
664
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 11 Nov 2022 01:40:41 GMT
server
ECD (frb/6737)
x-vmg-version
v10.5.33
etag
W/"728-5ecf13b04d840"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
tablesort.module.css
www.straitstimes.com/core/modules/system/css/components/ 		365 B
305 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/tablesort.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67A4) /
Resource Hash
2298e6d2bafbe82af2f8c1a4f963d9df7f04ecd5092a08bb06011f01ea9655c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
15597623
x-auth-group-type
y-sub
x-cache
HIT
p3p
CP=HONK
content-length
208
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 19 Nov 2022 15:02:57 GMT
server
ECD (frb/67A4)
x-vmg-version
v10.5.33
etag
W/"16d-5ed7dc583d700"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
tree-child.module.css
www.straitstimes.com/core/modules/system/css/components/ 		466 B
317 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/system/css/components/tree-child.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/670F) /
Resource Hash
3df1425dd2f62d5691f438779fe77fb918f267fa1c0f514de90a910a8b421031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
221
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/670F)
x-vmg-version
v10.5.33
etag
W/"1d2-5ef483c7c0dc0"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
paywall.css
www.straitstimes.com/modules/custom/st_article/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/modules/custom/st_article/css/paywall.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6775) /
Resource Hash
d7c35dcef07dfdec07ccb9a9b4cff18efe0ce7b291fb30fcbd757f11400fbfab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
15213766
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
2225
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Nov 2022 01:40:34 GMT
server
ECD (frb/6775)
x-vmg-version
v10.5.33
etag
W/"2a83-5ee1eaee18c80"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
views.module.css
www.straitstimes.com/core/modules/views/css/ 		434 B
318 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/views/css/views.module.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67F0) /
Resource Hash
34169af71b02b45feb08dbe27772638c0b3bed26fe26d9f015b019be64e4389b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
221
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/67F0)
x-vmg-version
v10.5.33
etag
W/"1b2-5ef483ce6dd80"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
sph-dfp-betterads.css
www.straitstimes.com/modules/common/sph_dfp/modules/sph_dfp_betterads/css/ 		211 B
257 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/modules/common/sph_dfp/modules/sph_dfp_betterads/css/sph-dfp-betterads.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/670F) /
Resource Hash
1443707e33c159f844861007792e296ae54e32cf3281a1ef42eadfad510cb8bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
161
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/670F)
x-vmg-version
v10.5.33
etag
W/"d3-5ef483a0a7180"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
st_rewards.css
www.straitstimes.com/modules/custom/st_rewards/css/ 		42 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/modules/custom/st_rewards/css/st_rewards.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/670F) /
Resource Hash
10b42a40f4bbaae2cf0cbe59014d93e28be7d44eb09dff0d7e293f80d1f57fa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
27285933
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
6464
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Jul 2022 08:17:47 GMT
server
ECD (frb/670F)
x-vmg-version
v10.5.33
etag
W/"a66d-5e3313608c3c0"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
st_rewards_lb.css
www.straitstimes.com/modules/custom/st_rewards/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/modules/custom/st_rewards/css/st_rewards_lb.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/669C) /
Resource Hash
8575c35a14a220fa6aa1b955dfaa718873565fbdea1a11b1d83a3498e9651151
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
13175382
x-auth-group-type
y-reg
x-cache
HIT
p3p
CP=HONK
content-length
1105
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:38 GMT
server
ECD (frb/669C)
x-vmg-version
v10.5.33
etag
W/"ffb-5ef4835ed9640"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
onecol.css
www.straitstimes.com/core/modules/layout_discovery/layouts/onecol/ 		116 B
209 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/layout_discovery/layouts/onecol/onecol.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/670F) /
Resource Hash
d73a0b31e08ed90e9746b1723ca266064b7f4f113370842bc347a893e217abf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
age
13175382
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
113
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:38 GMT
server
ECD (frb/670F)
x-vmg-version
v10.5.33
etag
W/"74-5ef483c01fbc0"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
paragraphs.unpublished.css
www.straitstimes.com/modules/contrib/paragraphs/css/ 		57 B
196 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/modules/contrib/paragraphs/css/paragraphs.unpublished.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67A4) /
Resource Hash
f1eea94c1d7f9c6747515e1d7af60618498e8197905f290bc3851da41fbd5588
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
16336954
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
77
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 11 Nov 2022 01:40:46 GMT
server
ECD (frb/67A4)
x-vmg-version
v10.5.33
etag
W/"39-5ecf138b1c080"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
sph-mysph.css
www.straitstimes.com/modules/common/sph_subscriber_login/css/ 		1 KB
598 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/modules/common/sph_subscriber_login/css/sph-mysph.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/673C) /
Resource Hash
867bc5f109b3fae719e45ff52884dafcc4219764fe4cebeab82ab858b654a188
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
501
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/673C)
x-vmg-version
v10.5.33
etag
W/"53f-5ef483b1d1a00"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
style.css
www.straitstimes.com/themes/custom/straitstimes/css/ 		627 KB
103 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67BF) /
Resource Hash
f2d1c56ea05a603338af2ac4c0038bfdf14e1ed57024ad86c48c1868b4dfb9bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
1990550
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
105327
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Apr 2023 02:47:16 GMT
server
ECD (frb/67BF)
x-vmg-version
v10.5.33
etag
"9cbe8-5fa10563fdd40"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
jquery.smartbanner.css
www.straitstimes.com/themes/custom/straitstimes/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/css/jquery.smartbanner.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67A4) /
Resource Hash
a127d44fb93dbc60e25e65c04d7416949c0e1a5254e19aa5630bf8d3e698cb9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
age
18989676
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
1340
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 11 Oct 2022 08:48:44 GMT
server
ECD (frb/67A4)
x-vmg-version
v10.5.33
etag
W/"1158-5eabd7956bf40"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
messages-light.css
www.straitstimes.com/themes/contrib/bootstrap_barrio/css/colors/messages/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/contrib/bootstrap_barrio/css/colors/messages/messages-light.css?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67F0) /
Resource Hash
86dbfc31fa1e1a75ce7d6595f33f53b7eb7f917084061fc2bf87bcb6fc20439b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
1071
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/67F0)
x-vmg-version
v10.5.33
etag
W/"b88-5ef483aef5340"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
jquery.min.js
www.straitstimes.com/core/assets/vendor/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/assets/vendor/jquery/jquery.min.js?v=3.6.0
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6737) /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
30950
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/6737)
x-vmg-version
v10.5.33
etag
"15d84-5ef4839aee400+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
element.matches.js
www.straitstimes.com/core/misc/polyfills/ 		285 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/misc/polyfills/element.matches.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67A4) /
Resource Hash
ddb9c86b7030bea52fb8beafcc9efc078c1a8384b00034b39b2519a943215932
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
5912471
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
208
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Mar 2023 17:22:09 GMT
server
ECD (frb/67A4)
x-vmg-version
v10.5.33
etag
"11d-5f6725fb5ae00+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
object.assign.js
www.straitstimes.com/core/misc/polyfills/ 		922 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/misc/polyfills/object.assign.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6689) /
Resource Hash
b0f142e8f3015a755a51e3f3511ffb0faa1b6c2dd82b15769c5405541c2d9453
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
5912471
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
482
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Mar 2023 17:22:09 GMT
server
ECD (frb/6689)
x-vmg-version
v10.5.33
etag
"39a-5f6725fb5ae00+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
once.min.js
www.straitstimes.com/core/assets/vendor/once/ 		1 KB
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/assets/vendor/once/once.min.js?v=1.0.1
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/670F) /
Resource Hash
1d137f9b816994ff3dd240ef04942ebf47c48131c32b0acc640db3065755d496
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
5912471
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
699
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Mar 2023 17:22:09 GMT
server
ECD (frb/670F)
x-vmg-version
v10.5.33
etag
"54d-5f6725e848100+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
jquery.once.min.js
www.straitstimes.com/core/assets/vendor/jquery-once/ 		908 B
538 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/assets/vendor/jquery-once/jquery.once.min.js?v=2.2.3
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/675F) /
Resource Hash
1da79754ccda7c241f56d5a82ed377c3384b58db3c718d9c1fd38843c47d8df3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175384
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
438
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/675F)
x-vmg-version
v10.5.33
etag
"38c-5ef48399fa1c0+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
drupalSettingsLoader.js
www.straitstimes.com/core/misc/ 		518 B
414 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/misc/drupalSettingsLoader.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/669C) /
Resource Hash
26397bfd8b42061dd946d0b7466e0e34a727cf96a549026d0d050b60f1bce4e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
314
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/669C)
x-vmg-version
v10.5.33
etag
"206-5ef483b3b9e80+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
drupal.js
www.straitstimes.com/core/misc/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/misc/drupal.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67A4) /
Resource Hash
89b409b82a82e4159afd9a7d4240426f723e28ea599002c9b7ab7f82f7122c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
1867
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/67A4)
x-vmg-version
v10.5.33
etag
"18f4-5ef483b3b9e80+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
drupal.init.js
www.straitstimes.com/core/misc/ 		733 B
496 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/misc/drupal.init.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6737) /
Resource Hash
44cf0c7aebe493ef98b42bd6f0af1892712b28fc0d3395b85817c78ebbe196f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175384
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
395
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/6737)
x-vmg-version
v10.5.33
etag
"2dd-5ef483b3b9e80+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
jquery.once.bc.js
www.straitstimes.com/core/misc/ 		1 KB
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/misc/jquery.once.bc.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67A4) /
Resource Hash
918f37e0a3d838b34a1003f2dc3de23752d6042b376f0e5c817f35bcbaaa10b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
5912471
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
507
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Mar 2023 17:22:09 GMT
server
ECD (frb/67A4)
x-vmg-version
v10.5.33
etag
"4fa-5f6725fa66bc0+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
js.cookie.min.js
www.straitstimes.com/core/assets/vendor/js-cookie/ 		1 KB
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/assets/vendor/js-cookie/js.cookie.min.js?v=3.0.1
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/670F) /
Resource Hash
85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175384
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
726
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/670F)
x-vmg-version
v10.5.33
etag
"5dc-5ef4839aee400+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
jquery.cookie.shim.js
www.straitstimes.com/core/misc/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/misc/jquery.cookie.shim.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67A4) /
Resource Hash
f5ec1f8423e96926bd494c0f74390353594b7bc02dcfbdab3175fe0bdbd4ed76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175384
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
1447
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/67A4)
x-vmg-version
v10.5.33
etag
"106f-5ef483b3b9e80+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
sph_liveramp.js
www.straitstimes.com/modules/common/sph_liveramp/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/modules/common/sph_liveramp/js/sph_liveramp.js?v=2.0.7
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/675F) /
Resource Hash
461acc1c7697f7679cee236146ca7488e86b05b367c88c3419a9df0cfa9d36ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
age
2141600
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
1394
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 24 Apr 2023 08:49:54 GMT
server
ECD (frb/675F)
x-vmg-version
v10.5.33
etag
"14fe-5fa1034c06cc0+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
sph-mysph.js
www.straitstimes.com/modules/common/sph_subscriber_login/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/modules/common/sph_subscriber_login/js/sph-mysph.js?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67A4) /
Resource Hash
387ac5624a9d22e342c4902c7a352a0f79352daa62e5459408971c778ad36aab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
6805700
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
2555
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Mar 2023 09:15:00 GMT
server
ECD (frb/67A4)
x-vmg-version
v10.5.33
etag
"2659-5f5d2bc1540c0+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
activation.js
cdp.sph.com.sg/activation/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdp.sph.com.sg/activation/activation.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-116.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3d60c04410381530a4a9c7c1c066bc17ebf12761df8b6dd6a520ce08329e503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:42:28 GMT
content-encoding
gzip
via
1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 07:14:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
53
x-amz-server-side-encryption
AES256
etag
W/"133d2f23148011c90d3e78ab2dc2b14b"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=60
x-amz-cf-id
a0WOMKfjuSCHglYjqi2aYtbNmb4m2NRm9eTmWMEMMgGBUnqL8juhQg==
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 01:35:12 GMT
content-encoding
gzip
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
7689
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
WxELwMzsDl5mVVP0OnwCkxaNy1GPjH1X3gg4Y7bcdyordZarvoJ47w==
expires
Sat, 20 May 2023 01:35:12 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/12374/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/12374/lt.min.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7551f6ee74246c6e0d682e5c07d7fd9614bce86478ed66bdf54c163cd4bb8f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 00:54:14 GMT
content-encoding
gzip
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified
Wed, 26 Apr 2023 23:20:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
10148
x-amz-server-side-encryption
AES256
etag
W/"66f4601bd40c6d1503284c2e2a3d88e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
aU6k7GXz1x2XSeyJ67HhYZFwdcTzQa-q9CPXcvn9Az8lqs9DIzXZ4w==
betterads_head2.js
www.straitstimes.com/modules/common/sph_dfp/modules/sph_dfp_betterads/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/modules/common/sph_dfp/modules/sph_dfp_betterads/js/betterads_head2.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6737) /
Resource Hash
b17c7751208a304bcfbf6ceaf4351aa18e412e0a3f9ce0b1c48dc980d61eb336
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
age
23222068
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
1603
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Aug 2022 09:08:48 GMT
server
ECD (frb/6737)
x-vmg-version
v10.5.33
etag
"15e1-5e6e435e9ccc0+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
mySPHIdentityLightbox.js
static.mysph.sph.com.sg/mysph/js/ 		1 MB
304 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/js/mySPHIdentityLightbox.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09c1fbd26a103bcde83f7a2d50005610cd877ab42f0b38238cf935fa11082564

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:04 GMT
content-encoding
gzip
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-version-id
IYVNeS3CnKqMzuwY9WTkDXSnOR_Qlfrl
x-amz-cf-pop
FRA53-C1
age
49997
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
310092
last-modified
Thu, 18 May 2023 13:49:59 GMT
server
AmazonS3
etag
"eba67cd1b2801900af760e6f1952dab2"
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400,public
accept-ranges
bytes
x-amz-cf-id
dPCvTjNRgX5aMJ3_aUpGSJS_LJb2FshD83aPRuNExlpw4_iCuwJI9A==
mysph-googleonetap.js
static.mysph.sph.com.sg/mysph/js/ 		1 KB
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/js/mysph-googleonetap.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddd0fcab5d5dd9faad9da1cb1e845b158d7f9a5cb8784732c980a6d91b5248e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:05 GMT
x-amz-version-id
HzUTArv_sHn.dcSmwinVMI46J_kNj1QC
content-encoding
gzip
last-modified
Thu, 18 May 2023 13:49:58 GMT
server
AmazonS3
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"3b27f49debc22e09476d98d980e5db1d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800,public
age
49996
x-amz-cf-id
ukCPuvOreehXr-QxTGyBZ49SAG5bHG5NJZhUT12BzyYzqsJWB5AqRw==
gpt.js
www.googletagservices.com/tag/js/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58e94da8dee50d29aa08f411befe5cba2a0fc9cf2bc8d5e01afcead7191f6688
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25357
x-xss-protection
0
server
cafe
etag
825 / 19496 / m202305150101 / config-hash: 333621245310265565
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 19 May 2023 03:43:20 GMT
st-subscribe-placeholder.jpg
www.straitstimes.com/themes/custom/straitstimes/images/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/images/st-subscribe-placeholder.jpg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/673C) /
Resource Hash
5377962f3fe67b50de2cc173022779a3c1863023426456b4a6abd71636ba0434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-content-type-options
nosniff
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
16336953
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
81497
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Nov 2022 08:19:37 GMT
server
ECD (frb/673C)
x-vmg-version
v10.5.33
etag
"13e59-5ecf13363b840"
x-download-options
noopen
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 03:43:21 GMT
arrow-up.svg
www.straitstimes.com/themes/custom/straitstimes/images/ 		1 KB
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/images/arrow-up.svg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6775) /
Resource Hash
746a00022e9a7b0e2e456af3fde5cef49eebadaffb6245772b90b49de1795a9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
age
10342612
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
493
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 18 Jan 2023 08:37:56 GMT
server
ECD (frb/6775)
x-vmg-version
v10.5.33
etag
"419-5f285bba0c100+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 03:43:21 GMT
nodelist.foreach.js
www.straitstimes.com/core/misc/polyfills/ 		251 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/misc/polyfills/nodelist.foreach.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67F0) /
Resource Hash
c179a41ac0c21aa3874646e8ae054c9b4aa5887cb5530e2b3af291ce82834b7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
5912471
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
202
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Mar 2023 17:22:09 GMT
server
ECD (frb/67F0)
x-vmg-version
v10.5.33
etag
"fb-5f6725fb5ae00+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
css.escape.js
www.straitstimes.com/core/assets/vendor/css-escape/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/assets/vendor/css-escape/css.escape.js?v=1.5.1
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67F0) /
Resource Hash
e6d25bbcd1b217114710c61d49e1a020e585e977640d04a836cc016c134458bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
5912471
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
1193
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Mar 2023 17:22:09 GMT
server
ECD (frb/67F0)
x-vmg-version
v10.5.33
etag
"c51-5f6725e753ec0+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
popper.min.js
www.straitstimes.com/themes/custom/straitstimes/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/js/popper.min.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6689) /
Resource Hash
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
15597618
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
7503
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 19 Nov 2022 15:03:02 GMT
server
ECD (frb/6689)
x-vmg-version
v10.5.33
etag
"52f1-5ed7dbdf1f940+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
bootstrap.min.js
www.straitstimes.com/themes/custom/straitstimes/js/ 		82 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/js/bootstrap.min.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67F0) /
Resource Hash
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
age
15732160
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
21791
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 18 Nov 2022 01:40:40 GMT
server
ECD (frb/67F0)
x-vmg-version
v10.5.33
etag
"148b8-5ed7dbdf1f940+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
index.umd.min.js
www.straitstimes.com/core/assets/vendor/tabbable/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/assets/vendor/tabbable/index.umd.min.js?v=5.3.2
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/669C) /
Resource Hash
5a7d1688d4c50a4b94a581c3e2e9cfde9c21aac5d47cf613499a3695134fb84f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
5912471
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
2087
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Mar 2023 17:22:09 GMT
server
ECD (frb/669C)
x-vmg-version
v10.5.33
etag
"12dc-5f6725e93c340+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
progress.js
www.straitstimes.com/core/misc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/misc/progress.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6775) /
Resource Hash
0ee297397fc28cf7a50aa30a1003f55e2ea2bdd13780a84a2a756e7f56ded885
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
1010
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/6775)
x-vmg-version
v10.5.33
etag
"b6a-5ef483b4ae0c0+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
responsive_image.ajax.js
www.straitstimes.com/core/modules/responsive_image/js/ 		328 B
346 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/modules/responsive_image/js/responsive_image.ajax.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/669C) /
Resource Hash
34e0e8ab8d16b1f845707a7096cd89254799c692a4ee55e682359a2c4ce0b71b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
15597628
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
246
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 19 Nov 2022 15:02:52 GMT
server
ECD (frb/669C)
x-vmg-version
v10.5.33
etag
"148-5ed7dc5655280+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
ajax.js
www.straitstimes.com/core/misc/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/core/misc/ajax.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67BF) /
Resource Hash
9f9086a430d6bcd38bc67ddc6f2becb23d058d0969512f742054fa5920fb3b8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
5596
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/67BF)
x-vmg-version
v10.5.33
etag
"563d-5ef483b3b9e80+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
global.js
www.straitstimes.com/themes/custom/straitstimes/js/ 		70 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/js/global.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67BF) /
Resource Hash
3ec528caba65d3b52c1e68e36afad4498dd205848631c8949f0b786476611600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
1451083
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
12563
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 May 2023 08:33:04 GMT
server
ECD (frb/67BF)
x-vmg-version
v10.5.33
etag
"1172d-5fab1592f9800+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
neuron_tagging.js
www.straitstimes.com/themes/custom/straitstimes/js/ 		2 KB
779 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/js/neuron_tagging.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/675F) /
Resource Hash
a003f34c6b7b35ea664eaac943cdbebeb8c057f2463279ee7ca4180fc357c3c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
3871890
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
644
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Apr 2023 08:11:49 GMT
server
ECD (frb/675F)
x-vmg-version
v10.5.33
etag
"76a-5f87babc47c80+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:21 GMT
jquery.cycle.all.js
www.straitstimes.com/themes/custom/straitstimes/js/ 		56 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/js/jquery.cycle.all.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6737) /
Resource Hash
6a32becd453c345fcad410422051ab51d7457549d4cda2d8880359210c16d7d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
15732160
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
13836
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 18 Nov 2022 01:40:40 GMT
server
ECD (frb/6737)
x-vmg-version
v10.5.33
etag
"df21-5ed7dbdf1f940+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
iframeResizer.min.js
www.straitstimes.com/themes/custom/straitstimes/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/js/iframeResizer.min.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/669C) /
Resource Hash
a01583bb1046d42e54d2ddf18e6659d54025b7db0a792464dba2a2572e23c696
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
5611
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:37 GMT
server
ECD (frb/669C)
x-vmg-version
v10.5.33
etag
"3722-5ef4835fcd880+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
sidebar-textbox.js
www.straitstimes.com/themes/custom/straitstimes/js/ 		1014 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/js/sidebar-textbox.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67A4) /
Resource Hash
1d5ead345bf4e3731048f416d5239d5362d57cf00a9cfe8ba943ae1bf5503c94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
16423358
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
369
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Nov 2022 01:40:42 GMT
server
ECD (frb/67A4)
x-vmg-version
v10.5.33
etag
"3f6-5ecf13363b840+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
page.js
static.addtoany.com/menu/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
120913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 11 Jan 2023 01:11:30 GMT
server
cloudflare
etag
W/"c04-5f1f2ae2e431b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=172800
cf-ray
7c9955d1e8683834-FRA
jquery.smartbanner.js
www.straitstimes.com/themes/custom/straitstimes/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/js/jquery.smartbanner.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6775) /
Resource Hash
d2454f9f15233d34020e89d4cfb1c7b63fd635dc0dc313145fee1b87bd27ad65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
16570497
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
4699
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Nov 2022 08:48:07 GMT
server
ECD (frb/6775)
x-vmg-version
v10.5.33
etag
"3f8b-5ecf13363b840+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:20 GMT
queryly.v4.js
www.queryly.com/js/ 		46 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.queryly.com/js/queryly.v4.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f4cff2a345300085e749e83fdd2d293cd11ffbbdf676bb85e138562086a06802

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39471
x-powered-by
ASP.NET
last-modified
Mon, 06 Feb 2023 15:55:16 GMT
server
cloudflare
etag
W/"08aa167433ad91:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlksI1Yl1jPVxWs4KnzIRNafRGTQt0BTiZ2YdjdYDU1nBTZtyjzYHgR5qlsKsE04W4N8VX%2Fndo17rRvnJtabb1ji09v%2FwlrnhphNidZ5Uu%2FBVQMxQTxmAABa8Y%2FQGnscpVfJesHKYbK588HSLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
7c9955cc3973912e-FRA
access-control-allow-headers
*
straitstimes-advanced-search.js
www.queryly.com/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.queryly.com/js/straitstimes-advanced-search.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
48e1986c2e70526aa41e862378b58244d2003db194554bd5a5bb1abf88495b7c

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39150
x-powered-by
ASP.NET
last-modified
Wed, 30 Jun 2021 15:28:54 GMT
server
cloudflare
etag
W/"0ff9da2c46dd71:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGWKbMxrMwCGN8%2BZrkh1Tba7Ukf6AZw7%2BYDPriRmhVXhTQeOG5dfo2XE39dJjO10X%2Fc0cZ0DV4AIeKYlYWLgyVrVsZTpHQ2wwYsNwx6FfvUS2%2BpUMG1UbIZMdstoNYb7QJLCOkafpBLBRQCGng%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
7c9955cc598c912e-FRA
access-control-allow-headers
*
queryly-search.js
www.straitstimes.com/themes/custom/straitstimes/js/ 		1 KB
665 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/js/queryly-search.js?v=9.4.8
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6689) /
Resource Hash
aa105e08cb1ff8e6d1801bc299b1859837b9a6225ba01b17757e4d18a1f8303e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
16077766
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
496
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 14 Nov 2022 01:40:35 GMT
server
ECD (frb/6689)
x-vmg-version
v10.5.33
etag
"49a-5ecf13363b840+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:21 GMT
appear.js
www.straitstimes.com/modules/custom/st_rewards/js/ 		2 KB
939 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/modules/custom/st_rewards/js/appear.js?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/673C) /
Resource Hash
3ebbaf0128a5fee7c6aeeb33c8824dd3e292d4144f6706553403131d081336e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175383
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
790
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 17 Dec 2022 15:53:38 GMT
server
ECD (frb/673C)
x-vmg-version
v10.5.33
etag
"97f-5ef4835ed9640+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:21 GMT
reward_points.js
www.straitstimes.com/modules/custom/st_rewards/js/ 		13 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/modules/custom/st_rewards/js/reward_points.js?rubueu
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/675F) /
Resource Hash
8ad8a4d550515be8818f5e29b35ae848061f2084d584771f0232c38d04923e37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
age
4450312
x-auth-group-type
y-sub
x-cache
HIT
p3p
CP=HONK
content-length
2368
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 28 Mar 2023 15:31:29 GMT
server
ECD (frb/675F)
x-vmg-version
v10.5.33
etag
"343c-5f7dc107c4a40+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:21 GMT
subshare.js
www.straitstimes.com/modules/custom/st_subshare/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/modules/custom/st_subshare/js/subshare.js?v=1.x
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6775) /
Resource Hash
944142a5964e5c30c3eff355286f22cd47403aaa5e5e7d3b1018b8fad9a8f889
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
age
16935557
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
2573
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 04 Nov 2022 03:23:13 GMT
server
ECD (frb/6775)
x-vmg-version
v10.5.33
etag
"2192-5ec8f8e8347c0+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:21 GMT
article-details.js
www.straitstimes.com/modules/custom/st_article/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/modules/custom/st_article/js/article-details.js?v=1.x
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/673C) /
Resource Hash
16b720b7860abd7d0d26be91cf128a3b67c9093b0b733670dce0d39a40fefcd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
age
10511744
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
897
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 17 Jan 2023 11:47:38 GMT
server
ECD (frb/673C)
x-vmg-version
v10.5.33
etag
"105a-5f2724b1df000+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:21 GMT
article-sphwave.js
www.straitstimes.com/modules/custom/st_article/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/modules/custom/st_article/js/article-sphwave.js?v=1.x
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/673C) /
Resource Hash
d101e914d8fcd87f404ae6564209f041d4f04a3f60b14f959e62aba3c9ce75fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
3781445
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
1352
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Apr 2023 09:19:16 GMT
server
ECD (frb/673C)
x-vmg-version
v10.5.33
etag
"f8d-5f87baba5f800+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:21 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/ 		408 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 18 May 2023 11:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
57511
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128722
x-xss-protection
0
server
cafe
etag
7615930951174331818
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 17 May 2024 11:44:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		227 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.straitstimes.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2513083a8c05bcf4f319c9b1e93e0bf5283fcd5a0a6233b48c4339c8567872a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135
x-xss-protection
0
expires
Fri, 19 May 2023 03:43:21 GMT
suid.php
suid.sphlabs.com/suid/ 		72 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://suid.sphlabs.com/suid/suid.php?suid=a4ac49ff02dd406cabff56062ba5d9ea
Requested by
Host: dsuwzj1tch87b.cloudfront.net
URL: https://dsuwzj1tch87b.cloudfront.net/suid/suid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.214.156 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-214-156.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9b7abc16a862370026a130f06418f6b37f9abda7353f925b0385bec5c6bb6d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
https://www.straitstimes.com
date
Fri, 19 May 2023 03:43:21 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
*
access-control-allow-methods
GET, OPTIONS
content-type
application/json
pxid
5f876161-9740-4cc8-9b64-4585990b2690.prmutv.co/v2.0/ 		46 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://5f876161-9740-4cc8-9b64-4585990b2690.prmutv.co/v2.0/pxid?k=ab403253-b305-47fa-a31b-3efb2473166f
Requested by
Host: 5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app
URL: https://5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app/5f876161-9740-4cc8-9b64-4585990b2690-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
7570adb68a7fc245911e5f05879bdf49c228270d658ede5537f00fbe5834f473

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.straitstimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
827 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app
URL: https://5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app/5f876161-9740-4cc8-9b64-4585990b2690-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 03:43:21 GMT
AN-X-Request-Uuid
263e3338-e314-4d7d-b452-84234b7b47ea
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.straitstimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.167; 185.213.155.167; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
5f876161-9740-4cc8-9b64-4585990b2690-models.bin
cdn.permutive.com/models/v2/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/5f876161-9740-4cc8-9b64-4585990b2690-models.bin
Requested by
Host: 5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app
URL: https://5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app/5f876161-9740-4cc8-9b64-4585990b2690-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e165addafd6b8882ceb6a8e8959764e71986d3de6b7aa22c41ffa60588be2e2b

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
5f876161-9740-4cc8-9b64-4585990b2690
age
0
x-guploader-uploadid
ADPycdtBtaSJZt3vlZuhpODX2t7uj0C6msOWAJgoHp5aEoTYZy4x2LCJGU_LovRXkhyURupDoCwdmnVHoqHwhroGxOboPkNHzNJJ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
6414
last-modified
Thu, 18 May 2023 08:17:29 GMT
server
cloudflare
etag
"d6c8781eb3acace068647eb3221e7c13"
vary
Accept-Encoding
x-goog-generation
1684397849330660
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=GuWi5Q==, md5=1sh4HrOsrOBoZH6zIh58Ew==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
6414
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c9955d17e231c19-FRA
expires
Fri, 19 May 2023 03:17:02 GMT
geoip
api.permutive.com/v2.0/ 		261 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=ab403253-b305-47fa-a31b-3efb2473166f
Requested by
Host: 5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app
URL: https://5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app/5f876161-9740-4cc8-9b64-4585990b2690-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
39c5031fa5e04352d50fff0f766f4c5f77f2e30a45fcf73d0470bd41cd041394

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.straitstimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
watson
api.permutive.com/v2.0/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=ab403253-b305-47fa-a31b-3efb2473166f
Requested by
Host: 5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app
URL: https://5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app/5f876161-9740-4cc8-9b64-4585990b2690-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4fd7e963e4dc11a40bc21898c96824c2a7ad62161e29f1401eb06e6999333bc9

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.straitstimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1516
localstore.js
script.4dex.io/ 		483 B
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: adtag.sphdigital.com
URL: https://adtag.sphdigital.com/tag/smx/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:21 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1238911
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uvp6gheFdvpGUN0AYlOCnDyZeVATdLDYHdG9YuEanvliwL4S6abjy%2FxOja0UvKFaPovEQx0N7kXmGfIKlzE%2F22gZZ5hXTHkFusnFUh%2Fr0Y4oPX3gvAfrVZIOH8Q5tbOY5IBYV9WtnzFbv8N"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7c9955d1fba318d3-FRA
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-9c21"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 May 2023 03:43:21 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 May 2023 03:05:00 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2301
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 19 May 2023 05:05:00 GMT
gtm.js
www.googletagmanager.com/ 		344 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W22QHZ9
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4337eb7f46ae1de9a83b1c8ab150ea218931cced5169fd2af1f0be998f93894f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103446
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 19 May 2023 03:43:21 GMT
383bde75-3054-4b1e-90a7-961db3e61ee1
https://www.straitstimes.com/ 		122 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.straitstimes.com/383bde75-3054-4b1e-90a7-961db3e61ee1
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0290fdc22f5cf8783b24efd2eb704403aaf2afc96a52d69e527d1b09cd0b0656

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
125271
Content-Type
834be0b8-ff55-4a8d-b3e2-9b352ca14f41
https://www.straitstimes.com/ 		122 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.straitstimes.com/834be0b8-ff55-4a8d-b3e2-9b352ca14f41
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0290fdc22f5cf8783b24efd2eb704403aaf2afc96a52d69e527d1b09cd0b0656

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
125271
Content-Type
prebid
mp.4dex.io/ 		114 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
779b0a096123ccfc9abcaeefd9e1cdcac7df4e81c8e21cc57b09d796d8249479

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Fri, 19 May 2023 03:43:21 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1249
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.straitstimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7c9955d218023650-FRA
expires
0
prebid
ib.adnxs.com/ut/v3/ 		960 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a7d7b229e3c7677135f10d5f081bd0f428622b925b547ae804f011bc47716aee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 19 May 2023 03:43:22 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.167; 185.213.155.167; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7a5cd0c2-5a17-41db-9c2f-0f29ac101b4d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.straitstimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.straitstimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 19 May 2023 03:43:21 GMT
auction
tlx.3lift.com/header/ 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.36.0&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&tmax=1250
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.109.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-109-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:22 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.straitstimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translation.json
static.mysph.sph.com.sg/mysph/locales/en/ 		14 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/locales/en/translation.json
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f3dfa122623ea2d2ec051fabbee5208b6d82b7cda5e7c8102dcb6e22533e21b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
LtXfeNteakLi3rBxiIz.jaWCR5haCEn4
content-encoding
gzip
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
date
Fri, 19 May 2023 03:43:23 GMT
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
last-modified
Thu, 18 May 2023 13:50:00 GMT
server
AmazonS3
etag
W/"0f7056652bd173c8c5d1aae3861bbd31"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
s-maxage=86400,max-age=0,no-cache
x-amz-cf-id
E2pdTFBbi5zOB54YfwyHOqBTqU9h_hkXWZFF1p_sEUCFIrRPWR-lBQ==
gtm.js
www.googletagmanager.com/ 		304 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5Q7WW3V
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da3b89eeaa4afb39a943212250d2fce3143afa5f07b10da16ce0bd782912b153
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89847
x-xss-protection
0
last-modified
Fri, 19 May 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 May 2023 03:43:21 GMT
css2
fonts.googleapis.com/ 		10 KB
872 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
77a43710be29e3de77e03649591622f8254b140cc4fdb13af89e68113ec4aa6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 May 2023 03:43:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 May 2023 03:43:22 GMT
css2
fonts.googleapis.com/ 		328 KB
91 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans+SC:wght@400;500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b7e119e7a0845b9f4b6144123e602fbed16f9fa1243cd0028f87f9aaed076c39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 May 2023 03:43:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 May 2023 03:43:22 GMT
css2
fonts.googleapis.com/ 		2 KB
910 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Public+Sans:wght@400;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
17250e15dc2edf6265d11aed3980478c3c22786dd9d86568bf3e8ddb0dce08b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 May 2023 01:56:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 May 2023 03:43:22 GMT
css2
fonts.googleapis.com/ 		850 B
487 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Libre+Caslon+Text:wght@700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
71140bbdcb84a9c0e034d9146d0044bc7f80b7b940c262e391a263a13acbffc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 May 2023 02:29:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 May 2023 03:43:22 GMT
css2
fonts.googleapis.com/ 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Serif:wght@600;700&family=Lato&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6106cf2ccd968384938dc8bb68302de982659074730381aaa3a6d3397bfa452d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 May 2023 03:31:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 May 2023 03:43:22 GMT
css2
fonts.googleapis.com/ 		2 KB
564 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mukta+Malar:wght@400;600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f4130b699421ca1d61487160270d08ec3f4b0844b1f96deb7586d95a5b798ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 May 2023 03:43:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 May 2023 03:43:22 GMT
okta-auth-js.min.js
global.oktacdn.com/okta-auth-js/4.5.0/ 		112 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-auth-js/4.5.0/okta-auth-js.min.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-116.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
34290715b0d39c6330c9300bf299dd17ae80da8c6688025e29bc6c84e77792e4
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
o6R_bAQJP7EfXmmU0TDKdnLhLhT_p0qK
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
date
Fri, 19 May 2023 03:00:23 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
age
2580
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 17 Dec 2020 21:15:41 GMT
server
AmazonS3
etag
W/"da1c63c35ca10765111ce98e132aa43c"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
sQyd_cMP7wfBFpvYIziJiTPEMv6YqK9RQhqorytCe0BtfJsS6j-3pg==
concurrencyCheck.html
www.straitstimes.com/ Frame AAE2 		0
481 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/concurrencyCheck.html
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Access Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=0
content-length
0
content-type
text/html
date
Fri, 19 May 2023 03:43:22 GMT
etag
"0-5fb289ce3ed40"
expires
Fri, 19 May 2023 03:43:22 GMT
last-modified
Mon, 08 May 2023 06:18:53 GMT
p3p
CP=HONK
referrer-policy
no-referrer-when-downgrade
server
Access Gateway
strict-transport-security
max-age=31536000; includeSubDomains max-age=15768000
x-auth-group-type
y-anoy
x-content-type-options
nosniff
x-download-options
noopen
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
x-vmg-version
v10.5.33
x-xss-protection
1; mode=block
curator_head_st_semibold-webfont.woff2
static.mysph.sph.com.sg/mysph/fonts/curator/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/fonts/curator/curator_head_st_semibold-webfont.woff2
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88cdfbf212280a347ee341cf8e2536429a6b05fa14283b96662d5a5405854f68

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Origin
https://www.straitstimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:06 GMT
x-amz-version-id
_gGuckIYQj9m5DfFH2L8PYtC4goAIsaZ
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
49997
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24308
last-modified
Tue, 29 Nov 2022 13:38:08 GMT
server
AmazonS3
etag
"1c8be6cfbf0f5466fd1114c7d3a879fa"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
x-amz-cf-id
urktRGygE7PoIeLQzqjCYcuVWP9UF6te5cRkQYkGmhLlGTIDhafTOg==
curator_head_st_regular-webfont.woff2
static.mysph.sph.com.sg/mysph/fonts/curator/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/fonts/curator/curator_head_st_regular-webfont.woff2
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7203a86775409711dddc8df5a54869481e5d352def7c920e31ccda5976a19973

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Origin
https://www.straitstimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:06 GMT
x-amz-version-id
dNBOHUUitNl0znQnYhFnrYd.39ayHJ19
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
49997
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22420
last-modified
Tue, 29 Nov 2022 13:38:08 GMT
server
AmazonS3
etag
"f2d8de76134eecefa89bd015b2a85d41"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
x-amz-cf-id
yI5eje2CBfJnQxlrJcTTr6UPRHuykm2XNyzQavx_Q7jwsY_7wi-cwA==
curator_head_st_bold-webfont.woff2
static.mysph.sph.com.sg/mysph/fonts/curator/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/fonts/curator/curator_head_st_bold-webfont.woff2
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d813f169d6fbae58c03cf11c8630c9aa9cb65ebbeb2644d26ea04820fc2ed94

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Origin
https://www.straitstimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:04 GMT
x-amz-version-id
ii2pVomoI1G7mLAu7SCtuaXKCIvUV27Z
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
49999
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24528
last-modified
Tue, 29 Nov 2022 13:38:08 GMT
server
AmazonS3
etag
"5e15e1c968a94de177029595262feb2c"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
x-amz-cf-id
traFMfvK-BFoor4Cwb4jl0Ft5wCPSKwLWxNRWK9E5_Ecp9F-5KPb6g==
curator_head_st_semibold-webfont.woff
static.mysph.sph.com.sg/mysph/fonts/curator/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/fonts/curator/curator_head_st_semibold-webfont.woff
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14f2a4a0b36e2390fafa550f948c568362a2a7e16b40dc42d694eaf2c5cd9708

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Origin
https://www.straitstimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:04 GMT
x-amz-version-id
OhHdt2qQgI2kZHTJVYUeDpapQIYy2rFu
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
49999
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32104
last-modified
Tue, 29 Nov 2022 13:38:08 GMT
server
AmazonS3
etag
"5486cfcdc29d0f0c2b71e4318e5f03ac"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
x-amz-cf-id
dWoBnUcJApPk8DiYkcayWVlvDCplpyo6E-hgBxTMmA4wTSr-YFbH3A==
curator_head_st_regular-webfont.woff
static.mysph.sph.com.sg/mysph/fonts/curator/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/fonts/curator/curator_head_st_regular-webfont.woff
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4d6d03030653fa0131987d9c74e37e6660152e7c98d39457a372ad2629d328

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Origin
https://www.straitstimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:04 GMT
x-amz-version-id
CFaiHXkwn0fYI40eE2T41FovIjp4fNKl
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
49999
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29404
last-modified
Tue, 29 Nov 2022 13:38:08 GMT
server
AmazonS3
etag
"207f411fb07002551e5ac64e3a253ccc"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
x-amz-cf-id
Ynm89vQHL4AZXe69Mp0-IMBlwtyqxOzxYasRh9KxUAzb4yEK1nIEXA==
curator_head_st_bold-webfont.woff
static.mysph.sph.com.sg/mysph/fonts/curator/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/fonts/curator/curator_head_st_bold-webfont.woff
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3d7c135b84ab2bba0ecc037d942cceb65c50ff95a5e95c6cc80e88d029c4115

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Origin
https://www.straitstimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:04 GMT
x-amz-version-id
3nLAilFkiM_Fq2C_vyP6AxDKD0fg2rK8
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
49999
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32044
last-modified
Tue, 29 Nov 2022 13:38:08 GMT
server
AmazonS3
etag
"a1e4aab54f3374416292271f8a8eaa52"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
x-amz-cf-id
SQ_vllthj61-vn3DKeitK9SIgDHdROGcwRPYes11ICGr02xPPDPuAA==
obtp.js
amplify.outbrain.com/cp/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4ad5f5e1be2bfad0b36f324d134a09956a3bb0c2c6b824b20a237a1f8c96cfd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 May 2023 06:28:15 GMT
Server
AkamaiNetStorage
ETag
"5eb6cb81dec36b8e936c154fb603efbb:1683181933.901167"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
EU
Cache-Control
max-age=1200
X-CC
DE
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6835
Expires
Fri, 19 May 2023 04:03:22 GMT
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=ab403253-b305-47fa-a31b-3efb2473166f
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e4e93839bca6637583b1c01173894b8aa4d5015690140aea2e520cfb0d5986ab

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.straitstimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
st-masthead--sprite.png
www.straitstimes.com/themes/custom/straitstimes/images/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/images/st-masthead--sprite.png
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/675F) /
Resource Hash
af3a86737a312c5236a97aa8685daf3b2aa322ab02d4efc11c1ef941cfd734a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-content-type-options
nosniff
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175385
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
41747
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 Dec 2022 02:58:26 GMT
server
ECD (frb/675F)
x-vmg-version
v10.5.33
etag
"a313-5ef4835fcd880"
x-download-options
noopen
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 03:43:22 GMT
stlogo-subscribe.svg
www.straitstimes.com/themes/custom/straitstimes/images/ 		1 KB
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/images/stlogo-subscribe.svg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6689) /
Resource Hash
595b1f54492aca5546cfd862e58a93a31b2f4f1e3b791a6b34ed8971823843b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
13175373
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
553
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 Dec 2022 02:58:26 GMT
server
ECD (frb/6689)
x-vmg-version
v10.5.33
etag
"4cf-5ef4835fcd880+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 03:43:22 GMT
truncated
/ 		223 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f0b364913c2260d2a3eaeeaedf3626c4304fb05debb8ed5441078eb4bc72a1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1410833a4b9958ff08508317d085a68078272672d349c301619a520cd3330c76

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
Appstore.svg
www.straitstimes.com/themes/custom/straitstimes/images/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/images/Appstore.svg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6775) /
Resource Hash
4cfabcfdbec9a5cd903190f150028743f38c3533b53ea21c6e4dd35a52a80383
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175385
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
4609
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 Dec 2022 02:58:26 GMT
server
ECD (frb/6775)
x-vmg-version
v10.5.33
etag
"2fc0-5ef4835fcd880+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 03:43:22 GMT
logo-google-play.svg
www.straitstimes.com/themes/custom/straitstimes/images/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/images/logo-google-play.svg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67A4) /
Resource Hash
4b498019c05e4e3d4295a1638a04e7ea5ed01dd82d10c0669fc1c28030576c39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175385
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
2456
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 Dec 2022 02:58:26 GMT
server
ECD (frb/67A4)
x-vmg-version
v10.5.33
etag
"1d42-5ef4835fcd880+gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 03:43:22 GMT
SelaneWebSTTwenty.woff
www.straitstimes.com/themes/custom/straitstimes/fonts/selane-deck-20/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/fonts/selane-deck-20/SelaneWebSTTwenty.woff
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67BF) /
Resource Hash
5b3afc2931a8446ae45f2fb4e16d471433fb6bc0054d52666698610bddce5bf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
Origin
https://www.straitstimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-content-type-options
nosniff
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
15991361
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
44203
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Nov 2022 08:19:37 GMT
server
ECD (frb/67BF)
x-vmg-version
v10.5.33
etag
"acab-5ecf13363b840"
x-download-options
noopen
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 03:43:22 GMT
st-iconfont.woff
www.straitstimes.com/themes/custom/straitstimes/fonts/st-iconfont/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/fonts/st-iconfont/st-iconfont.woff?v14
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67BF) /
Resource Hash
020a2896207f6fc0e3049c12d142bb90b7ac5714f67c359d5d2281b17a30a424
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
Origin
https://www.straitstimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-content-type-options
nosniff
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
27392035
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
18904
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 05 Jul 2022 08:09:41 GMT
server
ECD (frb/67BF)
x-vmg-version
v10.5.33
etag
"49d8-5e30a5fdc3b40"
x-download-options
noopen
content-type
font/woff
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 03:43:22 GMT
CuratorHeadSTRegular_gdi.woff
www.straitstimes.com/themes/custom/straitstimes/fonts/curator-regular/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/fonts/curator-regular/CuratorHeadSTRegular_gdi.woff
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/673C) /
Resource Hash
78848656869a408788c3e8a14793a32d1d260056d1e4757c9ad5d1d6e141dd54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
Origin
https://www.straitstimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-content-type-options
nosniff
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175384
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
25412
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 Dec 2022 02:58:25 GMT
server
ECD (frb/673C)
x-vmg-version
v10.5.33
etag
"6344-5ef4835ed9640"
x-download-options
noopen
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 03:43:22 GMT
selanest_forty-webfont.woff
www.straitstimes.com/themes/custom/straitstimes/fonts/selane-40/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/fonts/selane-40/selanest_forty-webfont.woff
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/675F) /
Resource Hash
3e5a605c4b8f71cf95ac4e56d649e4b3fc6f42ea974872a4fde33ecc3b6ee019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
Origin
https://www.straitstimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-content-type-options
nosniff
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175382
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
34980
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 Dec 2022 02:58:25 GMT
server
ECD (frb/675F)
x-vmg-version
v10.5.33
etag
"88a4-5ef4835ed9640"
x-download-options
noopen
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 03:43:22 GMT
selanetextweb.woff2
www.straitstimes.com/themes/custom/straitstimes/fonts/selane-text/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/fonts/selane-text/selanetextweb.woff2
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (sgb/C79F) /
Resource Hash
1ef82f679beb78304789826324d9929a71617e9532b954c2fc2815d02dc2a0ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
Origin
https://www.straitstimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-content-type-options
nosniff
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
560981
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
27040
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 May 2023 06:16:31 GMT
server
ECD (sgb/C79F)
x-vmg-version
v10.5.33
etag
"69a0-5fb28946d2dc0"
x-download-options
noopen
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
expires
Fri, 19 May 2023 03:43:21 GMT
CuratorHeadSTBold_gdi.woff
www.straitstimes.com/themes/custom/straitstimes/fonts/curator-bold/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/themes/custom/straitstimes/fonts/curator-bold/CuratorHeadSTBold_gdi.woff
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67BF) /
Resource Hash
95e8950072783caa5535f98034b0ee9247278b136f8d10c4da68a5c1f3d4cafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.straitstimes.com/themes/custom/straitstimes/css/style.css?rubueu
Origin
https://www.straitstimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-content-type-options
nosniff
x-oag-host
7f52566dd1f68a6721013146859fab930327d8abbf96904ef2a89ef02b7ca90e
age
13175384
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
28564
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 Dec 2022 02:58:25 GMT
server
ECD (frb/67BF)
x-vmg-version
v10.5.33
etag
"6f94-5ef4835ed9640"
x-download-options
noopen
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 03:43:22 GMT
rrbbtea0505_0.jpg
static1.straitstimes.com.sg/s3fs-public/styles/large30x20/public/articles/2023/05/07/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.straitstimes.com.sg/s3fs-public/styles/large30x20/public/articles/2023/05/07/rrbbtea0505_0.jpg?VersionId=8ilkZPiXcmxx4bz1rfoS_s2iG3FKcSLq&itok=SdmSqR4z
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.244 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cee8450343f567b9beb938d8394b96e3486c3735b9d4336f7a3f682da1f6e198
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-gumlet-pc
HIT
date
Fri, 19 May 2023 03:43:22 GMT
via
1.1 varnish
strict-transport-security
max-age=31557600
nel
{'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid
64632e550a9948bcf62399b6
age
246276
x-cache
HIT
x-gumlet-runtime
0.583
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25642
x-served-by
cache-fra-eddf8230035-FRA
x-timer
S1684467802.167060,VS0,VE0
etag
"1f959vays9s44"
access-control-max-age
3600
report-to
{'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=31536000
vary
accept
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
9
nadinechua.png
static1.straitstimes.com.sg/s3fs-public/styles/profile_photo/public/articles/2022/03/28/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.straitstimes.com.sg/s3fs-public/styles/profile_photo/public/articles/2022/03/28/nadinechua.png?VersionId=P1aEC.1BsKuKub9W4UCm67apENRsTOXG
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.244 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6e2ac4e77e57c5ca7d3577763c71b207c4ede6b86fd964fe0d04e32982ad54f3
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-gumlet-pc
HIT
date
Fri, 19 May 2023 03:43:22 GMT
via
1.1 varnish
strict-transport-security
max-age=31557600
nel
{'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid
6459920647d6c7a635693bae
age
876116
x-cache
HIT
x-gumlet-runtime
0.499
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6118
x-served-by
cache-fra-eddf8230035-FRA
x-timer
S1684467802.167210,VS0,VE1
etag
"3svw1crqto5sj"
access-control-max-age
3600
report-to
{'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=31536000
vary
accept
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
1
DSC7227_0.jpg
static1.straitstimes.com.sg/s3fs-public/styles/large30x20/public/articles/2023/05/07/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.straitstimes.com.sg/s3fs-public/styles/large30x20/public/articles/2023/05/07/DSC7227_0.jpg?VersionId=aQqCJFSxlO_39XoSZ.bJnp1l47pJQwoU&itok=RFdsEk7A
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.244 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
da908cca532049ebbea9690363f45fcd4cca10b49fc596c448604418402bcf1f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-gumlet-pc
HIT
date
Fri, 19 May 2023 03:43:22 GMT
via
1.1 varnish
strict-transport-security
max-age=31557600
nel
{'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid
6456d3331f2c4feaa39c0223
age
1056038
x-cache
HIT
x-gumlet-runtime
0.366
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
24349
x-served-by
cache-fra-eddf8230035-FRA
x-timer
S1684467802.167215,VS0,VE1
etag
"1jg3ppghkebx4"
access-control-max-age
3600
report-to
{'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=31536000
vary
accept
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
1
whitecloseicon.png
www.queryly.com/images/ 		816 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.queryly.com/images/whitecloseicon.png
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
298677
x-powered-by
ASP.NET
content-length
816
last-modified
Thu, 11 Jun 2020 23:20:57 GMT
server
cloudflare
etag
"d7046f64640d61:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZnwVL9B9GbbwAxVzV5WlQ4ZRMsMC4Grmjxi%2B3L%2Bc341%2BMMUYvcQI%2B9k9Pc0XwiuqLQZqj2W8bAyFzciwBU%2BMQ4wVq%2B5EYnIQZjKk%2BqUwRESuI4Tp%2F93DHZQBDuL0xlmBNZz0sRfL%2FNJB0Bhaw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7c9955d33f0c912e-FRA
access-control-allow-headers
*
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		270 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=straitstimes.com&domain=straitstimes.com&path=%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c3017ca3433380e7fc45f74c7c1227e40af303c5749aa5547c888816d3042ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
193
x-served-by
cache-fra-eddf8230035-FRA
x-timer
S1684467802.173551,VS0,VE100
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Wed, 17 May 2023 03:43:22 GMT
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:22 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1021007
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J61SXaOOxdHkWA2EADsb%2BD3CRXO9ilrwlVghUewUOpHC%2BLcgs8Son69bA%2BI3xF6lAcyrbF9PZ0ncIiPC%2BzlMd%2BwEB%2Fblm7GXiSo%2FC%2BfHbRrYIt9Gf71x7ArIyKqNidRfX5JeYXcdpyGcer27"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7c9955d38fe33a7e-FRA
syncframe
gum.criteo.com/ Frame 7968 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.straitstimes.com
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 03:43:21 GMT
server
Kestrel
server-processing-duration-in-ticks
354155
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
js
www.google-analytics.com/gtm/ 		122 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-KXJKHV2&cid=1849208897.1684467802
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3c1f1a014ec5788508816b9dd56daed240a8290e54e6d1ed5c451dd379ff84e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
48109
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 19 May 2023 03:43:22 GMT
neuron-latest.min.js
neuron.platform.sphdigital.com.sg/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://neuron.platform.sphdigital.com.sg/neuron-latest.min.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-13.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6dd70e7d53f6d0193b1fe38a3f616306530b4948028d6525367d062d49e36598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
k.1wz58OZUl1WouNN4stjbQph0UK_F_H
content-encoding
gzip
via
1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
date
Fri, 19 May 2023 03:43:23 GMT
last-modified
Wed, 12 Apr 2023 04:26:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
etag
W/"b79d501a38dc7df84886a25fa3e40de7"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
x-amz-cf-id
zWpqmwQ2o6m3R6aNQqbV3v27HVrGlhDW1a-uEovVxLq3YnCaezHF0w==
sm.24.html
static.addtoany.com/menu/ Frame D59A 		677 B
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.24.html
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1244011
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
7c9955d3995f3834-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 19 May 2023 03:43:22 GMT
etag
W/"2a5-5edb40e6d10d8"
last-modified
Fri, 18 Nov 2022 00:47:55 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
e4s
x-content-type-options
nosniff
core.26680508.js
static.addtoany.com/menu/modules/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/modules/core.26680508.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Origin
https://www.straitstimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
via
e3s
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1848739
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 11 Jan 2023 01:11:29 GMT
server
cloudflare
etag
W/"11452-5f1f2ae24215b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
cf-ray
7c9955d3a95c903c-FRA
login_details.php
www.straitstimes.com/ 		91 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/login_details.php?1684467802176
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Access Gateway /
Resource Hash
5cef9e47f0c45bb5c1488793d4f330d9d3e2cb07bdf712f3d476f5aeca2fdd4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-NewRelic-ID
VgQCUVRQGwIAUFNSDgcPUFE=
tracestate
225023@nr=0-1-225023-1103073292-773550b512f80740----1684467802177
traceparent
00-43dded27a00a9970ac806c078bc37600-773550b512f80740-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIyNTAyMyIsImFwIjoiMTEwMzA3MzI5MiIsImlkIjoiNzczNTUwYjUxMmY4MDc0MCIsInRyIjoiNDNkZGVkMjdhMDBhOTk3MGFjODA2YzA3OGJjMzc2MDAiLCJ0aSI6MTY4NDQ2NzgwMjE3N319
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
X-Requested-With
XMLHttpRequest

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
x-auth-group-type
y-anoy
p3p
CP=HONK
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
x-newrelic-app-data
PxQFU1NTCgATVVFSBQADUlQHABFORDQHUjZKA1ZLVVFHDFYPHi9cEAlXWwgcBlxmQg1OSBUdB0pUHwYDVFNQUQVRAE4VCRgQUgBfUwZQVQcAUAVSVlQABhJIBwNbQlI7
server
Access Gateway
x-vmg-version
v10.5.33
x-download-options
noopen
vary
Accept-Encoding
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
expires
Fri, 19 May 2023 03:43:21 GMT
record
streams.cablecar.sph.com.sg/streams/cablecar-prd-eas-page-view/ 		133 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://streams.cablecar.sph.com.sg/streams/cablecar-prd-eas-page-view/record
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.221.242 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-221-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
4acb54f245d343ebffeabeff6316b38e8bad7c4dc8312e0423db4167e305caf3

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
x-api-key
mFMvosA2jy4WPCSGv2VbE3Uo2r2NZH5r5OOQtwki
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 03:43:23 GMT
x-amzn-trace-id
Root=1-6466f05a-2871fdec41966b056f4a0eeb
x-amzn-requestid
5e29227c-598b-4579-892b-8ae1c4356d1a
content-length
133
x-amz-apigw-id
FJp-QFH2SQ0FemQ=
content-type
application/json
record
streams.cablecar.sph.com.sg/streams/cablecar-prd-eas-page-view/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://streams.cablecar.sph.com.sg/streams/cablecar-prd-eas-page-view/record
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.221.242 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-221-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
PUT
Origin
https://www.straitstimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key
access-control-allow-methods
OPTIONS,HEAD,GET,POST,PUT,PATCH,DELETE
access-control-allow-origin
*
access-control-max-age
7200
content-length
0
content-type
application/json
date
Fri, 19 May 2023 03:43:22 GMT
x-amz-apigw-id
FJp-OFjJSQ0FTZA=
x-amzn-requestid
fe5f5d78-2ac4-4b6e-84ac-fb676a2940af
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=66372
accept-ranges
bytes
content-length
4777
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 19 May 2023 03:43:22 GMT
last-modified
Thu, 11 May 2023 18:08:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B369DADAEDB04B7EA3B7D8814D92AB1E Ref B: FRAEDGE1421 Ref C: 2023-05-19T03:43:22Z
etag
"80df77953384d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12195
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 01:10:22 GMT
content-encoding
gzip
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
9180
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
eSlbDGd_shKPew84qty43L1d8VIHtdYUhPnIyjd-wGPOy7lIMvBarw==
expires
Sat, 20 May 2023 01:10:22 GMT
ytc.js
s.yimg.com/wi/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:07 GMT
x-amz-version-id
JGW8wXvjjj83MVu5c5k1Bd2u8_DD2rYy
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
D44HXT2PM0PESKNJ
age
16
x-amz-server-side-encryption
AES256
x-amz-id-2
fHudsP29XmSasUCRMjgHQIC7MWLY1jvs3lBTXHdZPeKpdwx3FSi2/n7TDSctpz1BWepILy/NyIw=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Fri, 31 May 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Wed, 26 Apr 2023 11:08:30 GMT
server
ATS
etag
"e896178ac557f4e393e0a05405c33633-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
b
sb.scorecardresearch.com/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6288331&ns__t=1684467802270&ns_c=UTF-8&c8=Woman%20who%20scanned%20QR%20code%20with%20malware%20lost%20%2420k%20to%20bubble%20tea%20survey%20scam%20while%20she%20was%20sleeping%20%7C%20The%20Straits%20Times&c7=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&c9=
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
nDh2M4b6lwh51dTLvRH7PqOECjTX7KorKLhSguRof2NHA1sy9o5zmQ==
x-cache
Miss from cloudfront
sph
segment.api.sphdigital.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://segment.api.sphdigital.com/sph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.40.123 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-40-123.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.straitstimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 19 May 2023 03:43:22 GMT
x-amz-apigw-id
FJp-PFebSQ0FqcQ=
x-amzn-requestid
bc69057b-fc32-4990-8549-0d6403476345
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/994576315/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994576315/?random=1684467802290&cv=11&fst=1684467802290&bg=ffffff&guid=ON&async=1&gtm=45He35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&hn=www.googleadservices.com&frm=0&tiba=Woman%20who%20scanned%20QR%20code%20with%20malware%20lost%20%2420k%20to%20bubble%20tea%20survey%20scam%20while%20she%20was%20sleeping%20%7C%20The%20Straits%20Times&auid=800453107.1684467802&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
309c67bbdd28747201250a034b9306ee6f2df7cf5ffa3633acb75389f28db979
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1331
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 19 May 2023 03:43:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27538
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
FB6Tp7jXeCcjO+GQlh4o83WQEUPexUDg7YkdLYE22zKpwQ+aaHpcDFBJNzldUsw4Pk3sjIarGesMVYGq9DhwVA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
outbrain.js
widgets.outbrain.com/ 		224 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
68aeb838cc13eb951f3c1dd00a94429d787da2c82d17fd38d59bc5695dd186e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
last-modified
Wed, 17 May 2023 14:02:16 GMT
etag
"22-uqYlMBfqb4/3Xzp4iicTUKXi4Og"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14500
access-control-allow-credentials
false
x-traceid
94a053913bfd80af83526df79dbf935b
timing-allow-origin
*, *
content-length
82486
access-control-request-headers
X-OB-STG,X-OB-PRD
aid_push.js
adtag.sphdigital.com/tag/aid/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adtag.sphdigital.com/tag/aid/aid_push.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.10 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/669C) /
Resource Hash
d33838dcfafe36cc79ffdd31c8a29760d68cc83b37aa94a131810f3872ad47e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-meta-mtime
1602137597
date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
age
7365
x-amz-request-id
QDDJ258WSSK1K4YZ
x-cache
HIT
content-length
1375
x-amz-id-2
uy66+LK9ntO3JI1ORRSfV3o9jyaklMuG8k4BWKPQK1LjwiyaZQwmhWzSuqI1I6+aYULZLRXdpf4=
ec-rule-version
v1.27, v1.27
last-modified
Mon, 12 Dec 2022 12:53:49 GMT
server
ECD (frb/669C)
etag
"030ecb3ebe2594b5a786344cff8c41c8+gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Sat, 20 May 2023 03:43:22 GMT
s2s-web.js
sg-config.sensic.net/ 		77 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sg-config.sensic.net/s2s-web.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af912b6d5bba00042aea54553765d150ebd592ead5ef2bf4e8f9827b7a7f2d95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 12 May 2023 22:58:34 GMT
content-encoding
gzip
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
x-amz-version-id
CDfTCgqrkxIoJrL_CJ3RaabNxTQ74yKQ
x-amz-cf-pop
FRA2-C2
age
535489
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
19588
last-modified
Thu, 09 Mar 2023 15:55:42 GMT
server
AmazonS3
etag
"6197251e41c66831ef6e30acf7247ac4"
content-type
text/javascript
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
Zvq4VbMo87fknluLwYvKUeIE8ego9BCJT-QnCGTcZ0h3z5HZmo4OIQ==
sph
segment.api.sphdigital.com/ 		15 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://segment.api.sphdigital.com/sph
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.40.123 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-40-123.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
745336b6e87e607e59a03715eaf90a08492ef0ceef09b8c17cb49babfcda9b21

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
x-api-key
RCgza9hmZE29pZyskJHX18Esgp5LfTNx3QYy8lA2
Content-type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 03:43:23 GMT
x-amzn-trace-id
Root=1-6466f05b-17f1d0ba44a01fd95ebc74ed;Sampled=0;lineage=8204371b:0
x-amzn-requestid
160aa985-0796-4c4a-b932-6d3811f6ceec
content-length
15
x-amz-apigw-id
FJp-RFgcSQ0FuRQ=
content-type
application/json
js
www.googletagmanager.com/gtag/ 		259 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MQEMTJBF6J&l=dataLayer&cx=c
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e5aa4447cea28e4346c50082ee26cf6bb07dcbc840c633684c3694efd2d9cc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86565
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 19 May 2023 03:43:22 GMT
cachedClickId
tr.outbrain.com/ 		35 B
194 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00529a8e9e01c3bfad3c4bd7ec1ab148f6,00529a8e9e01c3bfad3c4bd7ec1ab148f6
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:22 GMT
X-TraceId
32d65fb46585b02450f522e160b6ec42
Content-Length
35
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=03062789374710273&referrer=&cht=gtm&marketerId=00529a8e9e01c3bfad3c4bd7ec1ab148f6&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:22 GMT
Cache-Control
no-cache
X-TraceId
c2115cfe6177b65928c52599ae9fd013
Content-Length
53
Content-Type
image/gif;
sid
mug.criteo.com/ Frame 7968
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=straitstimes.com&sn=ChromeSyncframe&so=0&topUrl=www.straitstimes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=tlAOkHxpZ2JKd2NPRkUxbDZSUmFHRWNwd2FoUERRZVJjdnlUSlUwR0xFa2lDK2VTNFpvOWJvRmlGMXlzeG1jRWxselVEWlM0UGNTZTE2bmJYbW9TbGxUbTVhRzlzVlhvTHl0cTdyYUR2SlFhMUcxTnMwbUJGMWZBWGJkRl...
470 B
692 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=tlAOkHxpZ2JKd2NPRkUxbDZSUmFHRWNwd2FoUERRZVJjdnlUSlUwR0xFa2lDK2VTNFpvOWJvRmlGMXlzeG1jRWxselVEWlM0UGNTZTE2bmJYbW9TbGxUbTVhRzlzVlhvTHl0cTdyYUR2SlFhMUcxTnMwbUJGMWZBWGJkRlZUUmFqRDA1YVhNS0JQeEp6bFhGMyt3ZWhZbE5lV0l0cXgraWxSWEwzeEhGckMxUHVpV1pSSW5ZaGR5Tk5iYjR2K1UzcS9ITzlvRUFpQUdYWlFRcFVkamZpVmNtM1VJWUNpR2o4Z0FGdW1YRkFPN3JOWjJTWW8zbHlxM0VndHE2VDQzcm9uSGRaWis4V2Q4WGZ3S0U1dU8vcDRuRWlzdz09fA&cppv=2
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d56c8213162d2acbbb5331abbec4e79915b9e91cd2d0f740f0ad0fc18576329a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1273499
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=tlAOkHxpZ2JKd2NPRkUxbDZSUmFHRWNwd2FoUERRZVJjdnlUSlUwR0xFa2lDK2VTNFpvOWJvRmlGMXlzeG1jRWxselVEWlM0UGNTZTE2bmJYbW9TbGxUbTVhRzlzVlhvTHl0cTdyYUR2SlFhMUcxTnMwbUJGMWZBWGJkRlZUUmFqRDA1YVhNS0JQeEp6bFhGMyt3ZWhZbE5lV0l0cXgraWxSWEwzeEhGckMxUHVpV1pSSW5ZaGR5Tk5iYjR2K1UzcS9ITzlvRUFpQUdYWlFRcFVkamZpVmNtM1VJWUNpR2o4Z0FGdW1YRkFPN3JOWjJTWW8zbHlxM0VndHE2VDQzcm9uSGRaWis4V2Q4WGZ3S0U1dU8vcDRuRWlzdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
327890
content-length
0
expires
0
login.html
static.mysph.sph.com.sg/mysph/standalone/ Frame E210
Redirect Chain
  • https://www.straitstimes.com/p/login.php
  • https://idp.mysph.sph.com.sg/app/sph_stwebsite_1/exk3u9w9qw54XJxYH4x7/sso/saml?SAMLRequest=fVLRbuMgEPwVi3cbbCfnGiWR0kan5tRroyY9tX2JMOAGnQ2Exefk70ucu1770D4gxLAzszvaCbC2sXTe%2BZ2%2Bl%2FtOgo8ObaOBDh9T...
  • https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4aa81f02ca2ccd50cf0617825c6f8b117d7b4cd47a717a1856c6d16a99bfa822

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
50000
cache-control
max-age=86400,public
content-encoding
gzip
content-type
text/html
date
Thu, 18 May 2023 13:50:04 GMT
etag
W/"d67008a79f09c1753cf2804cc3504358"
last-modified
Thu, 18 May 2023 13:50:01 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-id
d0JfsmWsU23S3B6ql-UbG4v2957CHae6aZw2pDsNdxxWRKkqmqqZ6Q==
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
N93wtgwLd17OtfjM3vDcnKuRPImbRy90
x-cache
Hit from cloudfront

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Fri, 19 May 2023 03:43:22 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-Robots-Tag
noindex,nofollow
cache-control
no-cache, no-store
content-language
de
content-security-policy-report-only
default-src 'self' sph.okta.com idp.mysph.sph.com.sg *.oktacdn.com; connect-src 'self' sph.okta.com sph-admin.okta.com idp.mysph.sph.com.sg *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com sph.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' sph.okta.com idp.mysph.sph.com.sg *.oktacdn.com; style-src 'unsafe-inline' 'self' sph.okta.com idp.mysph.sph.com.sg *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' sph.okta.com sph-admin.okta.com idp.mysph.sph.com.sg login.okta.com https://static.mysph.sph.com.sg; img-src 'self' sph.okta.com idp.mysph.sph.com.sg *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' sph.okta.com idp.mysph.sph.com.sg data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
expires
0
location
https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
p3p
CP="HONK"
pragma
no-cache
x-okta-request-id
ZGbwWpfa8_lbcaoMbKU3xwAAAsY
x-rate-limit-limit
6000
x-rate-limit-remaining
4966
x-rate-limit-reset
1684467824
x-xss-protection
0
activation
cdp.activation.sph.com.sg/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdp.activation.sph.com.sg/api/activation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.10 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (sgb/C79C) / SPH
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.straitstimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,x-api-key,access-control-allow-origin
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache
content-length
0
date
Fri, 19 May 2023 03:43:22 GMT
ec-rule-version
v0.386 v0.386
server
ECD (sgb/C79C)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
SPH
x-vmg-version
v0.386
x-xss-protection
1; mode=block
activation
cdp.activation.sph.com.sg/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdp.activation.sph.com.sg/api/activation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.10 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (sgb/C7A5) / SPH
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.straitstimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,x-api-key,access-control-allow-origin
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache
content-length
0
date
Fri, 19 May 2023 03:43:22 GMT
ec-rule-version
v0.386 v0.386
server
ECD (sgb/C7A5)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
SPH
x-vmg-version
v0.386
x-xss-protection
1; mode=block
activation
cdp.activation.sph.com.sg/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdp.activation.sph.com.sg/api/activation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.10 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (sgb/C7A5) / SPH
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.straitstimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,x-api-key,access-control-allow-origin
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache
content-length
0
date
Fri, 19 May 2023 03:43:22 GMT
ec-rule-version
v0.386 v0.386
server
ECD (sgb/C7A5)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
SPH
x-vmg-version
v0.386
x-xss-protection
1; mode=block
activation
cdp.activation.sph.com.sg/api/ 		121 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdp.activation.sph.com.sg/api/activation
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.10 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (sgb/C79C) / SPH
Resource Hash
02360bb4eb2cb2037c092779b42eb4cbecb475c8804f7a68003e3155626fa932
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
x-api-key
c9875acb-576c-44bb-9484-aafb59ace74c
Content-Type
application/json

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-vmg-version
v0.386
server
ECD (sgb/C79C)
x-powered-by
SPH
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache
x-frame-options
DENY
access-control-allow-headers
Content-Type,x-api-key,access-control-allow-origin
x-xss-protection
1; mode=block
ec-rule-version
v0.386, v0.386
activation
cdp.activation.sph.com.sg/api/ 		190 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdp.activation.sph.com.sg/api/activation
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.10 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (sgb/C7A3) / SPH
Resource Hash
740518add6d4c2f45138d463d092a7ebc231cef093c6bbda093b375b13b82dad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
x-api-key
c9875acb-576c-44bb-9484-aafb59ace74c
Content-Type
application/json

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-vmg-version
v0.386
server
ECD (sgb/C7A3)
x-powered-by
SPH
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache
x-frame-options
DENY
access-control-allow-headers
Content-Type,x-api-key,access-control-allow-origin
x-xss-protection
1; mode=block
ec-rule-version
v0.386, v0.386
activation
cdp.activation.sph.com.sg/api/ 		229 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdp.activation.sph.com.sg/api/activation
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.10 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (sgb/C79C) / SPH
Resource Hash
dbcef22d5e1f6f1e1c4a07fc1d6c5c8548ba086279d77d4b4d9c14d8eb245f0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
x-api-key
c9875acb-576c-44bb-9484-aafb59ace74c
Content-Type
application/json

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-vmg-version
v0.386
server
ECD (sgb/C79C)
x-powered-by
SPH
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache
x-frame-options
DENY
access-control-allow-headers
Content-Type,x-api-key,access-control-allow-origin
x-xss-protection
1; mode=block
ec-rule-version
v0.386, v0.386
audiences
api.permutive.com/audience-matching/v1/id/48c5b0bb-1ee3-4b69-90a0-a0acad390169/ 		12 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/48c5b0bb-1ee3-4b69-90a0-a0acad390169/audiences?k=ab403253-b305-47fa-a31b-3efb2473166f
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 03:43:22 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
facebook.js
static.addtoany.com/menu/svg/icons/ 		318 B
502 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons/facebook.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a19ff3554a1e589f756a92be8263726674127c133feb1d333095668b77ba08c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Origin
https://www.straitstimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
via
e3s
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
15363190
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 01:01:36 GMT
server
cloudflare
etag
W/"13e-5edb43f5ee978"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=7776000
cf-ray
7c9955d52a8c903c-FRA
whatsapp.js
static.addtoany.com/menu/svg/icons/ 		1 KB
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons/whatsapp.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96840bd7cc7d8edd1d1ffaff60d7f335fd866cd9a6132c8524d620482f4df64a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Origin
https://www.straitstimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1496406
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 01:01:39 GMT
server
cloudflare
etag
W/"471-5edb43f896478"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=7776000
cf-ray
7c9955d52a8e903c-FRA
twitter.js
static.addtoany.com/menu/svg/icons/ 		695 B
676 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons/twitter.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Origin
https://www.straitstimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
via
e2s
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
15363190
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 01:01:39 GMT
server
cloudflare
etag
W/"2b7-5edb43f86f378"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=7776000
cf-ray
7c9955d52a8f903c-FRA
collect
tagweb.straitstimes.com/ 		35 B
393 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagweb.straitstimes.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.219.231 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (sgb/C7A3) /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:22 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
x-vmg-version
v10.5.33
server
ECD (sgb/C7A3)
content-type
image/gif
access-control-allow-origin
https://www.straitstimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-11908285-1&cid=1849208897.1684467802&jid=114487126&gjid=1148706264&_gid=1705824386.1684467802&_u=aGDAgEADQAAAAEAAII~&z=1185329671
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 19 May 2023 03:43:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.straitstimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
tagweb.straitstimes.com/g/ 		65 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tagweb.straitstimes.com/g/collect?v=2&tid=G-MQEMTJBF6J&gtm=45je35h0&_p=1629550037&_gaz=1&cid=1849208897.1684467802&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.gcsub=region1&_s=1&uid=&sid=1684467802&sct=1&seg=0&dl=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&dt=Woman%20who%20scanned%20QR%20code%20with%20malware%20lost%20%2420k%20to%20bubble%20tea%20survey%20scam%20while%20she%20was%20sleeping%20%7C%20The%20Straits%20Times&richsstsse
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.219.231 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (sgb/C7A8) /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
via
1.1 google
server
ECD (sgb/C7A8)
x-vmg-version
v10.5.33
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.straitstimes.com
cache-control
no-cache
access-control-allow-credentials
true
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MQEMTJBF6J&cid=1849208897.1684467802&gtm=45je35h0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MQEMTJBF6J&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.straitstimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MQEMTJBF6J&cid=1849208897.1684467802&gtm=45je35h0&aip=1&z=1162445731
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/4509449/domain/straitstimes.com/ 		36 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4509449/domain/straitstimes.com/token
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:dc00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:45:06 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
3496
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-amz-cf-id
muM5OxOwuwx5xYy1ZtX4lDa-B35mIbV7mryNxtQuYW29eZACBWqTNQ==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4509449&time=1684467802503&url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-surv...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4509449&time=1684467802503&url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-surv...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4509449%26time%3D1684467802503%26url%3Dhttps%253A%252F%252Fwww.straitstimes.com%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4509449&time=1684467802503&url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-surv...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4509449&time=1684467802503&url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-sur...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4509449&time=1684467802503&url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJFS883moryHAAAAYgyGuMc4ezEhxgmjzuplW0wGkQGgWD8SRLvtNTReagygyl7hUPhAMkS
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: F4490CD16E8B48CBBAAEC3053B7F3D49 Ref B: FRAEDGE1906 Ref C: 2023-05-19T03:43:23Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX8A7kJUauF4o9s30G/Yg==

Redirect headers

date
Fri, 19 May 2023 03:43:22 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6BA83128CCD04E4A93B363860BD6FDED Ref B: FRAEDGE2022 Ref C: 2023-05-19T03:43:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4509449&time=1684467802503&url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJFS883moryHAAAAYgyGuMc4ezEhxgmjzuplW0wGkQGgWD8SRLvtNTReagygyl7hUPhAMkS
x-li-proto
http/2
content-length
0
x-li-uuid
AAX8A7kHESxkT/7zX/3mVA==
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=straitstimes.com&p=%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&u=DHlK30BgrYkiDoQoJO&d=straitstimes.com&g=52075&g0=Singapore&g1=Nadine%2BChua&g4=article&n=1&f=00001&c=0&x=0&m=0&y=6144&o=2832&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&b=2059&t=CXaVOzCQHatLBQaEDYBRhoybJRAWT&V=139&i=Woman%20who%20scanned%20QR%20code%20with%20malware%20lost%20%2420k%20to%20bubble%20tea%20survey%20scam%20while%20she%20was%20sleeping%20%7C%20&tz=0&_acct=anon&sn=1&sv=B5NogWCWAhxCDGpWdxBjKAlsBsmaqj&sd=1&im=067b0fff&_
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.50.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-50-152.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 19 May 2023 03:43:22 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.104
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 19 May 2023 03:43:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20722
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
hPVnDiyjOfgmkgfW8RvJHmfiHov6oUlpS8nvLRM5eYbjShDJy9wjaeXabp2x+o+my/mel2YVY7Ud72070z9K9Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
482635362449466
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/482635362449466?v=2.9.104&r=stable
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9ba471155394698e870cc9c9d0c8ec744d014fa45341610f179222f59f8a01bf
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 19 May 2023 03:43:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87963
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
UfW7hQ0jq6ggDn8H5v7QAPj0u/of9EiMs6TSAOCqZoqyRruabJ9wnJiiEMC7PaNyt9PZNFKVi99JJGqeDDQFqg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
tp.gif
1684467802528bdf94ceb08543450737941e2aa1e7646dac90ec9179.trk.sensic.net/ 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1684467802528bdf94ceb08543450737941e2aa1e7646dac90ec9179.trk.sensic.net/tp.gif?m=StraitstimesWeb&r=www.straitstimes.com&p=sg2&instanceid=1684467802528BDF94CEB08543450737941E2AA1E7646DAC90EC9179&redirect=manual
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d014:5d3:cea0:34bd:20cd:7c62:c2d5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
server
nginx/1.22.0
x-powered-by
Express
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
expires
Wed, 21 Oct 2015 07:28:00 GMT
3pc.html
sg-config.sensic.net/ Frame EC4F 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sg-config.sensic.net/3pc.html
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c2b6d0208ffafae5afbf007859e6c4174aa9b08f5516259cb298e1042fa0e2b

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
535485
cache-control
max-age=604800
content-encoding
gzip
content-length
1980
content-type
text/html
date
Fri, 12 May 2023 22:58:38 GMT
etag
"53746d21dc21327904b7df70dd2b8d35"
last-modified
Thu, 09 Mar 2023 15:55:42 GMT
server
AmazonS3
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
x-amz-cf-id
p0XP89w19sQfgyhcsiico83LljTW3u_BRb8LuvE6osFUuaFK0mmYtw==
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
_iJWDk9KREdHXo.7vweHqbDPt5wzULpN
x-cache
Hit from cloudfront
/
sg2-s2s.sensic.net/ 		0
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sg2-s2s.sensic.net/
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.157.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-157-165.eu-central-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 03:43:22 GMT
server
nginx/1.22.0
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Sun, 18 Jun 2023 03:43:22 GMT
date
Fri, 19 May 2023 03:43:22 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-11908285-1&cid=1849208897.1684467802&jid=114487126&_u=aGDAgEADQAAAAEAAII~&z=1112498305
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-11908285-1&cid=1849208897.1684467802&jid=114487126&_u=aGDAgEADQAAAAEAAII~&z=1112498305
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
97024697.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/97024697.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
9763e233a2086a90b3f9f20fe2d0c254b77015b4aa7f0c25bf9d0b766dbf375c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 19 May 2023 03:43:22 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3B8C8CB338DD45719E956793B6B9E039 Ref B: FRAEDGE1421 Ref C: 2023-05-19T03:43:22Z
x-powered-by
ARR/3.0
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
content-length
1497
0
bat.bing.com/action/ 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=97024697&tm=gtm002&Ver=2&mid=393f2285-7b62-4be1-bd1d-26de8869631a&sid=4d936cd0f5f711ed97ae7501f6684a52&vid=4d937700f5f711ed9cad797c700f270a&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Woman%20who%20scanned%20QR%20code%20with%20malware%20lost%20%2420k%20to%20bubble%20tea%20survey%20scam%20while%20she%20was%20sleeping%20%7C%20The%20Straits%20Times&p=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&r=&lt=1732&evt=pageLoad&sv=1&rn=560645
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 May 2023 03:43:22 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C74E5C8FE1BC4999B9DD8D03502EC7C2 Ref B: FRAEDGE1421 Ref C: 2023-05-19T03:43:22Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.straitstimes.com
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.straitstimes.com
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		829 B
963 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=314366816052922&correlator=2824916042166448&eid=31072019%2C31074723%2C21065724&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=5908%2Cst%2Cprestitial%2Csingapore&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&adks=2712181578&didk=2636367866&sfv=1-0-40&prev_scp=pos%3Dprestitial%26stprint%3DOff%26weight%3D1&eri=1&cust_params=permutive%3D%26puid%3D%26ptime%3D1684467801768%26prmtvvid%3Dd39c11d7-2d73-463e-9fc5-f83b6c46490a%26prmtvwid%3D5f876161-9740-4cc8-9b64-4585990b2690%26bs%3DN%26webview%3DN%26impression_split%3D15%26skinver%3D2%26suid%3Da4ac49ff02dd406cabff56062ba5d9ea%26inskin_yes%3Dtrue%26firstvisit%3Dtrue%26page%3Darticle%26topoverlay_request%3D1%26gs_channels%3Dgv_crime%252Cgb_spam_edu%252Cgs_tech_compute%252Cgb_spam_news-ent%252Cgs_tech_computing%252Cgs_fooddrink_non-alcoholic%252Cgs_fooddrink%252Cgb_crime_edu%252Cgs_tech_consumer%252Cgs_tech_consumer_smartphone%252Cgs_tech_phones%252Cnoi_itoe%252Cgs_tech_compute_apps%252Ccustom_mcd_exclusion%252Cgs_tech_compute_net%252Cgs_tech_compute_apps_antivir%252Cgs_food%252Cnoi_banking%252Cgs_finance%252Cgs_finance_banking%252Cgs_fooddrink_coffeetea%252Cgs_personalfin%252Cgs_personalfin_utility%252Cgs_personalfin_utility_phone%252Cgs_tech_compute_net_webdev%252Cgs_law%252Cgs_tech_compute_apps_os%252Cgs_society%252Cgs_society_misc%252Cgs_busfin_indus_media%252Cgs_busfin%252Cgs_busfin_indus%252Ccustom_sia_exclusion%252Cgs_food_drink%252Cgs_science_misc%252Cgs_tech_compute_apps_browser%252Cnoi_retail%252Cgs_shopping_misc%252Cgs_shopping%26paywall_hit%3Dno%26starticleid%3D1126591%26sttags%3Dscams%252Ccrime%252Cocbc%26sph_bs%3Dno_category%26subscriber%3DN&sc=1&cookie_enabled=1&abxe=1&dt=1684467802614&lmt=1684467747&dlt=1684467800676&idt=439&adxs=450&adys=116&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&frm=20&vis=1&psz=700x0&msz=700x0&fws=4&ohw=1600&ga_vid=1849208897.1684467802&ga_sid=1684467803&ga_hid=1629550037&ga_fc=true&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGPS965CDMUgAUgIIZA..
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e683cc12b13d657d9bf03f67c84e09643e8ef6f905fe3b737be2fcd9a8e0ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
461
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.straitstimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=314366816052922&correlator=2824916042166448&eid=31072019%2C31074723%2C21065724&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=5908%2Cst%2Clb1%2Csingapore&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90&fluid=height&ifi=2&adks=3096957225&didk=253345261&sfv=1-0-40&prev_scp=pos%3D1%26stprint%3DOff%26weight%3D1&eri=1&cust_params=permutive%3D%26puid%3D%26ptime%3D1684467801768%26prmtvvid%3Dd39c11d7-2d73-463e-9fc5-f83b6c46490a%26prmtvwid%3D5f876161-9740-4cc8-9b64-4585990b2690%26bs%3DN%26webview%3DN%26impression_split%3D15%26skinver%3D2%26suid%3Da4ac49ff02dd406cabff56062ba5d9ea%26inskin_yes%3Dtrue%26firstvisit%3Dtrue%26page%3Darticle%26topoverlay_request%3D1%26gs_channels%3Dgv_crime%252Cgb_spam_edu%252Cgs_tech_compute%252Cgb_spam_news-ent%252Cgs_tech_computing%252Cgs_fooddrink_non-alcoholic%252Cgs_fooddrink%252Cgb_crime_edu%252Cgs_tech_consumer%252Cgs_tech_consumer_smartphone%252Cgs_tech_phones%252Cnoi_itoe%252Cgs_tech_compute_apps%252Ccustom_mcd_exclusion%252Cgs_tech_compute_net%252Cgs_tech_compute_apps_antivir%252Cgs_food%252Cnoi_banking%252Cgs_finance%252Cgs_finance_banking%252Cgs_fooddrink_coffeetea%252Cgs_personalfin%252Cgs_personalfin_utility%252Cgs_personalfin_utility_phone%252Cgs_tech_compute_net_webdev%252Cgs_law%252Cgs_tech_compute_apps_os%252Cgs_society%252Cgs_society_misc%252Cgs_busfin_indus_media%252Cgs_busfin%252Cgs_busfin_indus%252Ccustom_sia_exclusion%252Cgs_food_drink%252Cgs_science_misc%252Cgs_tech_compute_apps_browser%252Cnoi_retail%252Cgs_shopping_misc%252Cgs_shopping%26paywall_hit%3Dno%26starticleid%3D1126591%26sttags%3Dscams%252Ccrime%252Cocbc%26sph_bs%3Dno_category%26subscriber%3DN&sc=1&cookie_enabled=1&abxe=1&dt=1684467802624&lmt=1684467747&dlt=1684467800676&idt=439&adxs=95&adys=68&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&frm=20&vis=1&psz=1410x0&msz=1410x0&fws=4&ohw=1600&ga_vid=1849208897.1684467802&ga_sid=1684467803&ga_hid=1629550037&ga_fc=true&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGPS965CDMUgAUgIIZA..
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b65371560c43733fcb5bb2a71614bfb047e7387f5411dc7ec3c1976b14e197c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11939
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.straitstimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2BCA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 03:43:22 GMT
expires
Sat, 18 May 2024 03:43:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/994576315/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/994576315/?random=1684467802290&cv=11&fst=1684465200000&bg=ffffff&guid=ON&async=1&gtm=45He35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&frm=0&tiba=Woman%20who%20scanned%20QR%20code%20with%20malware%20lost%20%2420k%20to%20bubble%20tea%20survey%20scam%20while%20she%20was%20sleeping%20%7C%20The%20Straits%20Times&fmt=3&is_vtc=1&random=2521565039&rmt_tld=0&ipr=y
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:22 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/994576315/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/994576315/?random=1684467802290&cv=11&fst=1684465200000&bg=ffffff&guid=ON&async=1&gtm=45He35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&frm=0&tiba=Woman%20who%20scanned%20QR%20code%20with%20malware%20lost%20%2420k%20to%20bubble%20tea%20survey%20scam%20while%20she%20was%20sleeping%20%7C%20The%20Straits%20Times&fmt=3&is_vtc=1&random=2521565039&rmt_tld=1&ipr=y
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:22 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
10191792.json
s.yimg.com/wi/config/ 		2 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10191792.json
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:14:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
P577X6PXZPPNVS7X
age
1719
content-length
2
x-amz-id-2
YXqN/vvSBAzwsOJWJG9ika2QU/z8V+D1dGrM1grsFptiJM72LTO7HzXEale0II894ixGriTrw6g=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
get
mv.outbrain.com/Multivac/api/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&idx=0&rand=17021&widgetJSId=AR_6&va=true&et=true&format=html&px=191&py=5678&vpd=4478&cw=1225&settings=true&recs=true&key=NANOWDGT01&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010307&sig=eP0p0eX9&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dad6e54abb88acf845729b6527bebc5141f14891b4c34c96507ddd314baaba4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1684467803.695460,VS0,VE103
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21942-LGA, cache-fra-etou8220088-FRA
x-traceid
bb9bd7cf639e17f897a73d7eb9dbc392
accept-ranges
bytes
content-length
2869
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
fc-id.sensic.net/ 		56 B
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fc-id.sensic.net/
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.115.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-115-184.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
be09178102a8d4a6a61ffad3e47beb74ebcea16902c8b753f5cd15aade212291

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 03:43:22 GMT
cache-control
private, max-age=63072000
server
awselb/2.0
content-length
56
content-type
application/octet-stream
3863165310419999
connect.facebook.net/signals/config/ 		376 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/3863165310419999?v=2.9.104&r=stable
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
010b53f7b538cbef07714dcb22bc9d39885f256afe2aabf9d052ea176993f018
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 19 May 2023 03:43:22 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
109851
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
pycLgeE7EnDMWg43vR04dvQjxDLc9eglE/c+eq5nISw9AOh5KNDoXfYTYn2wkJ3knKMKdZWAY4I0Yi7DVUeBTA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=482635362449466&ev=PageView&dl=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&rl=&if=false&ts=1684467802672&cd[ST_VisitCat]=Anonymous&cd[ST_ConCat]=free&cd[ST_ConType]=article&cd[ST_Lvl2]=News&cd[ST_Chapter1]=Singapore&cd[ST_Chapter2]=&cd[ST_Chapter3]=&cd[ST_ArtID]=1126591&cd[ST_CDKW]=Scams%2CCrime%2COCBC&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1684467802671.572614388&it=1684467802525&coo=false&eid=1684468657741_16844682730818&tm=1&rqm=GET
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 19 May 2023 03:43:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
segment
api.permutive.com/adv/v2/ 		14 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=ab403253-b305-47fa-a31b-3efb2473166f
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 03:43:22 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
97024697
www.clarity.ms/tag/uet/ 		1017 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/97024697
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a9d006e53659f8ac11b179372ebf534151d5869944ac364707875d9cd996c964

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
application/x-javascript
date
Fri, 19 May 2023 03:43:21 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0WvBmZAAAAACGwtTeWd4JQobc01UEL4s1RlJBMzFFREdFMDkxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
sp.pl
sp.analytics.yahoo.com/ 		43 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2019%20May%202023%2003%3A43%3A22%20GMT&n=0&b=Woman%20who%20scanned%20QR%20code%20with%20malware%20lost%20%2420k%20to%20bubble%20tea%20survey%20scam%20while%20she%20was%20sleeping%20%7C%20The%20Straits%20Times&.yp=10191792&f=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&enc=UTF-8&yv=1.14.0&tagmgr=gtm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Fri, 19 May 2023 03:43:22 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3863165310419999&ev=PageView&dl=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&rl=&if=false&ts=1684467802717&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1684467802671.572614388&cs_est=true&it=1684467802525&coo=false&eid=1684468657741_16844682730818&tm=1&rqm=GET
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 19 May 2023 03:43:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=482635362449466&ev=ViewContent&dl=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&rl=&if=false&ts=1684467802718&cd[ST_VisitCat]=Anonymous&cd[ST_ConCat]=free&cd[ST_ConType]=article&cd[ST_Lvl2]=News&cd[ST_Chapter1]=Singapore&cd[ST_Chapter2]=&cd[ST_Chapter3]=&cd[ST_ArtID]=1126591&cd[ST_CDKW]=Scams%2CCrime%2COCBC&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1684467802671.572614388&it=1684467802525&coo=false&eid=fb-1684468657741_16844682730818&tm=1&rqm=GET
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 19 May 2023 03:43:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3863165310419999&ev=ViewContent&dl=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&rl=&if=false&ts=1684467802720&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1684467802671.572614388&it=1684467802525&coo=false&eid=fb-1684468657741_16844682730818&tm=1&rqm=GET
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 19 May 2023 03:43:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=e40674ea98651a99c6c028591814dd29_5314_1684467802750&tm=260&eT=6&wRV=2010307&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 19 May 2023 03:43:23 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
33c9f00be94d4e8332a4b93c70eafd48
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
skyLander.js
widgets.outbrain.com/nanoWidget/2010307/module/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2010307/module/skyLander.js?e=1
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
558be362efdb18c56469da6e6a698af5c87d85ba12bfe659e1dd04cfd25d9d2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
content-length
1221
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"2542fc5d566bce1b75315257ad502c76:1684334605.482735"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 26 May 2023 03:43:22 GMT
get
mv.outbrain.com/Multivac/api/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&idx=1&rand=94010&widgetJSId=AR_4&va=true&et=true&format=html&t=ODJhNWVjMTk1ZjA5ODY1ZDZjM2Y5NWJiMDY5YTUzNDA=&px=191&py=5678&vpd=4478&cw=1225&settings=true&recs=true&key=NANOWDGT01&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010307&sig=eP0p0eX9&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1799233cf6f93c43add84e5e88214de28ed99ced16b99808501cc8b8df86657c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1684467803.814407,VS0,VE234
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21943-LGA, cache-fra-etou8220088-FRA
x-traceid
0c01d35fe882923f050dadf2f4bc8bb2
accept-ranges
bytes
content-length
22955
expires
Thu, 01 Jan 1970 00:00:00 GMT
preview.html
cdp.sph.com.sg/creatives/311/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdp.sph.com.sg/creatives/311/preview.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-116.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-api-key
Access-Control-Request-Method
GET
Origin
https://www.straitstimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin, content-type, x-api-key
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
max-age=60
content-length
0
date
Fri, 19 May 2023 03:43:24 GMT
server
AmazonS3
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-amz-cf-id
kBbkP4tLGtcUyaCF8fwdS5M1PhKVO_8-XWlHpDycpjM2fHAHZG0Fqw==
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
record
streams.cablecar.sph.com.sg/streams/cablecar-prd-eas-campaign/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://streams.cablecar.sph.com.sg/streams/cablecar-prd-eas-campaign/record
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.221.242 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-221-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
PUT
Origin
https://www.straitstimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key
access-control-allow-methods
OPTIONS,HEAD,GET,POST,PUT,PATCH,DELETE
access-control-allow-origin
*
access-control-max-age
7200
content-length
0
content-type
application/json
date
Fri, 19 May 2023 03:43:22 GMT
x-amz-apigw-id
FJp-QFsTSQ0Ff0A=
x-amzn-requestid
b4169ff1-6ad3-487c-b405-b6f97274389a
preview.html
cdp.sph.com.sg/creatives/311/ 		17 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdp.sph.com.sg/creatives/311/preview.html
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-116.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b00b23eca5aad09eabe59388bb88adea48a637a6a6f23a57a879a7bc8700cab

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
x-api-key
c9875acb-576c-44bb-9484-aafb59ace74c
Content-Type
application/json

Response headers

date
Thu, 18 May 2023 19:16:54 GMT
content-encoding
gzip
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
30415
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 25 Apr 2023 08:13:33 GMT
server
AmazonS3
etag
W/"d5242b3091669f303c311d30b1ceecf8"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-id
5-rAfeDXD8eJ_qYP4YfmL1eEBqK6anbSTElfq1E4c0w8HBVwCPs1bQ==
record
streams.cablecar.sph.com.sg/streams/cablecar-prd-eas-campaign/ 		133 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://streams.cablecar.sph.com.sg/streams/cablecar-prd-eas-campaign/record
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.221.242 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-221-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
a25d00b46e872006af98081d9df23c014f8b56c77751c717434656a3201e4fd0

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
x-api-key
mFMvosA2jy4WPCSGv2VbE3Uo2r2NZH5r5OOQtwki
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 03:43:23 GMT
x-amzn-trace-id
Root=1-6466f05b-6ef73b882fd0f92b60e8c679
x-amzn-requestid
29842b89-c9da-454a-ad07-a3eca88908cd
content-length
133
x-amz-apigw-id
FJp-SETYSQ0Fr3w=
content-type
application/json
preview.html
cdp.sph.com.sg/creatives/390/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdp.sph.com.sg/creatives/390/preview.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-116.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-api-key
Access-Control-Request-Method
GET
Origin
https://www.straitstimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin, content-type, x-api-key
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
max-age=60
content-length
0
date
Fri, 19 May 2023 03:43:24 GMT
server
AmazonS3
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-amz-cf-id
k4aXyRAsNxfZLJVF5_Uvos-H2XqHbTi2U9IWSxDZ85qLWtLdjrXSpw==
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
record
streams.cablecar.sph.com.sg/streams/cablecar-prd-eas-campaign/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://streams.cablecar.sph.com.sg/streams/cablecar-prd-eas-campaign/record
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.221.242 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-221-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
PUT
Origin
https://www.straitstimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key
access-control-allow-methods
OPTIONS,HEAD,GET,POST,PUT,PATCH,DELETE
access-control-allow-origin
*
access-control-max-age
7200
content-length
0
content-type
application/json
date
Fri, 19 May 2023 03:43:22 GMT
x-amz-apigw-id
FJp-QHsFyQ0Fevw=
x-amzn-requestid
8f90a9f4-dca2-4789-b078-64780856d5a0
preview.html
cdp.sph.com.sg/creatives/390/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdp.sph.com.sg/creatives/390/preview.html
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-116.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a12108fd552e85ce752da1238b1a3306b963abb47147d7109779cfd2711f8090

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
x-api-key
c9875acb-576c-44bb-9484-aafb59ace74c
Content-Type
application/json

Response headers

date
Thu, 18 May 2023 05:49:18 GMT
content-encoding
gzip
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
79985
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 24 Apr 2023 01:53:44 GMT
server
AmazonS3
etag
W/"d3314503a09ee0c360895865afce76b2"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-id
eAetgZlyOiPpv0GTi7kqmbt0spB8CK0zsNpWnLT41ft_2rvmrWN7pw==
record
streams.cablecar.sph.com.sg/streams/cablecar-prd-eas-campaign/ 		133 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://streams.cablecar.sph.com.sg/streams/cablecar-prd-eas-campaign/record
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.221.242 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-221-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
fe596f02df4d439b669462e19c03060e675c1ba95f4152faf5088b63e63aadd2

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
x-api-key
mFMvosA2jy4WPCSGv2VbE3Uo2r2NZH5r5OOQtwki
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 03:43:23 GMT
x-amzn-trace-id
Root=1-6466f05b-4b3e57897cdc277e686e7ce5
x-amzn-requestid
46c921a2-980c-4cc7-bd91-6a390bd16fd1
content-length
133
x-amz-apigw-id
FJp-SHuNSQ0FZcA=
content-type
application/json
clarity.js
www.clarity.ms/s/0.7.8/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.8/clarity.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:21 GMT
content-encoding
br
last-modified
Wed, 17 May 2023 12:35:47 GMT
x-azure-ref-originshield
0K55mZAAAAACYQChILnaST6ytT9C36YO2RlJBMjMxMDUwNDE4MDUzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"0x8DB56D33D664056"
x-azure-ref
0WvBmZAAAAADm7Ij0FPk5TqsYwIcUIjMgRlJBMzFFREdFMDkxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
fcff8a57-c01e-0049-25a6-896c30000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
container.html
308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DF3C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 03:43:22 GMT
expires
Sat, 18 May 2024 03:43:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
tagweb.straitstimes.com/g/ 		65 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tagweb.straitstimes.com/g/collect?v=2&tid=G-MQEMTJBF6J&gtm=45je35h0&_p=1629550037&cid=1849208897.1684467802&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.gcsub=region1&uid=&sid=1684467802&sct=1&seg=0&dl=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&dt=Woman%20who%20scanned%20QR%20code%20with%20malware%20lost%20%2420k%20to%20bubble%20tea%20survey%20scam%20while%20she%20was%20sleeping%20%7C%20The%20Straits%20Times&_s=2&richsstsse
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.219.231 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (sgb/C79B) /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
via
1.1 google
server
ECD (sgb/C79B)
x-vmg-version
v10.5.33
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.straitstimes.com
cache-control
no-cache
access-control-allow-credentials
true
adview
securepubads.g.doubleclick.net/pagead/ Frame DF3C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cge80WvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNUCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLEe6TeMmMpmx92mD4-VMbBE_7gxbhrhnfiiLWkuUo8zu9WnVs29rgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzAyNDU1MTY2ODExNDAyMRiuiBA&sigh=JTmfe8djxhM&uach_m=[UACH]&cid=CAQSOwBygQiDjM02glOKJAsZkEoOvjGXE6ydL6wKn8UinKob0IAxgCJNQs_HJpnq9RDx7vfyAji_idQ2e2T3GAE
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame DF3C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k8LwCuv_CsoH-gGdg2ICAgAAAJfYnHapFZ3YMrTnMQk5jtsQWvBmZClg7VH-Jhq8vHsAABIAAAoKQVFVQkFRRUJBUQ&wp=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
186208
server
Kestrel
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame AF1A 		137 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q&u=%7Cj3e0nSif39JBK%2BwbNWYHU162yFS%2F5oFypXP%2BPN8A0pA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1m8Dl5fsIQlTl93wzoIAXJHDIf_jrY6uunqMqJdZY7W4skEbYyi2ntA6iUE72UlgUsbDsZiJ3dXwSu5QVzQW4vmMnbZY19AaBAufdM3eJyPgOQoIqjWSRNxVvLRqCbJGjxryNfNhhLFXEBsCkqTb3bLqeEx0CRaedTTbZFn00IGq3DEEaoF0UJiKEO5kjaKNvEOS3neAPcBJVon9vMA6x_F_eV5nhb7Px966H_aIxuIFcXBMHPs5CtKN9EU9a9y1xjb2Vs1gQUpcn--EjHWFgAK_OTpxhQ_gsQokSDXgh8ZRJO0L0SznD2mjyFO39qs5snoCAeRN8bBnkKTemldVimMhuM8dWbvfbOxFYtCsxf84CuZJQ6uMK5u2QSUFRChvsS7WuI0Khw0G1cIP5ownukiYZ_6mkkzFyLRAv6mvtwh60m0bmQtHavJ63q9NrteWhG-rTm0aOrcxc_ssl67AprKGZIO2n1TFvemfP_VU2jG-GRQpMDbyK9I_k25QC_DJkYFs97orso_4iS4XRrtrzaTyb0wdZW4DQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP6GfWvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNgCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLU-yy6k4DOn_CRnRbKW69_EbviaDrgAFdPurrNBeX7Rel39_oyGXkOxDgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ewIXyjLsbTH8MhAjeaWgWpnj6HQ%26client%3Dca-pub-7024551668114021%26adurl%3D
Requested by
Host: 308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com
URL: https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
eb50b24effed4f45a917beb65822fdc3a52f03b97e83faf18f7d7c308f6d5d9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 03:43:22 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=gs5l08OhFMgAizHu5V5vPM1me-FCwMa89wlcJSyq08RwaJnJBqWZrAKOmO9Aqu2hFLIhB4dx23t88sahKDBJb2rn24ZOw2ip5Zf-ZqiKCg6EX-dNdpNgqCar2AnKLcp_nURgtAfbODNQeAazd-SADDoYKVhbCGxBqp_OPMFEXQ7fZb5-xO6sgzfAzPstmLgSNneEvAh23HRuGQx5UXP1D0oyfeCEJD4aUM6pguqu3ZzYXuExB85bH--1AvQNWCEzMsezmw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
59157937
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame DF3C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/window_focus_fy2021.js
Requested by
Host: 308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com
URL: https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 16:44:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
39529
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Jun 2023 16:44:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame DF3C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com
URL: https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 16:44:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
39558
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Jun 2023 16:44:05 GMT
l
www.google.com/ads/measurement/ Frame DF3C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrXUgfI14LFUsWeZPjcD8xHvGO__44zHc2LkCzAYK1szZbLXbMEpDcmSwNGPAl33hw7buq
Requested by
Host: 308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com
URL: https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DF3C 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com
URL: https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 13 May 2023 09:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
498194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 12 May 2024 09:20:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DF3C 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com
URL: https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 May 2023 03:43:22 GMT
/
highway.cablecar.sph.com.sg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://highway.cablecar.sph.com.sg/?api-key=xAKXBzNmErQO6OVuChS4K2CHT2ppmyL0u6ugVI3Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.136.47 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-136-47.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.straitstimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
0
apigw-requestid
FJp-WjeTyQ0EPQA=
date
Fri, 19 May 2023 03:43:23 GMT
/
highway.cablecar.sph.com.sg/ 		345 B
465 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://highway.cablecar.sph.com.sg/?api-key=xAKXBzNmErQO6OVuChS4K2CHT2ppmyL0u6ugVI3Q
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.136.47 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-136-47.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
1512463f897701d87d766364949a223110d89965798bbce1e42e816a2dba3b47

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 03:43:23 GMT
content-length
345
apigw-requestid
FJp-YiL4SQ0EPng=
content-type
application/json
collect
e.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.straitstimes.com
Date
Fri, 19 May 2023 03:43:23 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
jquery-2.1.4.min.js
code.jquery.com/ Frame E210 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.1.4.min.js
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14979"
vary
Accept-Encoding
x-hw
1684467803.dop134.am5.t,1684467803.cds293.am5.hn,1684467803.cds310.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29519
jquery-ui.min.js
code.jquery.com/ui/1.11.4/ Frame E210 		235 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.4/jquery-ui.min.js
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-3ab2b"
vary
Accept-Encoding
x-hw
1684467803.dop134.am5.t,1684467803.cds293.am5.hn,1684467803.cds317.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
64296
bootstrap_3.3.7.min.js
static.mysph.sph.com.sg/mysph/js/ Frame E210 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/js/bootstrap_3.3.7.min.js
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:05 GMT
x-amz-version-id
D.9bqT02miovzpOdYfPDJ6821ndpJlzv
content-encoding
gzip
last-modified
Thu, 18 May 2023 13:49:58 GMT
server
AmazonS3
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"5869c96cc8f19086aee625d670d741f9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800,public
age
49999
x-amz-cf-id
ycpUYo_CF_j0gXDGgEhclecKi-F09v4Hko4uGUaJXTRg2Bh20OWogA==
bootstrap_3.3.7.min.css
static.mysph.sph.com.sg/mysph/css/ Frame E210 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/css/bootstrap_3.3.7.min.css
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:05 GMT
x-amz-version-id
0gU_vnh7XBwoXNPq.5fbyIuFFQD1U5JY
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 05:23:44 GMT
server
AmazonS3
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"ec3bb52a00e176a7181d454dffaea219"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800,public
age
49999
x-amz-cf-id
B1sJ4ioPPU8T2adTIPhYq53_FYWYUi8GVQ8CV09j5ouHVVisv6CcCg==
css2
fonts.googleapis.com/ Frame E210 		5 KB
857 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400&family=Source+Sans+Pro
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6edd1305e3bac47dd228c138f40f08592b59456e87a3eb807f1d32411f5a3c63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 May 2023 03:36:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 May 2023 03:43:23 GMT
sanitize-url.min.js
static.mysph.sph.com.sg/mysph/js/ Frame E210 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/js/sanitize-url.min.js
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d0cfea83d1380b73b5dd7fe9f798c27ddc2d86ed9c3c92aab786b8c9d0eefdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:05 GMT
x-amz-version-id
cw0o5givkrGNR6ii8OCpnNICVFx5gGlK
content-encoding
gzip
last-modified
Thu, 18 May 2023 13:49:58 GMT
server
AmazonS3
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"033de0fedbf34a851138a6d287f5d8e7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800,public
age
49999
x-amz-cf-id
c-pJBXVtHKRw-QCFWhXOEsy5ESh1jHuqzdo4i_t740G3OnEitrGRwA==
signin-icon.svg
static.mysph.sph.com.sg/mysph/standalone/images/ Frame E210 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mysph.sph.com.sg/mysph/standalone/images/signin-icon.svg
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f877667492742685fcd6308b52ac5d24d784385f05947e4c25cc04b12ac3b649

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:04 GMT
x-amz-version-id
wDialFnCMg8rXuvZBsCLenUajYpEu6aY
content-encoding
gzip
last-modified
Thu, 18 May 2023 13:50:01 GMT
server
AmazonS3
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"51a5f6d5c6de29633415d69009a81469"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400,public
age
50000
x-amz-cf-id
dxEFxzH99QYWMWSKp8BpcjRqalu8IsxfcHNdhufj-qIM063uOpPsbA==
secured.svg
static.mysph.sph.com.sg/mysph/standalone/images/ Frame E210 		946 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mysph.sph.com.sg/mysph/standalone/images/secured.svg
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4814499c0a1669451297c93c6340da87dfb284aad67a38d8ace7e20536b172ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:04 GMT
x-amz-version-id
yKESvgzrcKxRLAx4BUdjb.Sv2pUqR2MU
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Thu, 18 May 2023 13:50:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
50000
etag
"03f44c957fd805c120d4d6b4cb351454"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400,public
accept-ranges
bytes
content-length
946
x-amz-cf-id
42uNAbvZ_ML6ssqWe11XO2onAIuBB7V-xj0LfSXd1rUzPGtuKOa3EQ==
union.svg
static.mysph.sph.com.sg/mysph/standalone/images/ Frame E210 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mysph.sph.com.sg/mysph/standalone/images/union.svg
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b76bfda032399c16e9c0ff8109454981539e83d70b48a1c1fe58e8e4d03c8df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:04 GMT
x-amz-version-id
RyFA3PoZM6Uu89_QU_K6dIQIe5MzaVTo
content-encoding
gzip
last-modified
Thu, 18 May 2023 13:50:01 GMT
server
AmazonS3
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"9682be24d3a3fb31278628fc8b3ad4fb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400,public
age
50000
x-amz-cf-id
K3_mw_CAMsoyrRj1BLZGNaduyunEhcXfDZ2SzB9-orPjZudcvzK35Q==
photonico.svg
static.mysph.sph.com.sg/mysph/standalone/images/ Frame E210 		51 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mysph.sph.com.sg/mysph/standalone/images/photonico.svg
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19bc8d0d045b7cd7c17ea5c5419a01f6fc82c075cfd69ef3592938d3587b0236

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:04 GMT
x-amz-version-id
aIys6rNgJgPVkVJZQbtDv4vCxyUmCMrc
content-encoding
gzip
last-modified
Thu, 18 May 2023 13:50:01 GMT
server
AmazonS3
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"71b62a7b904b1dca2fab551d1c9421a9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400,public
age
50000
x-amz-cf-id
nGHnt6XJ5vKZUaal6koWpWWM24LjFugYTz_ftnntsRnpjn_xKeyu9A==
mySPHIdentityLightbox.js
static.mysph.sph.com.sg/mysph/js/ Frame E210 		1 MB
304 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/js/mySPHIdentityLightbox.js
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09c1fbd26a103bcde83f7a2d50005610cd877ab42f0b38238cf935fa11082564

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:04 GMT
content-encoding
gzip
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-version-id
IYVNeS3CnKqMzuwY9WTkDXSnOR_Qlfrl
x-amz-cf-pop
FRA53-C1
age
50000
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
310092
last-modified
Thu, 18 May 2023 13:49:59 GMT
server
AmazonS3
etag
"eba67cd1b2801900af760e6f1952dab2"
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400,public
accept-ranges
bytes
x-amz-cf-id
QNJEZxzzA2Wc2CbdXNBIAhR4iW_rJ0GCek7ugYwthWHnpjUg-bY6qw==
id
sg2-s2s.sensic.net/ 		0
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sg2-s2s.sensic.net/id
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.157.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-157-165.eu-central-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 03:43:23 GMT
server
nginx/1.22.0
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Sun, 18 Jun 2023 03:43:23 GMT
date
Fri, 19 May 2023 03:43:23 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1673369415.187551"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
access-control-request-headers
X-OB-STG,X-OB-PRD
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Sun, 18 Jun 2023 03:43:23 GMT
date
Fri, 19 May 2023 03:43:23 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
e47e45d91bdcaf94cc08dfe3053cfa404d.png
zem.outbrainimg.com/p/srv/sha/06/a9/e5/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/06/a9/e5/e47e45d91bdcaf94cc08dfe3053cfa404d.png?w=645&h=430&fit=crop&crop=center&q=45&fm=jpg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
86af9cce24e84b8f68cb81e4590a47e5622a219c37279bb11ff63184e18e8621
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
689379
x-cache
MISS, MISS, HIT
x-imgix-id
a6fda5408e12d2edea03d09b1499911353b73e34
cross-origin-resource-policy
cross-origin
content-length
40207
x-served-by
cache-sjc10034-SJC, cache-fra-eddf8230106-FRA, cache-fra-etou8220020-FRA
x-imgix-render-farm
01.8776
last-modified
Thu, 11 May 2023 04:13:43 GMT
server
imgix
x-timer
S1684467803.092799,VS0,VE1
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Imgix-Bg-Remove-Failure-Reason
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
disclosure.png
widgets.outbrain.com/external/vendors/ 		476 B
816 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/external/vendors/disclosure.png
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
53ab1520402c2ade95cfbd4232430e936485c3f0deb70fda33c64d760d98a9a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Sun, 18 Jun 2023 03:43:23 GMT
date
Fri, 19 May 2023 03:43:23 GMT
last-modified
Tue, 02 May 2023 12:30:00 GMT
server
AkamaiNetStorage
etag
"4d39e26ad7c27bebbc022d353bf4bbb6:1683030825.468721"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
476
access-control-request-headers
X-OB-STG,X-OB-PRD
386c276807b091b94183ee8058939fb36d.png
zem.outbrainimg.com/p/srv/sha/cf/a1/0b/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/cf/a1/0b/386c276807b091b94183ee8058939fb36d.png?w=645&h=430&fit=crop&crop=faces&q=45&fm=jpg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
2d836b48dc4468c61264e5937be0c1f6bc6916e3bba1e5d21fda5172a534f273
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
38585
x-cache
MISS, MISS, HIT
x-imgix-id
ad26389d6365407b463572cf017cd218b4c226f9
cross-origin-resource-policy
cross-origin
content-length
37215
x-served-by
cache-sjc1000125-SJC, cache-fra-etou8220084-FRA, cache-fra-etou8220020-FRA
x-imgix-render-farm
01.16968
last-modified
Thu, 18 May 2023 17:00:17 GMT
server
imgix
x-timer
S1684467803.092903,VS0,VE1
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Imgix-Bg-Remove-Failure-Reason
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
268f0c4eb0811def259a5f24a70ef21c81.png
zem.outbrainimg.com/p/srv/sha/6b/76/f1/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/6b/76/f1/268f0c4eb0811def259a5f24a70ef21c81.png?w=645&h=430&fit=crop&crop=faces&q=45&fm=jpg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
c93ba303e30e12617659360ef2a845c6555eb63869437a7e8abd5b4da66cc2fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
0
x-cache
MISS, MISS, MISS
x-imgix-id
aa3192298ddd72c4e360f8ca63c841f3c9944a57
cross-origin-resource-policy
cross-origin
content-length
27746
x-served-by
cache-sjc10044-SJC, cache-fra-etou8220058-FRA, cache-fra-etou8220020-FRA
x-imgix-render-farm
01.17480
last-modified
Fri, 19 May 2023 03:43:23 GMT
server
imgix
x-timer
S1684467803.092917,VS0,VE299
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Imgix-Bg-Remove-Failure-Reason
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=04497ea8ec75f92914382faa44b688e9_5314_1684467802986&tm=520&eT=0&widgetWidth=1200&widgetHeight=457&widgetX=204&widgetY=5929&wRV=2010307&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=248&oo=true&lo=1887&obreq=1867&mvreq=2357&mvres=2605&cet=4g&to=1684467800454.9&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 19 May 2023 03:43:23 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
e34455cf69363dc3abb479bb4f5bd642
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 4488 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame FBBF 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame CCB1 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 2AA0 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 3926 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 2386 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 545B 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 402A 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame CC63 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
get
mv.outbrain.com/Multivac/api/ 		138 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&widgetJSId=AR_4&version=2010307&apv=true&sig=eP0p0eX9&format=html&rand=93833&osLang=en-US&seid=null&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ODJhNWVjMTk1ZjA5ODY1ZDZjM2Y5NWJiMDY5YTUzNDA=&winW=1600&winH=1200&secured=true&feedIdx=1&lastIdx=1&lastCardIdx=0&fAB=no_abtest&dpr=1&cw=1200&ogn=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&rw=CR_1&settings=true&recs=true&key=NANOWDGT01&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&chs=1
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1d21c450cb3b0efa2abcbe6f5c7842072b1928dd316b7579d2aae29bf8ba6ce1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1684467803.119563,VS0,VE524
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21964-LGA, cache-fra-etou8220088-FRA
x-traceid
d9d47ff3f0eb6bd4c670e1161cc927be
accept-ranges
bytes
content-length
44469
expires
Thu, 01 Jan 1970 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame AF1A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q&u=%7Cj3e0nSif39JBK%2BwbNWYHU162yFS%2F5oFypXP%2BPN8A0pA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1m8Dl5fsIQlTl93wzoIAXJHDIf_jrY6uunqMqJdZY7W4skEbYyi2ntA6iUE72UlgUsbDsZiJ3dXwSu5QVzQW4vmMnbZY19AaBAufdM3eJyPgOQoIqjWSRNxVvLRqCbJGjxryNfNhhLFXEBsCkqTb3bLqeEx0CRaedTTbZFn00IGq3DEEaoF0UJiKEO5kjaKNvEOS3neAPcBJVon9vMA6x_F_eV5nhb7Px966H_aIxuIFcXBMHPs5CtKN9EU9a9y1xjb2Vs1gQUpcn--EjHWFgAK_OTpxhQ_gsQokSDXgh8ZRJO0L0SznD2mjyFO39qs5snoCAeRN8bBnkKTemldVimMhuM8dWbvfbOxFYtCsxf84CuZJQ6uMK5u2QSUFRChvsS7WuI0Khw0G1cIP5ownukiYZ_6mkkzFyLRAv6mvtwh60m0bmQtHavJ63q9NrteWhG-rTm0aOrcxc_ssl67AprKGZIO2n1TFvemfP_VU2jG-GRQpMDbyK9I_k25QC_DJkYFs97orso_4iS4XRrtrzaTyb0wdZW4DQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP6GfWvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNgCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLU-yy6k4DOn_CRnRbKW69_EbviaDrgAFdPurrNBeX7Rel39_oyGXkOxDgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ewIXyjLsbTH8MhAjeaWgWpnj6HQ%26client%3Dca-pub-7024551668114021%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 May 2024 03:43:23 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame AF1A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q&u=%7Cj3e0nSif39JBK%2BwbNWYHU162yFS%2F5oFypXP%2BPN8A0pA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1m8Dl5fsIQlTl93wzoIAXJHDIf_jrY6uunqMqJdZY7W4skEbYyi2ntA6iUE72UlgUsbDsZiJ3dXwSu5QVzQW4vmMnbZY19AaBAufdM3eJyPgOQoIqjWSRNxVvLRqCbJGjxryNfNhhLFXEBsCkqTb3bLqeEx0CRaedTTbZFn00IGq3DEEaoF0UJiKEO5kjaKNvEOS3neAPcBJVon9vMA6x_F_eV5nhb7Px966H_aIxuIFcXBMHPs5CtKN9EU9a9y1xjb2Vs1gQUpcn--EjHWFgAK_OTpxhQ_gsQokSDXgh8ZRJO0L0SznD2mjyFO39qs5snoCAeRN8bBnkKTemldVimMhuM8dWbvfbOxFYtCsxf84CuZJQ6uMK5u2QSUFRChvsS7WuI0Khw0G1cIP5ownukiYZ_6mkkzFyLRAv6mvtwh60m0bmQtHavJ63q9NrteWhG-rTm0aOrcxc_ssl67AprKGZIO2n1TFvemfP_VU2jG-GRQpMDbyK9I_k25QC_DJkYFs97orso_4iS4XRrtrzaTyb0wdZW4DQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP6GfWvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNgCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLU-yy6k4DOn_CRnRbKW69_EbviaDrgAFdPurrNBeX7Rel39_oyGXkOxDgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ewIXyjLsbTH8MhAjeaWgWpnj6HQ%26client%3Dca-pub-7024551668114021%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 May 2024 03:43:23 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame AF1A 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q&u=%7Cj3e0nSif39JBK%2BwbNWYHU162yFS%2F5oFypXP%2BPN8A0pA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1m8Dl5fsIQlTl93wzoIAXJHDIf_jrY6uunqMqJdZY7W4skEbYyi2ntA6iUE72UlgUsbDsZiJ3dXwSu5QVzQW4vmMnbZY19AaBAufdM3eJyPgOQoIqjWSRNxVvLRqCbJGjxryNfNhhLFXEBsCkqTb3bLqeEx0CRaedTTbZFn00IGq3DEEaoF0UJiKEO5kjaKNvEOS3neAPcBJVon9vMA6x_F_eV5nhb7Px966H_aIxuIFcXBMHPs5CtKN9EU9a9y1xjb2Vs1gQUpcn--EjHWFgAK_OTpxhQ_gsQokSDXgh8ZRJO0L0SznD2mjyFO39qs5snoCAeRN8bBnkKTemldVimMhuM8dWbvfbOxFYtCsxf84CuZJQ6uMK5u2QSUFRChvsS7WuI0Khw0G1cIP5ownukiYZ_6mkkzFyLRAv6mvtwh60m0bmQtHavJ63q9NrteWhG-rTm0aOrcxc_ssl67AprKGZIO2n1TFvemfP_VU2jG-GRQpMDbyK9I_k25QC_DJkYFs97orso_4iS4XRrtrzaTyb0wdZW4DQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP6GfWvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNgCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLU-yy6k4DOn_CRnRbKW69_EbviaDrgAFdPurrNBeX7Rel39_oyGXkOxDgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ewIXyjLsbTH8MhAjeaWgWpnj6HQ%26client%3Dca-pub-7024551668114021%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 13 May 2024 03:43:23 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame AF1A 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q&u=%7Cj3e0nSif39JBK%2BwbNWYHU162yFS%2F5oFypXP%2BPN8A0pA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1m8Dl5fsIQlTl93wzoIAXJHDIf_jrY6uunqMqJdZY7W4skEbYyi2ntA6iUE72UlgUsbDsZiJ3dXwSu5QVzQW4vmMnbZY19AaBAufdM3eJyPgOQoIqjWSRNxVvLRqCbJGjxryNfNhhLFXEBsCkqTb3bLqeEx0CRaedTTbZFn00IGq3DEEaoF0UJiKEO5kjaKNvEOS3neAPcBJVon9vMA6x_F_eV5nhb7Px966H_aIxuIFcXBMHPs5CtKN9EU9a9y1xjb2Vs1gQUpcn--EjHWFgAK_OTpxhQ_gsQokSDXgh8ZRJO0L0SznD2mjyFO39qs5snoCAeRN8bBnkKTemldVimMhuM8dWbvfbOxFYtCsxf84CuZJQ6uMK5u2QSUFRChvsS7WuI0Khw0G1cIP5ownukiYZ_6mkkzFyLRAv6mvtwh60m0bmQtHavJ63q9NrteWhG-rTm0aOrcxc_ssl67AprKGZIO2n1TFvemfP_VU2jG-GRQpMDbyK9I_k25QC_DJkYFs97orso_4iS4XRrtrzaTyb0wdZW4DQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP6GfWvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNgCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLU-yy6k4DOn_CRnRbKW69_EbviaDrgAFdPurrNBeX7Rel39_oyGXkOxDgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ewIXyjLsbTH8MhAjeaWgWpnj6HQ%26client%3Dca-pub-7024551668114021%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 13 May 2024 03:43:23 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame AF1A 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=FQShxnqv4PHeWXrNdYcIRN13S-ENI5LY4Sm-EvSkJ3siizrVBDvImXFtrUwR8_ne37JUZNVdmyG3AS3ORNRqANcFhZooibr-U0NeRt_raSrk6k40YyOIV_zUPotS-eJPHC5ielp15oTPxFaZFoH2ecur5a-7kU6Da5xIBuuRu7pnKKwwsIbDSfkvqGY-N07kKWbM-0qRPHZSAvNfrn0343k-W1aMt-2aW8kcCz-6Ohp-_T1j8qzhzXT0LaEfb8R_1TDEig7XTT3f-MOV3zWnhtXKP483DW_Y8BJJfTpvzIpH1mrIsCpgk1l8BGMw814UwSFRVgZc_mWuaYYCqYQ4_wyMf92dUM4q4RtNWBdwNwU4vi7_oPTcwuMs4DbvjLBt7Pola5ADBJTNJRdWNv5kFdRtzu47P1FnQv3IXXjgztICuqRV
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q&u=%7Cj3e0nSif39JBK%2BwbNWYHU162yFS%2F5oFypXP%2BPN8A0pA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1m8Dl5fsIQlTl93wzoIAXJHDIf_jrY6uunqMqJdZY7W4skEbYyi2ntA6iUE72UlgUsbDsZiJ3dXwSu5QVzQW4vmMnbZY19AaBAufdM3eJyPgOQoIqjWSRNxVvLRqCbJGjxryNfNhhLFXEBsCkqTb3bLqeEx0CRaedTTbZFn00IGq3DEEaoF0UJiKEO5kjaKNvEOS3neAPcBJVon9vMA6x_F_eV5nhb7Px966H_aIxuIFcXBMHPs5CtKN9EU9a9y1xjb2Vs1gQUpcn--EjHWFgAK_OTpxhQ_gsQokSDXgh8ZRJO0L0SznD2mjyFO39qs5snoCAeRN8bBnkKTemldVimMhuM8dWbvfbOxFYtCsxf84CuZJQ6uMK5u2QSUFRChvsS7WuI0Khw0G1cIP5ownukiYZ_6mkkzFyLRAv6mvtwh60m0bmQtHavJ63q9NrteWhG-rTm0aOrcxc_ssl67AprKGZIO2n1TFvemfP_VU2jG-GRQpMDbyK9I_k25QC_DJkYFs97orso_4iS4XRrtrzaTyb0wdZW4DQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP6GfWvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNgCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLU-yy6k4DOn_CRnRbKW69_EbviaDrgAFdPurrNBeX7Rel39_oyGXkOxDgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ewIXyjLsbTH8MhAjeaWgWpnj6HQ%26client%3Dca-pub-7024551668114021%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2645326
expires
Mon, 26 Jul 1997 05:00:00 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 4488 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame FBBF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame CCB1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 2AA0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 3926 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 2386 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 545B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 402A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame AF1A 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q&u=%7Cj3e0nSif39JBK%2BwbNWYHU162yFS%2F5oFypXP%2BPN8A0pA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1m8Dl5fsIQlTl93wzoIAXJHDIf_jrY6uunqMqJdZY7W4skEbYyi2ntA6iUE72UlgUsbDsZiJ3dXwSu5QVzQW4vmMnbZY19AaBAufdM3eJyPgOQoIqjWSRNxVvLRqCbJGjxryNfNhhLFXEBsCkqTb3bLqeEx0CRaedTTbZFn00IGq3DEEaoF0UJiKEO5kjaKNvEOS3neAPcBJVon9vMA6x_F_eV5nhb7Px966H_aIxuIFcXBMHPs5CtKN9EU9a9y1xjb2Vs1gQUpcn--EjHWFgAK_OTpxhQ_gsQokSDXgh8ZRJO0L0SznD2mjyFO39qs5snoCAeRN8bBnkKTemldVimMhuM8dWbvfbOxFYtCsxf84CuZJQ6uMK5u2QSUFRChvsS7WuI0Khw0G1cIP5ownukiYZ_6mkkzFyLRAv6mvtwh60m0bmQtHavJ63q9NrteWhG-rTm0aOrcxc_ssl67AprKGZIO2n1TFvemfP_VU2jG-GRQpMDbyK9I_k25QC_DJkYFs97orso_4iS4XRrtrzaTyb0wdZW4DQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP6GfWvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNgCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLU-yy6k4DOn_CRnRbKW69_EbviaDrgAFdPurrNBeX7Rel39_oyGXkOxDgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ewIXyjLsbTH8MhAjeaWgWpnj6HQ%26client%3Dca-pub-7024551668114021%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1248301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvkep%2BCE%2FrtyYUfyg%2FGya5Efal2bnVdk%2BXNvOcFSmXSsiv2JaMhITK9Bi7pGOEmlAH%2Fitkxq4tyAxc%2BChG1wBm3g9CMOekS1zAbPh9uRPUm%2FE0vLvNgkHylLBPwwcrmaZTHApebAYb6doKmnOWEp%2BwyO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c9955d9f9633615-FRA
expires
Wed, 08 May 2024 03:43:23 GMT
animejs.js
static.criteo.net/animejs/ Frame AF1A 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q&u=%7Cj3e0nSif39JBK%2BwbNWYHU162yFS%2F5oFypXP%2BPN8A0pA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1m8Dl5fsIQlTl93wzoIAXJHDIf_jrY6uunqMqJdZY7W4skEbYyi2ntA6iUE72UlgUsbDsZiJ3dXwSu5QVzQW4vmMnbZY19AaBAufdM3eJyPgOQoIqjWSRNxVvLRqCbJGjxryNfNhhLFXEBsCkqTb3bLqeEx0CRaedTTbZFn00IGq3DEEaoF0UJiKEO5kjaKNvEOS3neAPcBJVon9vMA6x_F_eV5nhb7Px966H_aIxuIFcXBMHPs5CtKN9EU9a9y1xjb2Vs1gQUpcn--EjHWFgAK_OTpxhQ_gsQokSDXgh8ZRJO0L0SznD2mjyFO39qs5snoCAeRN8bBnkKTemldVimMhuM8dWbvfbOxFYtCsxf84CuZJQ6uMK5u2QSUFRChvsS7WuI0Khw0G1cIP5ownukiYZ_6mkkzFyLRAv6mvtwh60m0bmQtHavJ63q9NrteWhG-rTm0aOrcxc_ssl67AprKGZIO2n1TFvemfP_VU2jG-GRQpMDbyK9I_k25QC_DJkYFs97orso_4iS4XRrtrzaTyb0wdZW4DQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP6GfWvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNgCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLU-yy6k4DOn_CRnRbKW69_EbviaDrgAFdPurrNBeX7Rel39_oyGXkOxDgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ewIXyjLsbTH8MhAjeaWgWpnj6HQ%26client%3Dca-pub-7024551668114021%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 May 2024 03:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame CC63 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
img
imageproxy.eu.criteo.net/img/ Frame AF1A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=3455&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3455%2F210331%2F6d4c617ae012456da1cfa367ffefe967_logo.png&v=3&w=356&s=WLeuLt6WMNBiSq5-1Yt9xSij
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q&u=%7Cj3e0nSif39JBK%2BwbNWYHU162yFS%2F5oFypXP%2BPN8A0pA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1m8Dl5fsIQlTl93wzoIAXJHDIf_jrY6uunqMqJdZY7W4skEbYyi2ntA6iUE72UlgUsbDsZiJ3dXwSu5QVzQW4vmMnbZY19AaBAufdM3eJyPgOQoIqjWSRNxVvLRqCbJGjxryNfNhhLFXEBsCkqTb3bLqeEx0CRaedTTbZFn00IGq3DEEaoF0UJiKEO5kjaKNvEOS3neAPcBJVon9vMA6x_F_eV5nhb7Px966H_aIxuIFcXBMHPs5CtKN9EU9a9y1xjb2Vs1gQUpcn--EjHWFgAK_OTpxhQ_gsQokSDXgh8ZRJO0L0SznD2mjyFO39qs5snoCAeRN8bBnkKTemldVimMhuM8dWbvfbOxFYtCsxf84CuZJQ6uMK5u2QSUFRChvsS7WuI0Khw0G1cIP5ownukiYZ_6mkkzFyLRAv6mvtwh60m0bmQtHavJ63q9NrteWhG-rTm0aOrcxc_ssl67AprKGZIO2n1TFvemfP_VU2jG-GRQpMDbyK9I_k25QC_DJkYFs97orso_4iS4XRrtrzaTyb0wdZW4DQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP6GfWvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNgCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLU-yy6k4DOn_CRnRbKW69_EbviaDrgAFdPurrNBeX7Rel39_oyGXkOxDgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ewIXyjLsbTH8MhAjeaWgWpnj6HQ%26client%3Dca-pub-7024551668114021%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
984c46aa2e2bc3a4a14b9ddaa0049d0e71f82e2def62a5237ae045bf4db37c91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
5855
expires
Mon, 15 Apr 2024 11:06:07 GMT
img
imageproxy.eu.criteo.net/img/ Frame AF1A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_92335-67965_99600_110.jpg&v=3&w=400&s=uGVMQjmJ7GpuwbGmrpYGmyG0&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q&u=%7Cj3e0nSif39JBK%2BwbNWYHU162yFS%2F5oFypXP%2BPN8A0pA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1m8Dl5fsIQlTl93wzoIAXJHDIf_jrY6uunqMqJdZY7W4skEbYyi2ntA6iUE72UlgUsbDsZiJ3dXwSu5QVzQW4vmMnbZY19AaBAufdM3eJyPgOQoIqjWSRNxVvLRqCbJGjxryNfNhhLFXEBsCkqTb3bLqeEx0CRaedTTbZFn00IGq3DEEaoF0UJiKEO5kjaKNvEOS3neAPcBJVon9vMA6x_F_eV5nhb7Px966H_aIxuIFcXBMHPs5CtKN9EU9a9y1xjb2Vs1gQUpcn--EjHWFgAK_OTpxhQ_gsQokSDXgh8ZRJO0L0SznD2mjyFO39qs5snoCAeRN8bBnkKTemldVimMhuM8dWbvfbOxFYtCsxf84CuZJQ6uMK5u2QSUFRChvsS7WuI0Khw0G1cIP5ownukiYZ_6mkkzFyLRAv6mvtwh60m0bmQtHavJ63q9NrteWhG-rTm0aOrcxc_ssl67AprKGZIO2n1TFvemfP_VU2jG-GRQpMDbyK9I_k25QC_DJkYFs97orso_4iS4XRrtrzaTyb0wdZW4DQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP6GfWvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNgCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLU-yy6k4DOn_CRnRbKW69_EbviaDrgAFdPurrNBeX7Rel39_oyGXkOxDgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ewIXyjLsbTH8MhAjeaWgWpnj6HQ%26client%3Dca-pub-7024551668114021%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8b7f0fbfbfac0e45aed6208c282b7701b93715cf4e99651b96990a121f2e573d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
content-length
5752
expires
Wed, 24 May 2023 13:10:18 GMT
img
imageproxy.eu.criteo.net/img/ Frame AF1A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_822022-66908_835004_110.jpg&v=3&w=400&s=iIN-kl-NeFI6lByYx0g-ipAn&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q&u=%7Cj3e0nSif39JBK%2BwbNWYHU162yFS%2F5oFypXP%2BPN8A0pA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1m8Dl5fsIQlTl93wzoIAXJHDIf_jrY6uunqMqJdZY7W4skEbYyi2ntA6iUE72UlgUsbDsZiJ3dXwSu5QVzQW4vmMnbZY19AaBAufdM3eJyPgOQoIqjWSRNxVvLRqCbJGjxryNfNhhLFXEBsCkqTb3bLqeEx0CRaedTTbZFn00IGq3DEEaoF0UJiKEO5kjaKNvEOS3neAPcBJVon9vMA6x_F_eV5nhb7Px966H_aIxuIFcXBMHPs5CtKN9EU9a9y1xjb2Vs1gQUpcn--EjHWFgAK_OTpxhQ_gsQokSDXgh8ZRJO0L0SznD2mjyFO39qs5snoCAeRN8bBnkKTemldVimMhuM8dWbvfbOxFYtCsxf84CuZJQ6uMK5u2QSUFRChvsS7WuI0Khw0G1cIP5ownukiYZ_6mkkzFyLRAv6mvtwh60m0bmQtHavJ63q9NrteWhG-rTm0aOrcxc_ssl67AprKGZIO2n1TFvemfP_VU2jG-GRQpMDbyK9I_k25QC_DJkYFs97orso_4iS4XRrtrzaTyb0wdZW4DQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP6GfWvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNgCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLU-yy6k4DOn_CRnRbKW69_EbviaDrgAFdPurrNBeX7Rel39_oyGXkOxDgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ewIXyjLsbTH8MhAjeaWgWpnj6HQ%26client%3Dca-pub-7024551668114021%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e127811a1d27e2186da7a3442dcbab38fa07f6c5b4de27c459224cd34b370080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
content-length
5248
expires
Wed, 24 May 2023 14:45:17 GMT
img
imageproxy.eu.criteo.net/img/ Frame AF1A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_180053-31283_60702_110.jpg&v=3&w=400&s=pnPYKY_THj1Fm1etPboDaxWC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q&u=%7Cj3e0nSif39JBK%2BwbNWYHU162yFS%2F5oFypXP%2BPN8A0pA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1m8Dl5fsIQlTl93wzoIAXJHDIf_jrY6uunqMqJdZY7W4skEbYyi2ntA6iUE72UlgUsbDsZiJ3dXwSu5QVzQW4vmMnbZY19AaBAufdM3eJyPgOQoIqjWSRNxVvLRqCbJGjxryNfNhhLFXEBsCkqTb3bLqeEx0CRaedTTbZFn00IGq3DEEaoF0UJiKEO5kjaKNvEOS3neAPcBJVon9vMA6x_F_eV5nhb7Px966H_aIxuIFcXBMHPs5CtKN9EU9a9y1xjb2Vs1gQUpcn--EjHWFgAK_OTpxhQ_gsQokSDXgh8ZRJO0L0SznD2mjyFO39qs5snoCAeRN8bBnkKTemldVimMhuM8dWbvfbOxFYtCsxf84CuZJQ6uMK5u2QSUFRChvsS7WuI0Khw0G1cIP5ownukiYZ_6mkkzFyLRAv6mvtwh60m0bmQtHavJ63q9NrteWhG-rTm0aOrcxc_ssl67AprKGZIO2n1TFvemfP_VU2jG-GRQpMDbyK9I_k25QC_DJkYFs97orso_4iS4XRrtrzaTyb0wdZW4DQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP6GfWvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNgCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLU-yy6k4DOn_CRnRbKW69_EbviaDrgAFdPurrNBeX7Rel39_oyGXkOxDgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ewIXyjLsbTH8MhAjeaWgWpnj6HQ%26client%3Dca-pub-7024551668114021%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d7afc09dfd831ce7a020464b9a6d493ceba99b9808deae5dde80355f91df0894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
content-length
4790
expires
Mon, 22 May 2023 09:54:58 GMT
all
csm.eu.criteo.net/ Frame AF1A 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=gs5l08OhFMgAizHu5V5vPM1me-FCwMa89wlcJSyq08RwaJnJBqWZrAKOmO9Aqu2hFLIhB4dx23t88sahKDBJb2rn24ZOw2ip5Zf-ZqiKCg6EX-dNdpNgqCar2AnKLcp_nURgtAfbODNQeAazd-SADDoYKVhbCGxBqp_OPMFEXQ7fZb5-xO6sgzfAzPstmLgSNneEvAh23HRuGQx5UXP1D0oyfeCEJD4aUM6pguqu3ZzYXuExB85bH--1AvQNWCEzMsezmw&sds=2&rev=86437&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q&u=%7Cj3e0nSif39JBK%2BwbNWYHU162yFS%2F5oFypXP%2BPN8A0pA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1m8Dl5fsIQlTl93wzoIAXJHDIf_jrY6uunqMqJdZY7W4skEbYyi2ntA6iUE72UlgUsbDsZiJ3dXwSu5QVzQW4vmMnbZY19AaBAufdM3eJyPgOQoIqjWSRNxVvLRqCbJGjxryNfNhhLFXEBsCkqTb3bLqeEx0CRaedTTbZFn00IGq3DEEaoF0UJiKEO5kjaKNvEOS3neAPcBJVon9vMA6x_F_eV5nhb7Px966H_aIxuIFcXBMHPs5CtKN9EU9a9y1xjb2Vs1gQUpcn--EjHWFgAK_OTpxhQ_gsQokSDXgh8ZRJO0L0SznD2mjyFO39qs5snoCAeRN8bBnkKTemldVimMhuM8dWbvfbOxFYtCsxf84CuZJQ6uMK5u2QSUFRChvsS7WuI0Khw0G1cIP5ownukiYZ_6mkkzFyLRAv6mvtwh60m0bmQtHavJ63q9NrteWhG-rTm0aOrcxc_ssl67AprKGZIO2n1TFvemfP_VU2jG-GRQpMDbyK9I_k25QC_DJkYFs97orso_4iS4XRrtrzaTyb0wdZW4DQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP6GfWvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNgCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLU-yy6k4DOn_CRnRbKW69_EbviaDrgAFdPurrNBeX7Rel39_oyGXkOxDgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ewIXyjLsbTH8MhAjeaWgWpnj6HQ%26client%3Dca-pub-7024551668114021%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 03:43:22 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AF1A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q&u=%7Cj3e0nSif39JBK%2BwbNWYHU162yFS%2F5oFypXP%2BPN8A0pA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1m8Dl5fsIQlTl93wzoIAXJHDIf_jrY6uunqMqJdZY7W4skEbYyi2ntA6iUE72UlgUsbDsZiJ3dXwSu5QVzQW4vmMnbZY19AaBAufdM3eJyPgOQoIqjWSRNxVvLRqCbJGjxryNfNhhLFXEBsCkqTb3bLqeEx0CRaedTTbZFn00IGq3DEEaoF0UJiKEO5kjaKNvEOS3neAPcBJVon9vMA6x_F_eV5nhb7Px966H_aIxuIFcXBMHPs5CtKN9EU9a9y1xjb2Vs1gQUpcn--EjHWFgAK_OTpxhQ_gsQokSDXgh8ZRJO0L0SznD2mjyFO39qs5snoCAeRN8bBnkKTemldVimMhuM8dWbvfbOxFYtCsxf84CuZJQ6uMK5u2QSUFRChvsS7WuI0Khw0G1cIP5ownukiYZ_6mkkzFyLRAv6mvtwh60m0bmQtHavJ63q9NrteWhG-rTm0aOrcxc_ssl67AprKGZIO2n1TFvemfP_VU2jG-GRQpMDbyK9I_k25QC_DJkYFs97orso_4iS4XRrtrzaTyb0wdZW4DQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP6GfWvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNgCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLU-yy6k4DOn_CRnRbKW69_EbviaDrgAFdPurrNBeX7Rel39_oyGXkOxDgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ewIXyjLsbTH8MhAjeaWgWpnj6HQ%26client%3Dca-pub-7024551668114021%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 May 2024 03:43:23 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame AF1A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q&u=%7Cj3e0nSif39JBK%2BwbNWYHU162yFS%2F5oFypXP%2BPN8A0pA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1m8Dl5fsIQlTl93wzoIAXJHDIf_jrY6uunqMqJdZY7W4skEbYyi2ntA6iUE72UlgUsbDsZiJ3dXwSu5QVzQW4vmMnbZY19AaBAufdM3eJyPgOQoIqjWSRNxVvLRqCbJGjxryNfNhhLFXEBsCkqTb3bLqeEx0CRaedTTbZFn00IGq3DEEaoF0UJiKEO5kjaKNvEOS3neAPcBJVon9vMA6x_F_eV5nhb7Px966H_aIxuIFcXBMHPs5CtKN9EU9a9y1xjb2Vs1gQUpcn--EjHWFgAK_OTpxhQ_gsQokSDXgh8ZRJO0L0SznD2mjyFO39qs5snoCAeRN8bBnkKTemldVimMhuM8dWbvfbOxFYtCsxf84CuZJQ6uMK5u2QSUFRChvsS7WuI0Khw0G1cIP5ownukiYZ_6mkkzFyLRAv6mvtwh60m0bmQtHavJ63q9NrteWhG-rTm0aOrcxc_ssl67AprKGZIO2n1TFvemfP_VU2jG-GRQpMDbyK9I_k25QC_DJkYFs97orso_4iS4XRrtrzaTyb0wdZW4DQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP6GfWvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNgCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLU-yy6k4DOn_CRnRbKW69_EbviaDrgAFdPurrNBeX7Rel39_oyGXkOxDgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ewIXyjLsbTH8MhAjeaWgWpnj6HQ%26client%3Dca-pub-7024551668114021%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 May 2024 03:43:23 GMT
truncated
/ Frame DF3C 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
043047ec8694e32c6498cff8ea488d659470307a36817a96eb66c40e14b92245

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=ab403253-b305-47fa-a31b-3efb2473166f
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6a637a4886bd4923397cef1a73ed2e00f43ce83b9c1f1454b3f18c9045dbc763

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.straitstimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
/
www.facebook.com/tr/ Frame 66FA 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.straitstimes.com
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.straitstimes.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 03:43:23 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
pixel
amplify-imp.outbrain.com/ Frame 4488 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-V5J-YQLhMRuFO9okag30VBO7XY-lFg_I6ye4OpZ_ugVw-2qAy9UOU6GS7RiwcZB5bXbkUevyROumSxmH-8Z-jHpX4sGdUbKkLKaxzMqSty4WxWCH0BarJu7FhQVpx4kkYGGqh1l5t_TwwYdY6hwStWQ0EsdwgyPlUWDjbbFCfkapl53Evl5XVDkKFfE-BLoEjPHoJzmytIXXp2gobHL15bUYauYYXoONv_xoF4V2-TRYFpJfDlwBm5LjlSPMB3EOBJdv6GaR1yrhXYB-cXRS-2J4hWUB6xzkWH1kAitCDSpy8lHeQ-6PFbhW0UYWzptj9sxo3V4SEIhn5aVoG92ZEnos1BBekEr9UAR71soXmbxT1_9YxXGJaD14ZZ4DsHhe_lvkVn4BWFpjZaj6I-55r66ymJ0JZcPif0maXu_9k5JQmjp2n74PocldjAva0EUJBJa29sRq_y9i99ZVxCKyuYQClW5cMoAL6cMuEpWX5UgRVF7sSGxh8V-hKkGnD0O9sYVniEQgNYC4UWQhr5dgJwuJ89WQmfQCdwEbnEGPDVaCBU2ifbV-8kuVGrl0kIAijCZB_Bi3TV-uH3CeqJwd99ez_g5wm2uqK6vtvlI-0KedzrXDEMSmx0GdtEysxX6Pk7JudGivx1VMEpE72S5x9m29MLiuhd_YrvP1lwIAL277BCiwFjsg8vomaHzw93XI-FMNAtyg3KkBIDwm_c5_skj9mTfX7ry3ddQG1QTO7_FKc2bJIrUY5r0QCPE4qVGBuCWSLIifhoxYr2sqiiKMN1UMckopEJ83NIewDs7E7F6A_O7KyyFoi3eWuq4Po1MvbnniSxVcW6ZN1JAJ8sljXOuDpS6SQh4goGbT_hmRa41-UktD6LuhQxjEptih6P3lPMTzC9y0qJ-Md3ctL4VooFpVo-5FvdTI8UUJq9OeYnZidC1DmqHRRybW1uBCY-Aod_xetM15kwgRNCMnDenfQ45OefbW99Tffb0Mqv-WC13DLk99x-BeoUNiEQiGznv9DWtZ0JiULZdpoZ7fKfXEl6B2bGzfShAl2QzlQ6O346xgs3X0KXxEAF9Bs0a_5ju631AZi3Q6lnlho0UfqXOYsNDWn2EiEfEhju-CWnMqL7ZVm4pvi3y5IFdTEMqAd_Pkfa_CsXST6ZJBAr7kvd669sW4tlzYY0NlE_IdMxPATqn3pGY9OBGshU2s9x8rip9oZ3HNDqZlZsDjIK2dxhMnODByQWZBh88mYYz51Ae82z1pWFHHqPtpqCRbbEkOsdbkOGbhijowBNausl_K7Vda9VXVthrsiAs4EzVGrWU3FZzMuUB-uivk1tzxIfDHPU8Rto_1qkX-WpjjKmaeoqQtW8_2f6D7BgGD24Znzl-QETXmZ5thmrxlpEmqGw_Ll-j8u9nTtRecpNjvL17f1bHX5bfxv9CuepNrYZQUt2qHm4K_QM5m7lsvFCg2d6pBu7Xm0I9n5akh42Dsx8ERVI1LKzBv0wAj2E3z7CkJN1Sn14ql8K_EW8orjjqPIccs02TLNTr3_P217HqfqsnUMQPeTk5N92E2Fy4e8E3abOGmSPp1Ui3kCre_ldcnmkwKvRzRlw&c=460eb8b4&v=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Cache-Control
no-cache
X-TraceId
af226bf749b7981e5f53893ddf4769d7
Content-Length
53
Content-Type
image/gif;
/
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4dc38f61-f5f7-11ed-9409-f3baa800e4d4/0.054918/W7EC4F7YGZPVJJPWAFDJ5S2ZY5AL6HYPL4HTJRFOUQQD7XMJTNIZEQ2WWGGIJA6NPMOJCNJDUHDOASVDZRQZM6Y5NZPPGDN4TJ6V57AKFP4... Frame FBBF 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4dc38f61-f5f7-11ed-9409-f3baa800e4d4/0.054918/W7EC4F7YGZPVJJPWAFDJ5S2ZY5AL6HYPL4HTJRFOUQQD7XMJTNIZEQ2WWGGIJA6NPMOJCNJDUHDOASVDZRQZM6Y5NZPPGDN4TJ6V57AKFP4O5BGB3ZEKNW6WTSTWBBTM6E276G2RZMGTG5Y4YVRT4545AETWFV2RZVO5ZS6LRQSSIUXVXPGW43KZIHUC76CT3SZXQQ4VQAACEDMTBTNSP3FZJQBLZBY2KJNAMYWZATYTLNAANCKUBZT7VHHO4KUU4P6RWCJJUEVWGJPYPVFA367XM2JEMEOZKNIZNO5AH4MGICLKNUFBGCL7I3N4YX2NERSUHYFP7ALNGXBOV3L5OWEMOLWDD2TU47REHJFISV6CIWO3SGRO6SEIYWOWGOYAYJNFCPPDA5QQ44IIGWYMZMSDFW226WQRWNBXCQ6UL7RFI2HUCTN3OKBHYGISDVQY5SAMYQFGGLAPR66ZSKFA5VB6FR6LAV3LG7GKTOS5PYKYVO74ABZWG665T3MNXNYMQW76ENF4AMV6XF7HQSOT7WGOWGLXOPPT25XNRLRKANZGF3IAQGCWXXT3RS37ZCJF/?wpos=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Content-Length
26
Content-Type
image/gif
/
b1t-nydc1.zemanta.com/t/imp/impression/MQ2FBJABNXIVZQRHW5TZVKCOLNP7HBI2IJCBU5EDEDDUAZWCTWEMXFKEH7RFNMHWRB5PMGZZXRHAW5VH42LOJMC2WDA35QIBMCIG77GDFAD3VWKNF3E4GGK5KOOLWVDYB5YSBBJICW27D42RAO26ZXYVUHABG4... Frame CCB1 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-nydc1.zemanta.com/t/imp/impression/MQ2FBJABNXIVZQRHW5TZVKCOLNP7HBI2IJCBU5EDEDDUAZWCTWEMXFKEH7RFNMHWRB5PMGZZXRHAW5VH42LOJMC2WDA35QIBMCIG77GDFAD3VWKNF3E4GGK5KOOLWVDYB5YSBBJICW27D42RAO26ZXYVUHABG4BG6HI6DB6XKSKUR5SSIOGC54KJZT5PITCIOS3KEVHKWXFL5AQLSFTXMFWJYRDCIN73KOY6JOTHKX3ZBHFGAYUDLY2D2SJ7FZM5UFMBE77BPBORYRLHBKG5G3G6GROTA2JX5M7FUSJNUHNM4MQ526W3T5S6TR5CC5EQOPA5N6FH6V5DQAUESM2U6ROQDTS73LRDTWPBM7A/?
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Content-Length
26
Content-Type
image/gif
pixel
amplify-imp.outbrain.com/ Frame 2AA0 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-V5J-YQLhMRuFO9okag30VBO7XY-lFg_I6ye4OpZ_ugVw-2qAy9UOU6GS7RiwcZB5bXbkUevyROumSxmH-8Z-jHpX4sGdUbKkLKaxzMqSty4WxWCH0BarJu7FhQVpx4kkYGGqh1l5t_TwwYdY6hwStWQ0EsdwgyPlUWDjbbFCfkapl53Evl5XVDkKFfE-BLoEjO1vtFGcHDEfiA-TDY5Y5CXyxBxNNZxtPdnk185c5246wjzgPaMoX_hx-MH1aZNSH-e9mr63MKZGf8uESOpCtjA0C2kaigFXfgqViD9qLanqsRRSpWPORi_5Nm2sXZ5gdazBq1wIi_s-mMT_Eh3Ma1qKJp8inDNFw9V6WcuNTE98npygLWqPa4_sH9m-iI7j8_u_-atAIzbzw7iDsdhjxzX7JXFjOlJQ-Lgv-f5W3JAZJwqYFJ0vDKNVWbk5wrno9wfTiKDuG5yWae-ivmzJcb6exJeKRPskGq_kfdh_iYV3ScYIWHlUJ2DL2l3FyaKa50CHRoANeVD_D4huqgPYoFltE0jp7XDUANfafoBkqD3RVhQ5cdOf-7bZsRT5UoWU8SNAdPwnGJgmoNe_IKbO2zCyrnmWz31HsGCvTQ8aWoTeHRdSHevq2dj-PjT4aneHZvL-OMQzxNyjEfQ16ojalmdPPffnwSw21oiUdLFWrTyabUD9W8DqvMhRIrDX_xOy64_p_tiVhWbSRdu3s0lP2Dayh7SxGBT2iMZrcIAjabT4zzK6kb4pqU0nmt2IcxMFYYjqbRv2A9V05OS-VUmiqtI2FKN9bGxTMeVXQhHhq1Y9BIEnwmW-imFV-O0y4H7zzpHkev9Wi233aDB1EV_Pgi4c-4yM-FgiyzJOMyiu-GfacEWFGdTX4vGc4PD2KBOgpDpuPciOtkP0SnnLdTR9u-_foztED4K8QuCsdPxDe9-8FzUqlfmXAFEIoYoOMpaBTCSEMWD4rDONfwAVIQZfohv9POCAWQv5koNnRzX8AEJdqK8bws1_VcOOu4YuYVcfaoeakdrOJ1XYnEm94G5TGNObh888CPTLCuIL8mQpZPZhrR0KRjHk1RaF1s5Rpgf5zmXQguKQrwiKuarYIUOH93cgw8URu15J1b2fcPD3kEA7fv1WOFEtgtE31x5jRKmc6GgYjB9jlMWIYAR0Y2EO6STDrTEPxYiaU7JNHDsZan5aAvkeTQzSczeLo_VWQEn2T5--nuZIkrEi77gJgQdEeLJSu37x2jjuKvzaktF79D1xFr2fYu_XBsnoyDghqqAXlC6ucbme8wzx0E0WLEqLwnUCIwC_Z3M6EOfd1d7r3IVSaDNdJlmMq54GLS5SKbuz5gduUjrYDb7ZMbUiZIUjalIrbjRrW0pnoL3-va3EfzdH9bbCMM6DeZyNJX1YzN8ji7kC6hhhaSj0cErfp7y6Hmxj3rg7ev6w3KEdBMAvXGesefbtxrrkPwBPENW-jGyp4XOySlgbJDn3bTzYqc2kXLEk8JOPw-3ymf8pfqYT8Mf9gyMVupJwhxU2bTzzEQemFeZWeosJxoniLQEbvZVMvE_Q0eo5jsrTW9mU_5_-JDYKgTwvb_RV2BUmJ5kE2SNRug&c=a5bbcc4d&v=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Cache-Control
no-cache
X-TraceId
dd795cb31712329beb7afbcd2640d7e6
Content-Length
53
Content-Type
image/gif;
/
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4dc38f61-f5f7-11ed-9409-08ed787c6bd4/0.04938/W7EC4F7YGZPVJJPWAFDJ5S2ZY5AL6HYPL4HTJRFOUQQD7XMJTNIVIEKVDVHPJOMIJ4F45K4HWEPNA3NR7IQ2P3FRPCYOWNRJJGDAHZLP4ZUT... Frame 3926 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4dc38f61-f5f7-11ed-9409-08ed787c6bd4/0.04938/W7EC4F7YGZPVJJPWAFDJ5S2ZY5AL6HYPL4HTJRFOUQQD7XMJTNIVIEKVDVHPJOMIJ4F45K4HWEPNA3NR7IQ2P3FRPCYOWNRJJGDAHZLP4ZUT2PGIYJQAU63EOA35MSZ2XN2XX6NTXID3W5Y4YVRT4545AETWFV2RZVO5ZS6LRQSSIUXVXPGW43KZIHUC76CT3SZXQQ4VQAACEDMTBTNSP3FZJQBLZBY2KJNAMYWZATYTLNAANCKUBZT7VHHO4KUU4P6RWCJJUEVWGJPYPVFA367XM2JEMEOZKNIZNO5AH4MGICLKNUFBGCL7I3N4YX2NERSUHYFP7ALNGXBOV3L5OWEMOLWDD2TU47REHJFISV6CIWO3SGRO6SEIYWOWGOYAYJNFCPPDA5QQ44IIGWYMZMSDFW226WQRWNBXCQ6UL7RFI2HUCTN3OKBHYGISDVQY5SAMYQFGGLAPR66ZSKFA5VB6FR6LAV3LG7GKTOS5PYKYVO74ABZWG665T3MNXNYMQW76ENF4AMV6XF7HQSOT7WGOWGLXOPPT25XNRLRKANZGF3IAQGC23EHURIPED7MW/?wpos=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Content-Length
26
Content-Type
image/gif
/
b1t-nydc1.zemanta.com/t/imp/impression/MQ2FBJABNXIVZQRHW5TZVKCOLNP7HBI2IJCBU5EDEDDUAZWCTWEMXFKEH7RFNMHWRB5PMGZZXRHAW5VH42LOJMC2WDA35QIBMCIG77GDFAD3VWKNF3EZWCHMR7GGTEIHRTLB5JIEKLG3B42RAO26ZXYVUHABG4... Frame 2386 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-nydc1.zemanta.com/t/imp/impression/MQ2FBJABNXIVZQRHW5TZVKCOLNP7HBI2IJCBU5EDEDDUAZWCTWEMXFKEH7RFNMHWRB5PMGZZXRHAW5VH42LOJMC2WDA35QIBMCIG77GDFAD3VWKNF3EZWCHMR7GGTEIHRTLB5JIEKLG3B42RAO26ZXYVUHABG4BG6HI6DB75ZSGRRHJDMWFZHQQJ24EGYBIZHYBDRLMZSV62EKY6QHTGWHBMNQSRNINGOU6ADLCL57RWGMA2YYCOERBWU47MOG2LCBWKWVU3OTLH65I7O2V5CQ4DTW3MUZP5S36XRSZZIOFHQJYXARMY6CDBZMMKDHX7UAWAMPDTT6HMFRCSAKKM6EKIH7B3RK22VYWLP5A/?
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Content-Length
26
Content-Type
image/gif
pixel
amplify-imp.outbrain.com/ Frame 545B 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-V5J-YQLhMRuFO9okag30VBO7XY-lFg_I6ye4OpZ_ugVw-2qAy9UOU6GS7RiwcZB5bXbkUevyROumSxmH-8Z-jHpX4sGdUbKkLKaxzMqSty4WxWCH0BarJu7FhQVpx4kkYGGqh1l5t_TwwYdY6hwStWQ0EsdwgyPlUWDjbbFCfkapl53Evl5XVDkKFfE-BLoEjCQW9ov497-2FRKu4wyM-8CLhoW_TDORj8HgQmxlToUGAcnn-MCw6cEPvPl0W005jOYylZSlRND0Ygp-dZjDREXfdlDwOwO_bjseE7juYR3mP4e1NSzCoAk9PrXLA0hz5_B2KzkYChw98nreeWSmFGzTQtfuQKaoLxQV7nkxut3PABLbJDJCCdIR3q5qvl-vGqvDyrQU_yMeItnXbMCNZLBoCMaHuPJDGYOCaMyY7QUqYHI6WNX-awmjcs5bEI8BuxrSmNPZmYL4XDGxQ1qGwUeDvfzeGZjhO1MEtVKx0si6EmojqCbaY1PHuXbaFBn_U-Kfjs7jPAu9hEr4YraQLAV8wrnWmUtHP3JSvjRtQCiWbguJrz7qwhl0FVFI82hMMD86wFScjiR8xtjgPkJ0F8S0H9qVkOe52OynESL-r_GPDPND1w9Zy5j7865cf5LobMCOygWXd1DwyN7gyCrnEPMoIX91c6x2sp68RjSRD8AjiF6_bCj_xxhHZ4kCpODw_VRp7Ym-IfH3YujzQLEeRGZrvuCC2LBn5yeU6eKWx9bp5xnk2yyGqW-aJFJAoeiQBA-_PAlJMk854hGx1MHU3Oyba9hvA8D4wptGsjQxOrWspGRg4MHQAySbwmTGB3v8gjdSHxUGQZqESXvJSxV8251Ke7rkf8e21ulIWffpAj8Yd97_PMQgTyk0nnyWRzuEdCBWmADNEYp1q50GmuLwBFPOFBSmPNCt83KgNDPNUTuqdOsqOAZm8Rqk8TxnqCQsu-KRIL9QhAxTn0c6Y4Asr1s13fGfRimjdBcqPcznH0s848tLpv0D7Rasl47nUPoQ6yIesuDnc0ElRuUtwXziy4-YLdfpwow5vrj-S7R21oo_c7Z3Bg2E9WfZEN5LswcvA3dPyiVGvH9VcV5AqBng5n5DwHzl4kFgB6T5JN-Cc5AxHJDsT162q_3CbdxPA2g5jdSx8bHOF_Ianjno8xtU15NT-s22Rrd-azpWqDyJyTuJq9xLdB_ZqXCB0tInvW4fhpqEFy0fX3YrfnrYpUPfDA6SMoca8FodjFjSsccisfmeevzc6CdAPsUF-KWLNTgUA8etI3z5QlCKBZPZA3R2qPctRf5kbwKCnNgGxygs0x8HOS3crLHnyCYTPCPlO_7nR63tgqfmVO-CUPbJNvBuMHhYVrsVs0Wt-7tJW1ZNy1wiO-19wxfk2R2IjbaOTqFce4GpOZZmEIf9TdV5ICynuZ9ib50JzWO30Hba-Apxj_14KOxqfAcfvSqYHlGmqYnCHStDszqMY5C84TrDP7-BMR7TtAmbNuHjB-w_r1rxQKI0HNUB97HaVHYpIYH0Bik72HDxMiwCYKfe8JFNgd778W4ISv31xUliALGGVqyCFQCbK2kXkmWTcz7q9MFnFqhygA&c=43513145&v=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Cache-Control
no-cache
X-TraceId
c075057af62ae19e1914a3d7db0c916e
Content-Length
53
Content-Type
image/gif;
/
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4dc38f61-f5f7-11ed-9409-33761357d4d4/0.048312/W7EC4F7YGZPVJJPWAFDJ5S2ZY5AL6HYPL4HTJRFOUQQD7XMJTNIRDBU7W3YRUIBJEKLKVBIRWQAOU5U5QIMTU67M7I6SXR3NKOFT46DAFB2... Frame 402A 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4dc38f61-f5f7-11ed-9409-33761357d4d4/0.048312/W7EC4F7YGZPVJJPWAFDJ5S2ZY5AL6HYPL4HTJRFOUQQD7XMJTNIRDBU7W3YRUIBJEKLKVBIRWQAOU5U5QIMTU67M7I6SXR3NKOFT46DAFB2LESHG5TWJYUZEQ3IF657C5UZ6H23HTB7T45Y4YVRT4545AETWFV2RZVO5ZS6LRQSSIUXVXPGW43KZIHUC76CT3SZXQQ4VQAACEDMTBTNSP3FZJQBLZBY2KJNAMYWZATYTLNAANCKUBZT7VHHO4KUU4P6RWCJJUEVWGJPYPVFA367XM2JEMEOZKNIZNO5AH4MGICLKNUFBGCL7I3N4YX2NERSUHYFP7ALNGXBOV3L5OWEMOLWDD2TU47REHJFISV6CIWO3SGRO6SEIYWOWGOYAYJNFCPPDA5QQ44IIGWYMZMSDFW226WQRWNBXCQ6UL7RFI2HUCTN3OKBHYGISDVQY5SAMYQFGGLAPR66ZSKFA5VB6FR6LAV3LG7GKTOS5PYKYVO74ABZWG665T3MNXNYMQW76ENF4AMV6XF7HQSOT7WGOWGLXOPPT25XNRLRKANZGF3IAQGC7BZUUBGGL2CRO/?wpos=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Content-Length
26
Content-Type
image/gif
/
www.facebook.com/tr/ Frame 3388 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.straitstimes.com
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.straitstimes.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 03:43:23 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
b1t-nydc1.zemanta.com/t/imp/impression/MQ2FBJABNXIVZQRHW5TZVKCOLNP7HBI2IJCBU5EDEDDUAZWCTWEMXFKEH7RFNMHWRB5PMGZZXRHAW5VH42LOJMC2WDA35QIBMCIG77GDFAD3VWKNF3EXZ2SB7NXXYWIWRCBBHCMMXC2LN42RAO26ZXYVUHABG4... Frame CC63 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-nydc1.zemanta.com/t/imp/impression/MQ2FBJABNXIVZQRHW5TZVKCOLNP7HBI2IJCBU5EDEDDUAZWCTWEMXFKEH7RFNMHWRB5PMGZZXRHAW5VH42LOJMC2WDA35QIBMCIG77GDFAD3VWKNF3EXZ2SB7NXXYWIWRCBBHCMMXC2LN42RAO26ZXYVUHABG4BG6HI6DB5F4N4EUAGJYHLJXA7QTW7KWGSA3TNQIHH2XCP5MQVFM4BSB2S2CMSRNINGOU6ADLFZ4KCWK5N74QB6ERBWU47MOG2LCBWKWVU3OTLH65I7O2V5CQ4DTW3MUZP5S36XRSZB4HCWGJP23JOY6CDBZMMKDHX7UAWAMPDTT6HMFRCSAKKM6EKIH7B3RK22VYWLP5A/?
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Content-Length
26
Content-Type
image/gif
translation.json
static.mysph.sph.com.sg/mysph/locales/en/ Frame E210 		14 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/locales/en/translation.json
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/js/mySPHIdentityLightbox.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f3dfa122623ea2d2ec051fabbee5208b6d82b7cda5e7c8102dcb6e22533e21b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
LtXfeNteakLi3rBxiIz.jaWCR5haCEn4
content-encoding
gzip
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
date
Fri, 19 May 2023 03:43:24 GMT
last-modified
Thu, 18 May 2023 13:50:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
etag
W/"0f7056652bd173c8c5d1aae3861bbd31"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
s-maxage=86400,max-age=0,no-cache
x-amz-cf-id
OK0FmFIU1t9y_DfAC7JmQjqiWnJY9mYNJDCI0uZZisTuLWyzY3lKqg==
gtm.js
www.googletagmanager.com/ Frame E210 		304 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5Q7WW3V
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/js/mySPHIdentityLightbox.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da8ba9e320e2be043c7b31e5aca94faa39d3ca18b625cfb314b1abbe8ef81081
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89846
x-xss-protection
0
last-modified
Fri, 19 May 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 May 2023 03:43:23 GMT
css2
fonts.googleapis.com/ Frame E210 		10 KB
822 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
77a43710be29e3de77e03649591622f8254b140cc4fdb13af89e68113ec4aa6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 May 2023 03:16:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 May 2023 03:43:23 GMT
css2
fonts.googleapis.com/ Frame E210 		328 KB
90 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans+SC:wght@400;500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b7e119e7a0845b9f4b6144123e602fbed16f9fa1243cd0028f87f9aaed076c39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 May 2023 03:43:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 May 2023 03:43:23 GMT
css2
fonts.googleapis.com/ Frame E210 		2 KB
501 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Public+Sans:wght@400;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
17250e15dc2edf6265d11aed3980478c3c22786dd9d86568bf3e8ddb0dce08b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 May 2023 03:22:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 May 2023 03:43:23 GMT
css2
fonts.googleapis.com/ Frame E210 		850 B
414 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Libre+Caslon+Text:wght@700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
71140bbdcb84a9c0e034d9146d0044bc7f80b7b940c262e391a263a13acbffc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 May 2023 03:22:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 May 2023 03:43:23 GMT
css2
fonts.googleapis.com/ Frame E210 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Serif:wght@600;700&family=Lato&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6106cf2ccd968384938dc8bb68302de982659074730381aaa3a6d3397bfa452d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 May 2023 03:32:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 May 2023 03:43:23 GMT
css2
fonts.googleapis.com/ Frame E210 		2 KB
491 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mukta+Malar:wght@400;600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f4130b699421ca1d61487160270d08ec3f4b0844b1f96deb7586d95a5b798ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 May 2023 02:46:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 May 2023 03:43:23 GMT
okta-auth-js.min.js
global.oktacdn.com/okta-auth-js/4.5.0/ Frame E210 		112 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-auth-js/4.5.0/okta-auth-js.min.js
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/js/mySPHIdentityLightbox.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-116.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
34290715b0d39c6330c9300bf299dd17ae80da8c6688025e29bc6c84e77792e4
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.mysph.sph.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
o6R_bAQJP7EfXmmU0TDKdnLhLhT_p0qK
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
date
Fri, 19 May 2023 03:00:23 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
age
2581
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 17 Dec 2020 21:15:41 GMT
server
AmazonS3
etag
W/"da1c63c35ca10765111ce98e132aa43c"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
PHB6gzxFr1tB5ICy4pB0_GJ7ZpuMDQ_3zvfVLafD-xNaKch0dcdpcw==
concurrencyCheck.html
www.straitstimes.com/ Frame EB1C 		0
431 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/concurrencyCheck.html
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/js/mySPHIdentityLightbox.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Access Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.mysph.sph.com.sg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=0
content-length
0
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"0-5fb289ce3ed40"
expires
Fri, 19 May 2023 03:43:23 GMT
last-modified
Mon, 08 May 2023 06:18:53 GMT
p3p
CP=HONK
referrer-policy
no-referrer-when-downgrade
server
Access Gateway
strict-transport-security
max-age=31536000; includeSubDomains max-age=15768000
x-auth-group-type
y-anoy
x-content-type-options
nosniff
x-download-options
noopen
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
x-vmg-version
v10.5.33
x-xss-protection
1; mode=block
curator_head_st_semibold-webfont.woff2
static.mysph.sph.com.sg/mysph/fonts/curator/ Frame E210 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/fonts/curator/curator_head_st_semibold-webfont.woff2
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88cdfbf212280a347ee341cf8e2536429a6b05fa14283b96662d5a5405854f68

Request headers

Referer
https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Origin
https://static.mysph.sph.com.sg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:05 GMT
x-amz-version-id
_gGuckIYQj9m5DfFH2L8PYtC4goAIsaZ
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
49999
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24308
last-modified
Tue, 29 Nov 2022 13:38:08 GMT
server
AmazonS3
etag
"1c8be6cfbf0f5466fd1114c7d3a879fa"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
x-amz-cf-id
NaEham4CElmQuXaDlXAgk0DXNhKX8H5SOxhi_fzPAmUn8X8vJm2faQ==
curator_head_st_regular-webfont.woff2
static.mysph.sph.com.sg/mysph/fonts/curator/ Frame E210 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/fonts/curator/curator_head_st_regular-webfont.woff2
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7203a86775409711dddc8df5a54869481e5d352def7c920e31ccda5976a19973

Request headers

Referer
https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Origin
https://static.mysph.sph.com.sg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:05 GMT
x-amz-version-id
dNBOHUUitNl0znQnYhFnrYd.39ayHJ19
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
49999
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22420
last-modified
Tue, 29 Nov 2022 13:38:08 GMT
server
AmazonS3
etag
"f2d8de76134eecefa89bd015b2a85d41"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
x-amz-cf-id
uNAUrPGMu3gXDrFgYh6x6XTTxDfSdZSHgCRGNVpnXHk6m_pLIBk6Lg==
curator_head_st_bold-webfont.woff2
static.mysph.sph.com.sg/mysph/fonts/curator/ Frame E210 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/fonts/curator/curator_head_st_bold-webfont.woff2
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d813f169d6fbae58c03cf11c8630c9aa9cb65ebbeb2644d26ea04820fc2ed94

Request headers

Referer
https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Origin
https://static.mysph.sph.com.sg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:05 GMT
x-amz-version-id
ii2pVomoI1G7mLAu7SCtuaXKCIvUV27Z
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
49999
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24528
last-modified
Tue, 29 Nov 2022 13:38:08 GMT
server
AmazonS3
etag
"5e15e1c968a94de177029595262feb2c"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
x-amz-cf-id
wqks8wQwAOMIwZ6LGlESvl43hI-Hm2ize7YG6UiJTPBlcV4aZxTr3Q==
curator_head_st_semibold-webfont.woff
static.mysph.sph.com.sg/mysph/fonts/curator/ Frame E210 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/fonts/curator/curator_head_st_semibold-webfont.woff
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14f2a4a0b36e2390fafa550f948c568362a2a7e16b40dc42d694eaf2c5cd9708

Request headers

Referer
https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Origin
https://static.mysph.sph.com.sg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:05 GMT
x-amz-version-id
OhHdt2qQgI2kZHTJVYUeDpapQIYy2rFu
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
49999
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32104
last-modified
Tue, 29 Nov 2022 13:38:08 GMT
server
AmazonS3
etag
"5486cfcdc29d0f0c2b71e4318e5f03ac"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
x-amz-cf-id
4zoJt5C9MPzZ48x2O1V959TkZhK03jazr6bZnetcJLUGNmcQA-areQ==
curator_head_st_regular-webfont.woff
static.mysph.sph.com.sg/mysph/fonts/curator/ Frame E210 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/fonts/curator/curator_head_st_regular-webfont.woff
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4d6d03030653fa0131987d9c74e37e6660152e7c98d39457a372ad2629d328

Request headers

Referer
https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Origin
https://static.mysph.sph.com.sg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:05 GMT
x-amz-version-id
CFaiHXkwn0fYI40eE2T41FovIjp4fNKl
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
49999
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29404
last-modified
Tue, 29 Nov 2022 13:38:08 GMT
server
AmazonS3
etag
"207f411fb07002551e5ac64e3a253ccc"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
x-amz-cf-id
JxwtHvtvtV59prLX1et2DcoZjdqXMIE3kQqWKlS49gIGUWd2rOuU_A==
curator_head_st_bold-webfont.woff
static.mysph.sph.com.sg/mysph/fonts/curator/ Frame E210 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.mysph.sph.com.sg/mysph/fonts/curator/curator_head_st_bold-webfont.woff
Requested by
Host: static.mysph.sph.com.sg
URL: https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3d7c135b84ab2bba0ecc037d942cceb65c50ff95a5e95c6cc80e88d029c4115

Request headers

Referer
https://static.mysph.sph.com.sg/mysph/standalone/login.html?pubName=st&stateToken=00uo84CvVRqBLl0362RsAVyOOU3hmxcRdMPXY_zimm
Origin
https://static.mysph.sph.com.sg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 13:50:05 GMT
x-amz-version-id
3nLAilFkiM_Fq2C_vyP6AxDKD0fg2rK8
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
49999
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32044
last-modified
Tue, 29 Nov 2022 13:38:08 GMT
server
AmazonS3
etag
"a1e4aab54f3374416292271f8a8eaa52"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
x-amz-cf-id
LWo0b_MyiFWaAkZxLj57FQ1eYixI34MTOgnkUNmUrXgzOULA_jj4-g==
prompt-400.css
static.criteo.net/design/googlefont/prompt/ Frame AF1A 		1 KB
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/prompt/prompt-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
199aab1f505ae0a7a87a10b59b877973cc25158d1876d3dc42b911d4e5397afa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:12:56 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f0e8-4ef"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 May 2024 03:43:23 GMT
prompt-700.css
static.criteo.net/design/googlefont/prompt/ Frame AF1A 		1 KB
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/prompt/prompt-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
db6a3fdf38dab07e0ccee2a304d9c643d3c0cac0ff9389ff655a062471c575b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:12:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f0ea-4ef"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 May 2024 03:43:23 GMT
prompt-400-latin.woff2
static.criteo.net/design/googlefont/prompt/ Frame AF1A 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/prompt/prompt-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/prompt/prompt-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0dc405349b9e64616a3625673041771f2be733ebcb07688fcacd947401e40d34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/prompt/prompt-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:12:56 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f0e8-44e8"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 May 2024 03:43:23 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1629550037&t=pageview&_s=1&dl=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&dr=www.straitstimes.com&dp=%2Fcreatives%2F311&dh=cdp.sph.com.sg&ul=en-us&de=UTF-8&dt=preview.html&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=272&cs=1&cm=web&_u=aHDAAEADQAAAAGADII~&jid=1438681606&gjid=1422765972&cid=1849208897.1684467802&tid=UA-122397506-3&_gid=1705824386.1684467802&_r=1&_slc=1&cd3=1126591&cd4=&cd7=free&cd8=article&cd15=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&cd19=&cd93=272&cd95=a4ac49ff02dd406cabff56062ba5d9ea&cd6=1849208897.1684467802&z=986571545
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.straitstimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/mp/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/mp/collect?measurement_id=G-SM7K1EMZHH&api_secret=J5VT4dcATXulg-NK2FsDiQ
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:23 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.straitstimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
banner_feature_plan.svg
static1.straitstimes.com.sg/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.straitstimes.com.sg/icons/banner_feature_plan.svg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.244 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ef8a5c2f34a39be4b56b666e23f88dc404bf5ec902abeea6aebeab3661a6b277
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-gumlet-pc
HIT
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31557600
nel
{'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid
6462e48ad1b9b9034728e676
age
265169
x-cache
HIT
x-gumlet-runtime
0.44
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1626
x-served-by
cache-fra-eddf8230035-FRA
x-timer
S1684467804.511400,VS0,VE0
etag
"ymm9psliwg8d"
access-control-max-age
3600
report-to
{'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=31536000
vary
accept, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
11
st-logo-blue.png
static1.straitstimes.com.sg/s3fs-public/
Redirect Chain
  • https://www.straitstimes.com/sites/default/files/st-logo-blue.png?v=1
  • https://static1.straitstimes.com.sg/s3fs-public/st-logo-blue.png?v=1
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.straitstimes.com.sg/s3fs-public/st-logo-blue.png?v=1
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H3
Server
151.101.194.244 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2d12bccd7551a7089e549840142f6fb09aebe90a45475cc59fb5ec784e37fe77
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-gumlet-pc
MISS
date
Fri, 19 May 2023 03:43:23 GMT
via
1.1 varnish
strict-transport-security
max-age=31557600
nel
{'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-oc
HIT
x-gumlet-reqid
ZEdvT7rCxj1RsIvw
age
2064652
x-cache
HIT
x-gumlet-runtime
0.271
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3426
x-served-by
cache-fra-eddf8230057-FRA
x-timer
S1684467804.536261,VS0,VE1
etag
"24h22xc0pfmm7"
access-control-max-age
3600
report-to
{'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=31536000
vary
accept
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
1

Redirect headers

date
Fri, 19 May 2023 03:43:23 GMT
referrer-policy
no-referrer-when-downgrade
x-vmg-version
v10.5.33
server
ECD (frb/67A4)
location
https://static1.straitstimes.com.sg/s3fs-public/st-logo-blue.png?v=1
cache-control
max-age=2678400
content-length
0
expires
Mon, 19 Jun 2023 03:43:23 GMT
approved_checkbox.svg
static1.straitstimes.com.sg/icons/ 		400 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.straitstimes.com.sg/icons/approved_checkbox.svg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.244 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
65834585813a0db1a2adfd9d6f71705c84d3d99da121fa270cc1d3a4518a0b90
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-gumlet-pc
HIT
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31557600
nel
{'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid
64352803320d263324215d9d
age
3262552
x-cache
HIT
x-gumlet-runtime
0.471
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
273
x-served-by
cache-fra-eddf8230035-FRA
x-timer
S1684467804.513962,VS0,VE0
etag
"1ka3i59j43cbd"
access-control-max-age
3600
report-to
{'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=31536000
vary
accept, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
11
sphwave.css
www.straitstimes.com/sphwave-css/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/sphwave-css/sphwave.css?v=3
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6689) /
Resource Hash
65a3e478c17a881b9a4605d2761546417aebe4889f168b12c26e04e5eb942d18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
7ca1a80fb61e0e714b286eb596dc595aaad26cfa31fb2d064c8f22f3e051e596
age
25647368
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
5576
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jul 2022 07:27:11 GMT
server
ECD (frb/6689)
x-vmg-version
v10.5.33
etag
"6f71-5e4aff2c59cc0"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:23 GMT
st-newsletter-sphwave.css
www.straitstimes.com/sphwave-css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.straitstimes.com/sphwave-css/st-newsletter-sphwave.css
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.53.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/67F0) /
Resource Hash
91c1c7f91d03f1b495f66967f5153516b41152958371ec0f6cec749834c22264
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-oag-host
c980c646547b3b23d7a44a4eeebd0459eb3508ab73354817ee2dcb3001c25891
age
1881366
x-auth-group-type
y-anoy
x-cache
HIT
p3p
CP=HONK
content-length
1212
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Apr 2023 09:06:57 GMT
server
ECD (frb/67F0)
x-vmg-version
v10.5.33
etag
"f97-5fa4cad269a40"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 19 May 2023 04:43:23 GMT
collect
www.google-analytics.com/mp/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/mp/collect?measurement_id=G-SM7K1EMZHH&api_secret=J5VT4dcATXulg-NK2FsDiQ
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:23 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.straitstimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PM-masthead.svg
static1.straitstimes.com.sg/s3fs-public/newsletter/ 		51 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.straitstimes.com.sg/s3fs-public/newsletter/PM-masthead.svg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.194.244 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5a3dbbd4d8aebd72d7bcf95efa8bba9cff83dd18f76bf91c260242ddddcb1e15
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-gumlet-pc
HIT
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31557600
nel
{'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid
645b00cb47d6c7a635898df4
age
782224
x-cache
HIT
x-gumlet-runtime
0.122
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
37026
x-served-by
cache-fra-eddf8230057-FRA
x-timer
S1684467804.524797,VS0,VE1
etag
"2zgxgm1kb7942"
access-control-max-age
3600
report-to
{'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=31536000
vary
accept, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
1
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1629550037&t=pageview&_s=2&dl=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&dr=www.straitstimes.com&dp=%2Fcreatives%2F390&dh=cdp.sph.com.sg&ul=en-us&de=UTF-8&dt=preview.html&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=345&cs=1&cm=web&_u=aHDAAEADQAAAAGADII~&jid=&gjid=&cid=1849208897.1684467802&tid=UA-122397506-3&_gid=1705824386.1684467802&cd3=1126591&cd4=&cd7=free&cd8=article&cd15=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&cd19=&cd93=345&cd95=a4ac49ff02dd406cabff56062ba5d9ea&cd6=1849208897.1684467802&z=832181786
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 May 2023 19:54:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28161
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
f42b96353b1a43b1bfb1603f72d7c24b_sabonroman.woff
static.criteo.net/design/dt/ Frame AF1A 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/f42b96353b1a43b1bfb1603f72d7c24b_sabonroman.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q&u=%7Cj3e0nSif39JBK%2BwbNWYHU162yFS%2F5oFypXP%2BPN8A0pA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1m8Dl5fsIQlTl93wzoIAXJHDIf_jrY6uunqMqJdZY7W4skEbYyi2ntA6iUE72UlgUsbDsZiJ3dXwSu5QVzQW4vmMnbZY19AaBAufdM3eJyPgOQoIqjWSRNxVvLRqCbJGjxryNfNhhLFXEBsCkqTb3bLqeEx0CRaedTTbZFn00IGq3DEEaoF0UJiKEO5kjaKNvEOS3neAPcBJVon9vMA6x_F_eV5nhb7Px966H_aIxuIFcXBMHPs5CtKN9EU9a9y1xjb2Vs1gQUpcn--EjHWFgAK_OTpxhQ_gsQokSDXgh8ZRJO0L0SznD2mjyFO39qs5snoCAeRN8bBnkKTemldVimMhuM8dWbvfbOxFYtCsxf84CuZJQ6uMK5u2QSUFRChvsS7WuI0Khw0G1cIP5ownukiYZ_6mkkzFyLRAv6mvtwh60m0bmQtHavJ63q9NrteWhG-rTm0aOrcxc_ssl67AprKGZIO2n1TFvemfP_VU2jG-GRQpMDbyK9I_k25QC_DJkYFs97orso_4iS4XRrtrzaTyb0wdZW4DQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP6GfWvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNgCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLU-yy6k4DOn_CRnRbKW69_EbviaDrgAFdPurrNBeX7Rel39_oyGXkOxDgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ewIXyjLsbTH8MhAjeaWgWpnj6HQ%26client%3Dca-pub-7024551668114021%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
272164e5b3fb96e072257a2b6439d17a64d72018196ea36e8a73024c380dc9cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 01 Mar 2021 13:06:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"603ce6bb-6d70"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 May 2024 03:43:23 GMT
monitor.html
widgets.outbrain.com/widgetMonitor/ Frame DA45 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-V5J-YQLhMRuFO9okag30VBO7XY-lFg_I6ye4OpZ_ugVw-2qAy9UOU6GS7RiwcZB5bXbkUevyROumSxmH-8Z-jHpX4sGdUbKkLKaxzMqSty4WxWCH0BarJu7FhQVpx4kkYGGqh1l5t_TwwYdY6hwStWQ0EsdwgyPlUWDjbbFCfkapl53Evl5XVDkKFfE-BLoEjPHoJzmytIXXp2gobHL15bUYauYYXoONv_xoF4V2-TRYFpJfDlwBm5LjlSPMB3EOBJdv6GaR1yrhXYB-cXRS-2J4hWUB6xzkWH1kAitCDSpy8lHeQ-6PFbhW0UYWzptj9sxo3V4SEIhn5aVoG92ZEnos1BBekEr9UAR71soXmbxT1_9YxXGJaD14ZZ4DsHhe_lvkVn4BWFpjZaj6I-55r66ymJ0JZcPif0maXu_9k5JQmjp2n74PocldjAva0EUJBJa29sRq_y9i99ZVxCKyuYQClW5cMoAL6cMuEpWX5UgRVF7sSGxh8V-hKkGnD0O9sYVniEQgNYC4UWQhr5dgJwuJ89WQmfQCdwEbnEGPDVaCBU2ifbV-8kuVGrl0kIAijCZB_Bi3TV-uH3CeqJwd99ez_g5wm2uqK6vtvlI-0KedzrXDEMSmx0GdtEysxX6Pk7JudGivx1VMEpE72S5x9m29MLiuhd_YrvP1lwIAL277BCiwFjsg8vomaHzw93XI-FMNAtyg3KkBIDwm_c5_skj9mTfX7ry3ddQG1QTO7_FKc2bJIrUY5r0QCPE4qVGBuCWSLIifhoxYr2sqiiKMN1UMckopEJ83NIewDs7E7F6A_O7KyyFoi3eWuq4Po1MvbnniSxVcW6ZN1JAJ8sljXOuDpS6SQh4goGbT_hmRa41-UktD6LuhQxjEptih6P3lPMTzC9y0qJ-Md3ctL4VooFpVo-5FvdTI8UUJq9OeYnZidC1DmqHRRybW1uBCY-Aod_xetM15kwgRNCMnDenfQ45OefbW99Tffb0Mqv-WC13DLk99x-BeoUNiEQiGznv9DWtZ0JiULZdpoZ7fKfXEl6B2bGzfShAl2QzlQ6O346xgs3X0KXxEAF9Bs0a_5ju631AZi3Q6lnlho0UfqXOYsNDWn2EiEfEhju-CWnMqL7ZVm4pvi3y5IFdTEMqAd_Pkfa_CsXST6ZJBAr7kvd669sW4tlzYY0NlE_IdMxPATqn3pGY9OBGshU2s9x8rip9oZ3HNDqZlZsDjIK2dxhMnODByQWZBh88mYYz51Ae82z1pWFHHqPtpqCRbbEkOsdbkOGbhijowBNausl_K7Vda9VXVthrsiAs4EzVGrWU3FZzMuUB-uivk1tzxIfDHPU8Rto_1qkX-WpjjKmaeoqQtW8_2f6D7BgGD24Znzl-QETXmZ5thmrxlpEmqGw_Ll-j8u9nTtRecpNjvL17f1bHX5bfxv9CuepNrYZQUt2qHm4K_QM5m7lsvFCg2d6pBu7Xm0I9n5akh42Dsx8ERVI1LKzBv0wAj2E3z7CkJN1Sn14ql8K_EW8orjjqPIccs02TLNTr3_P217HqfqsnUMQPeTk5N92E2Fy4e8E3abOGmSPp1Ui3kCre_ldcnmkwKvRzRlw%26c%3D460eb8b4%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
1606
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"1295e69d949ede7964200763acaebc50:1679841729.42395"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Sun, 26 Mar 2023 14:35:45 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
report
widgetmonitor.outbrain.com/WidgetErrorMonitor/api/ Frame DA45 		2 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widgetmonitor.outbrain.com/WidgetErrorMonitor/api/report?name=obm-PixelLoadingError&version=undefined&message=%7B%22url%22%3A%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-V5J-YQLhMRuFO9okag30VBO7XY-lFg_I6ye4OpZ_ugVw-2qAy9UOU6GS7RiwcZB5bXbkUevyROumSxmH-8Z-jHpX4sGdUbKkLKaxzMqSty4WxWCH0BarJu7FhQVpx4kkYGGqh1l5t_TwwYdY6hwStWQ0EsdwgyPlUWDjbbFCfkapl53Evl5XVDkKFfE-BLoEjPHoJzmytIXXp2gobHL15bUYauYYXoONv_xoF4V2-TRYFpJfDlwBm5LjlSPMB3EOBJdv6GaR1yrhXYB-cXRS-2J4hWUB6xzkWH1kAitCDSpy8lHeQ-6PFbhW0UYWzptj9sxo3V4SEIhn5aVoG92ZEnos1BBekEr9UAR71soXmbxT1_9YxXGJaD14ZZ4DsHhe_lvkVn4BWFpjZaj6I-55r66ymJ0JZcPif0maXu_9k5JQmjp2n74PocldjAva0EUJBJa29sRq_y9i99ZVxCKyuYQClW5cMoAL6cMuEpWX5UgRVF7sSGxh8V-hKkGnD0O9sYVniEQgNYC4UWQhr5dgJwuJ89WQmfQCdwEbnEGPDVaCBU2ifbV-8kuVGrl0kIAijCZB_Bi3TV-uH3CeqJwd99ez_g5wm2uqK6vtvlI-0KedzrXDEMSmx0GdtEysxX6Pk7JudGivx1VMEpE72S5x9m29MLiuhd_YrvP1lwIAL277BCiwFjsg8vomaHzw93XI-FMNAtyg3KkBIDwm_c5_skj9mTfX7ry3ddQG1QTO7_FKc2bJIrUY5r0QCPE4qVGBuCWSLIifhoxYr2sqiiKMN1UMckopEJ83NIewDs7E7F6A_O7KyyFoi3eWuq4Po1MvbnniSxVcW6ZN1JAJ8sljXOuDpS6SQh4goGbT_hmRa41-UktD6LuhQxjEptih6P3lPMTzC9y0qJ-Md3ctL4VooFpVo-5FvdTI8UUJq9OeYnZidC1DmqHRRybW1uBCY-Aod_xetM15kwgRNCMnDenfQ45OefbW99Tffb0Mqv-WC13DLk99x-BeoUNiEQiGznv9DWtZ0JiULZdpoZ7fKfXEl6B2bGzfShAl2QzlQ6O346xgs3X0KXxEAF9Bs0a_5ju631AZi3Q6lnlho0UfqXOYsNDWn2EiEfEhju-CWnMqL7ZVm4pvi3y5IFdTEMqAd_Pkfa_CsXST6ZJBAr7kvd669sW4tlzYY0NlE_IdMxPATqn3pGY9OBGshU2s9x8rip9oZ3HNDqZlZsDjIK2dxhMnODByQWZBh88mYYz51Ae82z1pWFHHqPtpqCRbbEkOsdbkOGbhijowBNausl_K7Vda9VXVthrsiAs4EzVGrWU3FZzMuUB-uivk1tzxIfDHPU8Rto_1qkX-WpjjKmaeoqQtW8_2f6D7BgGD24Znzl-QETXmZ5thmrxlpEmqGw_Ll-j8u9nTtRecpNjvL17f1bHX5bfxv9CuepNrYZQUt2qHm4K_QM5m7lsvFCg2d6pBu7Xm0I9n5akh42Dsx8ERVI1LKzBv0wAj2E3z7CkJN1Sn14ql8K_EW8orjjqPIccs02TLNTr3_P217HqfqsnUMQPeTk5N92E2Fy4e8E3abOGmSPp1Ui3kCre_ldcnmkwKvRzRlw%26c%3D460eb8b4%26v%3D3%22%2C%22advId%22%3A%22%22%2C%22numberOfPixels%22%3A%22%22%7D&env=undefined&url=https%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2Fexternals%2FobPixelFrame%2FobPixelFrame.htm&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&agent=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F113.0.5672.126%20safari%2F537.36&stack=undefined&errorEleUrl=&pId=&sId=&dId=&ren=undefined
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-V5J-YQLhMRuFO9okag30VBO7XY-lFg_I6ye4OpZ_ugVw-2qAy9UOU6GS7RiwcZB5bXbkUevyROumSxmH-8Z-jHpX4sGdUbKkLKaxzMqSty4WxWCH0BarJu7FhQVpx4kkYGGqh1l5t_TwwYdY6hwStWQ0EsdwgyPlUWDjbbFCfkapl53Evl5XVDkKFfE-BLoEjPHoJzmytIXXp2gobHL15bUYauYYXoONv_xoF4V2-TRYFpJfDlwBm5LjlSPMB3EOBJdv6GaR1yrhXYB-cXRS-2J4hWUB6xzkWH1kAitCDSpy8lHeQ-6PFbhW0UYWzptj9sxo3V4SEIhn5aVoG92ZEnos1BBekEr9UAR71soXmbxT1_9YxXGJaD14ZZ4DsHhe_lvkVn4BWFpjZaj6I-55r66ymJ0JZcPif0maXu_9k5JQmjp2n74PocldjAva0EUJBJa29sRq_y9i99ZVxCKyuYQClW5cMoAL6cMuEpWX5UgRVF7sSGxh8V-hKkGnD0O9sYVniEQgNYC4UWQhr5dgJwuJ89WQmfQCdwEbnEGPDVaCBU2ifbV-8kuVGrl0kIAijCZB_Bi3TV-uH3CeqJwd99ez_g5wm2uqK6vtvlI-0KedzrXDEMSmx0GdtEysxX6Pk7JudGivx1VMEpE72S5x9m29MLiuhd_YrvP1lwIAL277BCiwFjsg8vomaHzw93XI-FMNAtyg3KkBIDwm_c5_skj9mTfX7ry3ddQG1QTO7_FKc2bJIrUY5r0QCPE4qVGBuCWSLIifhoxYr2sqiiKMN1UMckopEJ83NIewDs7E7F6A_O7KyyFoi3eWuq4Po1MvbnniSxVcW6ZN1JAJ8sljXOuDpS6SQh4goGbT_hmRa41-UktD6LuhQxjEptih6P3lPMTzC9y0qJ-Md3ctL4VooFpVo-5FvdTI8UUJq9OeYnZidC1DmqHRRybW1uBCY-Aod_xetM15kwgRNCMnDenfQ45OefbW99Tffb0Mqv-WC13DLk99x-BeoUNiEQiGznv9DWtZ0JiULZdpoZ7fKfXEl6B2bGzfShAl2QzlQ6O346xgs3X0KXxEAF9Bs0a_5ju631AZi3Q6lnlho0UfqXOYsNDWn2EiEfEhju-CWnMqL7ZVm4pvi3y5IFdTEMqAd_Pkfa_CsXST6ZJBAr7kvd669sW4tlzYY0NlE_IdMxPATqn3pGY9OBGshU2s9x8rip9oZ3HNDqZlZsDjIK2dxhMnODByQWZBh88mYYz51Ae82z1pWFHHqPtpqCRbbEkOsdbkOGbhijowBNausl_K7Vda9VXVthrsiAs4EzVGrWU3FZzMuUB-uivk1tzxIfDHPU8Rto_1qkX-WpjjKmaeoqQtW8_2f6D7BgGD24Znzl-QETXmZ5thmrxlpEmqGw_Ll-j8u9nTtRecpNjvL17f1bHX5bfxv9CuepNrYZQUt2qHm4K_QM5m7lsvFCg2d6pBu7Xm0I9n5akh42Dsx8ERVI1LKzBv0wAj2E3z7CkJN1Sn14ql8K_EW8orjjqPIccs02TLNTr3_P217HqfqsnUMQPeTk5N92E2Fy4e8E3abOGmSPp1Ui3kCre_ldcnmkwKvRzRlw%26c%3D460eb8b4%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 19 May 2023 03:43:23 GMT
Connection
close
X-TraceId
c2f88b062f4319078a75aba4ceedc400
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Content-Length
2
Content-Type
application/json; charset=utf-8
dee4a91c1efd1cc9eb50b0b26b2e0edfcb.jpg
zem.outbrainimg.com/p/srv/sha/af/fa/ad/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/af/fa/ad/dee4a91c1efd1cc9eb50b0b26b2e0edfcb.jpg?w=645&h=430&fit=crop&crop=CENTER&q=45&fm=jpg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
ebb72f67e51e428953d1881f78ab0c0117b8d5ec95ad3fd897420ee1507986bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
1666551
x-cache
HIT, HIT, HIT
x-imgix-id
95515dee2db40b5c378140ec2f92ff2376074758
cross-origin-resource-policy
cross-origin
content-length
34802
x-served-by
cache-sjc10072-SJC, cache-fra-etou8220027-FRA, cache-fra-etou8220020-FRA
x-imgix-render-farm
01.8776
last-modified
Sat, 29 Apr 2023 20:47:33 GMT
server
imgix
x-timer
S1684467804.674973,VS0,VE1
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Imgix-Bg-Remove-Failure-Reason
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
819597ac4fc84c750eeb59a0bd2825e319.png
zem.outbrainimg.com/p/srv/sha/7d/c1/fd/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/7d/c1/fd/819597ac4fc84c750eeb59a0bd2825e319.png?w=645&h=430&fit=crop&crop=center&q=45&fm=jpg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
d362bca686d216ef99f75a0290e15176be50b63b37574f64cb5d5e5a2cfc6765
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
743458
x-cache
HIT, MISS, HIT
x-imgix-id
4fa5dd6b9481f5a50a72a1e67c583f758ef23a2d
cross-origin-resource-policy
cross-origin
content-length
32490
x-served-by
cache-sjc10051-SJC, cache-fra-etou8220020-FRA, cache-fra-etou8220020-FRA
x-imgix-render-farm
01.8776
last-modified
Wed, 10 May 2023 13:12:25 GMT
server
imgix
x-timer
S1684467804.674959,VS0,VE0
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Imgix-Bg-Remove-Failure-Reason
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4
4e89c03ff86638c3be154e19c6216004c5.png
zem.outbrainimg.com/p/srv/sha/c6/07/3e/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/c6/07/3e/4e89c03ff86638c3be154e19c6216004c5.png?w=645&h=430&fit=crop&crop=center&q=45&fm=jpg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
7d749f48081229550b1757e869190b30789f4e1320907121b29345293b9a5794
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
30234
x-cache
MISS, MISS, HIT
x-imgix-id
f693605fb9bcd8b553c0ab237fdbecc1d5e4c772
cross-origin-resource-policy
cross-origin
content-length
51602
x-served-by
cache-sjc10032-SJC, cache-fra-eddf8230030-FRA, cache-fra-etou8220020-FRA
x-imgix-render-farm
01.8776
last-modified
Thu, 18 May 2023 19:19:29 GMT
server
imgix
x-timer
S1684467804.675703,VS0,VE1
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Imgix-Bg-Remove-Failure-Reason
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
d2d49e8513cdf2c766a755d0ae4cd2b347.png
zem.outbrainimg.com/p/srv/sha/e1/b6/f7/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/e1/b6/f7/d2d49e8513cdf2c766a755d0ae4cd2b347.png?w=645&h=430&fit=crop&crop=faces&q=45&fm=jpg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
67ab62acaf584fbf6402167628b9dd33eae08210ffe2f1df97f4c76f9250c156
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
509744
x-cache
MISS, MISS, HIT
x-imgix-id
00b3b68cd8645a6bd0e0d297d9ecc5666a3874d0
cross-origin-resource-policy
cross-origin
content-length
24983
x-served-by
cache-sjc1000096-SJC, cache-fra-eddf8230125-FRA, cache-fra-etou8220020-FRA
x-imgix-render-farm
01.17480
last-modified
Sat, 13 May 2023 06:07:39 GMT
server
imgix
x-timer
S1684467804.675549,VS0,VE1
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Imgix-Bg-Remove-Failure-Reason
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
d7c8ef81766c20dbbd7c2924f5067f0216.png
zem.outbrainimg.com/p/srv/sha/c2/cb/b8/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/c2/cb/b8/d7c8ef81766c20dbbd7c2924f5067f0216.png?w=645&h=430&fit=crop&crop=faces&q=45&fm=jpg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
19e85307eda433237eead6bc21bfcd50ec3a7c23f6bbeae846e7e8552b357552
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
798677
x-cache
MISS, HIT, HIT
x-imgix-id
d1a6edf7486cf2406f762de8f3296178de1504c8
cross-origin-resource-policy
cross-origin
content-length
60048
x-served-by
cache-sjc1000124-SJC, cache-fra-etou8220109-FRA, cache-fra-etou8220020-FRA
x-imgix-render-farm
01.17480
last-modified
Tue, 09 May 2023 21:52:07 GMT
server
imgix
x-timer
S1684467804.675384,VS0,VE1
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Imgix-Bg-Remove-Failure-Reason
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
040455c116a1da4fb62abc226562b8bb7d.png
zem.outbrainimg.com/p/srv/sha/ac/f0/7a/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/ac/f0/7a/040455c116a1da4fb62abc226562b8bb7d.png?w=645&h=430&fit=crop&crop=faces&q=45&fm=jpg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
307a31b947870ad9ea319a34e93b56eba0d869708e0076270eadba020f0ec5ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
78163
x-cache
HIT, MISS, HIT
x-imgix-id
b965832d691daba6748b0ac3bf6faac22516e4df
cross-origin-resource-policy
cross-origin
content-length
30229
x-served-by
cache-sjc1000124-SJC, cache-fra-eddf8230071-FRA, cache-fra-etou8220020-FRA
x-imgix-render-farm
01.16968
last-modified
Thu, 18 May 2023 06:00:40 GMT
server
imgix
x-timer
S1684467804.675170,VS0,VE1
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Imgix-Bg-Remove-Failure-Reason
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
7f3c0d1049505525dba528f638f954aeaf.png
zem.outbrainimg.com/p/srv/sha/40/3d/4d/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/40/3d/4d/7f3c0d1049505525dba528f638f954aeaf.png?w=645&h=430&fit=crop&crop=faces&q=45&fm=jpg
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
c67b06702138ccb47705262c27f8b4af1cbae273591233386e8f05012e294c0a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:23 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
41685
x-cache
MISS, MISS, HIT
x-imgix-id
def44f6b175ea85832d3e102b9b80945783028f9
cross-origin-resource-policy
cross-origin
content-length
46741
x-served-by
cache-sjc1000092-SJC, cache-fra-eddf8230137-FRA, cache-fra-etou8220020-FRA
x-imgix-render-farm
01.17480
last-modified
Thu, 18 May 2023 16:08:37 GMT
server
imgix
x-timer
S1684467804.675165,VS0,VE1
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Imgix-Bg-Remove-Failure-Reason
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=2538b01170e495403d1ef87cd33321a5_5314_1684467803448&tm=1128&eT=0&widgetWidth=1200&widgetHeight=391&widgetX=204&widgetY=7333&wRV=2010307&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=548&oo=true&lo=1887&obreq=1867&odbreq=2357&odbres=2605&mvreq=2662&mvres=3210&re=3213&cet=4g&cs=2&to=1684467800454.9&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 19 May 2023 03:43:23 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
625fc74fcac9270b68bd0f8c3199f96b
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame E3A9 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 1D18 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 1218 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 167B 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame A1B2 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 0701 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 6274 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 7239 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame FCF3 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=51079dc2e4e6af46f6672b7391f7af36_5314_1684467803577&tm=1136&eT=0&widgetWidth=1200&widgetHeight=844&widgetX=204&widgetY=7734&wRV=2010307&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=548&oo=true&lo=1887&obreq=1867&odbreq=2357&odbres=2605&mvreq=2662&mvres=3210&re=3229&cet=4g&cs=2&to=1684467800454.9&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 19 May 2023 03:43:23 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
06413053df8f44d637e7b00fb7dbb22a
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame AD38 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 63DC 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame AE6F 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 83EB 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame BD89 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 8670 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame C6C2 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 209F 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 0052 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 9BAF 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 7CDF 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 8476 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 2BE7 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 45A1 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 493D 		361 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
361
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"06266b158cc1a0b89268d5a7103a27c4:1684334618.015155"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
monitor.html
widgets.outbrain.com/widgetMonitor/ Frame 0C8A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-V5J-YQLhMRuFO9okag30VBO7XY-lFg_I6ye4OpZ_ugVw-2qAy9UOU6GS7RiwcZB5bXbkUevyROumSxmH-8Z-jHpX4sGdUbKkLKaxzMqSty4WxWCH0BarJu7FhQVpx4kkYGGqh1l5t_TwwYdY6hwStWQ0EsdwgyPlUWDjbbFCfkapl53Evl5XVDkKFfE-BLoEjO1vtFGcHDEfiA-TDY5Y5CXyxBxNNZxtPdnk185c5246wjzgPaMoX_hx-MH1aZNSH-e9mr63MKZGf8uESOpCtjA0C2kaigFXfgqViD9qLanqsRRSpWPORi_5Nm2sXZ5gdazBq1wIi_s-mMT_Eh3Ma1qKJp8inDNFw9V6WcuNTE98npygLWqPa4_sH9m-iI7j8_u_-atAIzbzw7iDsdhjxzX7JXFjOlJQ-Lgv-f5W3JAZJwqYFJ0vDKNVWbk5wrno9wfTiKDuG5yWae-ivmzJcb6exJeKRPskGq_kfdh_iYV3ScYIWHlUJ2DL2l3FyaKa50CHRoANeVD_D4huqgPYoFltE0jp7XDUANfafoBkqD3RVhQ5cdOf-7bZsRT5UoWU8SNAdPwnGJgmoNe_IKbO2zCyrnmWz31HsGCvTQ8aWoTeHRdSHevq2dj-PjT4aneHZvL-OMQzxNyjEfQ16ojalmdPPffnwSw21oiUdLFWrTyabUD9W8DqvMhRIrDX_xOy64_p_tiVhWbSRdu3s0lP2Dayh7SxGBT2iMZrcIAjabT4zzK6kb4pqU0nmt2IcxMFYYjqbRv2A9V05OS-VUmiqtI2FKN9bGxTMeVXQhHhq1Y9BIEnwmW-imFV-O0y4H7zzpHkev9Wi233aDB1EV_Pgi4c-4yM-FgiyzJOMyiu-GfacEWFGdTX4vGc4PD2KBOgpDpuPciOtkP0SnnLdTR9u-_foztED4K8QuCsdPxDe9-8FzUqlfmXAFEIoYoOMpaBTCSEMWD4rDONfwAVIQZfohv9POCAWQv5koNnRzX8AEJdqK8bws1_VcOOu4YuYVcfaoeakdrOJ1XYnEm94G5TGNObh888CPTLCuIL8mQpZPZhrR0KRjHk1RaF1s5Rpgf5zmXQguKQrwiKuarYIUOH93cgw8URu15J1b2fcPD3kEA7fv1WOFEtgtE31x5jRKmc6GgYjB9jlMWIYAR0Y2EO6STDrTEPxYiaU7JNHDsZan5aAvkeTQzSczeLo_VWQEn2T5--nuZIkrEi77gJgQdEeLJSu37x2jjuKvzaktF79D1xFr2fYu_XBsnoyDghqqAXlC6ucbme8wzx0E0WLEqLwnUCIwC_Z3M6EOfd1d7r3IVSaDNdJlmMq54GLS5SKbuz5gduUjrYDb7ZMbUiZIUjalIrbjRrW0pnoL3-va3EfzdH9bbCMM6DeZyNJX1YzN8ji7kC6hhhaSj0cErfp7y6Hmxj3rg7ev6w3KEdBMAvXGesefbtxrrkPwBPENW-jGyp4XOySlgbJDn3bTzYqc2kXLEk8JOPw-3ymf8pfqYT8Mf9gyMVupJwhxU2bTzzEQemFeZWeosJxoniLQEbvZVMvE_Q0eo5jsrTW9mU_5_-JDYKgTwvb_RV2BUmJ5kE2SNRug%26c%3Da5bbcc4d%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
1606
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"1295e69d949ede7964200763acaebc50:1679841729.42395"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Sun, 26 Mar 2023 14:35:45 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame E3A9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 1D18 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 1218 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 167B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame A1B2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 0701 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 6274 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
monitor.html
widgets.outbrain.com/widgetMonitor/ Frame F348 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-V5J-YQLhMRuFO9okag30VBO7XY-lFg_I6ye4OpZ_ugVw-2qAy9UOU6GS7RiwcZB5bXbkUevyROumSxmH-8Z-jHpX4sGdUbKkLKaxzMqSty4WxWCH0BarJu7FhQVpx4kkYGGqh1l5t_TwwYdY6hwStWQ0EsdwgyPlUWDjbbFCfkapl53Evl5XVDkKFfE-BLoEjCQW9ov497-2FRKu4wyM-8CLhoW_TDORj8HgQmxlToUGAcnn-MCw6cEPvPl0W005jOYylZSlRND0Ygp-dZjDREXfdlDwOwO_bjseE7juYR3mP4e1NSzCoAk9PrXLA0hz5_B2KzkYChw98nreeWSmFGzTQtfuQKaoLxQV7nkxut3PABLbJDJCCdIR3q5qvl-vGqvDyrQU_yMeItnXbMCNZLBoCMaHuPJDGYOCaMyY7QUqYHI6WNX-awmjcs5bEI8BuxrSmNPZmYL4XDGxQ1qGwUeDvfzeGZjhO1MEtVKx0si6EmojqCbaY1PHuXbaFBn_U-Kfjs7jPAu9hEr4YraQLAV8wrnWmUtHP3JSvjRtQCiWbguJrz7qwhl0FVFI82hMMD86wFScjiR8xtjgPkJ0F8S0H9qVkOe52OynESL-r_GPDPND1w9Zy5j7865cf5LobMCOygWXd1DwyN7gyCrnEPMoIX91c6x2sp68RjSRD8AjiF6_bCj_xxhHZ4kCpODw_VRp7Ym-IfH3YujzQLEeRGZrvuCC2LBn5yeU6eKWx9bp5xnk2yyGqW-aJFJAoeiQBA-_PAlJMk854hGx1MHU3Oyba9hvA8D4wptGsjQxOrWspGRg4MHQAySbwmTGB3v8gjdSHxUGQZqESXvJSxV8251Ke7rkf8e21ulIWffpAj8Yd97_PMQgTyk0nnyWRzuEdCBWmADNEYp1q50GmuLwBFPOFBSmPNCt83KgNDPNUTuqdOsqOAZm8Rqk8TxnqCQsu-KRIL9QhAxTn0c6Y4Asr1s13fGfRimjdBcqPcznH0s848tLpv0D7Rasl47nUPoQ6yIesuDnc0ElRuUtwXziy4-YLdfpwow5vrj-S7R21oo_c7Z3Bg2E9WfZEN5LswcvA3dPyiVGvH9VcV5AqBng5n5DwHzl4kFgB6T5JN-Cc5AxHJDsT162q_3CbdxPA2g5jdSx8bHOF_Ianjno8xtU15NT-s22Rrd-azpWqDyJyTuJq9xLdB_ZqXCB0tInvW4fhpqEFy0fX3YrfnrYpUPfDA6SMoca8FodjFjSsccisfmeevzc6CdAPsUF-KWLNTgUA8etI3z5QlCKBZPZA3R2qPctRf5kbwKCnNgGxygs0x8HOS3crLHnyCYTPCPlO_7nR63tgqfmVO-CUPbJNvBuMHhYVrsVs0Wt-7tJW1ZNy1wiO-19wxfk2R2IjbaOTqFce4GpOZZmEIf9TdV5ICynuZ9ib50JzWO30Hba-Apxj_14KOxqfAcfvSqYHlGmqYnCHStDszqMY5C84TrDP7-BMR7TtAmbNuHjB-w_r1rxQKI0HNUB97HaVHYpIYH0Bik72HDxMiwCYKfe8JFNgd778W4ISv31xUliALGGVqyCFQCbK2kXkmWTcz7q9MFnFqhygA%26c%3D43513145%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
1606
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"1295e69d949ede7964200763acaebc50:1679841729.42395"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Sun, 26 Mar 2023 14:35:45 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 7239 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame FCF3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame AD38 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 63DC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame AE6F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 83EB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame BD89 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 8670 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame C6C2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 209F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 0052 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 9BAF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 7CDF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 8476 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 2BE7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 45A1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
obPixelFrame.js
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 493D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
content-length
1004
last-modified
Wed, 17 May 2023 14:01:32 GMT
server
AkamaiNetStorage
etag
"93810123e74a13415e8cdd22e8c62d31:1684334618.682432"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 19 May 2023 07:43:23 GMT
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=ab403253-b305-47fa-a31b-3efb2473166f
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 03:43:23 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
amplify-imp.outbrain.com/ Frame E3A9 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXT_b-O6shlaqjuW9cXqzQ-KN_sNTlpF19bun59OGuR4GRPS_UPhrOusLjyyKxE9r-S2hshbIPbthTk50BSxOtI4UKZ59xY17mLI3PgTFCei9DtWr149B1M14osKKsoEdoPbg84S7sBfcD9DNJKjTwS9AtyClyFM0HZAMjCkZCd_vrjDuEFPSVPBqc7R0WuKTlfXiBjO6MUretnyd1vFfqjT4FBz3Mz3oKBGTnG2rBnCrP7XZwaZHNSK_xWNKDRzLCZummnRBOIfi6uqUTvNrvhKy_lom80DvjJC_EIPYl1IT5yB30fZppF4mI4YEivASWTFSncNd3-JGkkQz9jeO5s_5909mRu0sI7eeTedD_TXyYLRRAM-cRsh7dPnHoCkYfhrr6ga8jM5_aQuCeavVMm3pSHxe72y95NOKsN2a3e9CYVFwG0kiXG-PThmZmGU-qwxF2_l72cV_hMutnEGkLXOtSCwwcs4ynIe4MV0FKvQyQXO0DwoZPYTus7YfQW_b2omF4LnD6qhHty9_-KXKS_XDpljLeP_z63uifQLOU_Cvvh5wv4kTBNwGIWDmVnTgH6Fxe0Q8wmdCxEy84eEQWn4mdsvpTxHVm57AcuzJYsZyheFL62djqZ7oGoi2TQXrGFv4pEAjYkFuWrgNjCj9hkMPukhk0iE48U6E47PElLHYB-tCPvgGXPmJjqHDVq4kksGiEiB2rm1625gmuNGiZvg_sHwhzQwrGCUQGHBzjff3geB9UsN45GfnsiHJDvxVSi3kte8oeQE3thaE34lnoCHTazhnEuQ9zpLordLbAsu3MXWVJWWPc6MX9t2bobuaR-lKcibzAkopTnO6VtTQ3MxTZGuaNuOMJv2SuyWCyy6Or9xGSHaqrBS0GlJbOjwtvPN2XM1ezaIpDNp9vmDXkMW1R0PhRcGLY0W5PzvGG0VrZTbbemIVFNc21SUAAUylyzPMS_uT7X51XZ4IP2pd9-ezhYdISjIbkQiBbyVPE8-j9E624LZNK6ay2aXSUkfPlIVcD4CSmRZ-U1yXbiQmIWcCISL_09Hi9X69RL3XumIpwu_7cpYjI-aU3NrnPcYd8lk1prO-Qas2JUsGtEByMIBqA3WpNXbx6ntgDND7ZSciUc5U9mijVugj_zaoh6jJ0J67kx2TWy3UlNV7Ajv0Mm-eCcNWo0wFGNEtjUasJyI8bUp_AzMua79qx4PTEUsTvroox5j4xL5YC-_ZrQW4zQb2bp7M1NI6YYZ39YWRQWqiLDjcB6LlOwCQ9dlzh_bDNnF6T3PYMBmogA02A5E7Ch1v-ibP65koU4-x7N37cn9_zp6z6jvoF99z6W72MiP16sZ9xT98SwLYytw56qXxIDaQposDNOOrAev4yXszCH7q9yQwGj4txk25yaAof8Sk47A0_KmACd1QiCUOyAeJIYU45kurw7ECkdXRhlzjMleuQbLqN-wap1af6Hetamzc2c0Lwytqw6WfA_G1HFETV0Er-9hUcoI6GRBsnDTFuWW0u6PeYRvg-9FYMt3K6njH5yqwAaRxQpN4PrK-HmT7a1Lw&c=e5cd7fe9&v=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Cache-Control
no-cache
X-TraceId
68e52a1a025748441705f4266b017f9e
Content-Length
53
Content-Type
image/gif;
/
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4e0c2ac8-f5f7-11ed-811b-f9b4293f7415/0.017874/W7EC4F7YGZPVJE63HNK5UOKDXIIEZIYVWMZ5MMFOUQQD7XMJTNITRBLJBBWTZFXIDNQ754MO3AUGEWKRSFPW437N2QFJEHFQ7KNYHB4O3EK... Frame 1D18 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4e0c2ac8-f5f7-11ed-811b-f9b4293f7415/0.017874/W7EC4F7YGZPVJE63HNK5UOKDXIIEZIYVWMZ5MMFOUQQD7XMJTNITRBLJBBWTZFXIDNQ754MO3AUGEWKRSFPW437N2QFJEHFQ7KNYHB4O3EKRQ2JWYZED36G7LP5AZKZBSBFD7RT4RQJZC32XK6BPAJNACWMT3V5I47O6DNC7CYWEQMBN4BWSHFICZO5RYD4LHCNQRCPKA5TMFTH54HAONSOZYQ7C4UYPHHLD2EX5C3I5LQP3CX7NF6KHFHRQKJ5P6WNHKTOVCM4WNSOCRTKEPTL2IM76IJ6QKTFVHP6QLVPHWC3ONTTPTP2645EWMN2WBYX7NZFEMMWBPS2ZGRGSMNNPGQF2GRP6BOVENWOUZAQ2BPXAQ3VELZP5ZZUHWVPKOKQUDRDO3IPQGJ2GGKLMXYUBCT6SRWMGWNHDBWGSXMTUBAP2YDE3PVECE2EUZHTMT3DYXMVN6PIO7GKQ3T3MHUKFSL4UL3TGGROBTEFLJXAQVXSBLVD3KC6JUWKO5IN62CBYHQVFSQRDYLTI7FXJDCCAUDAO323A5BP6ZYOTDOOYMFVCE6MQBKRP3HKQGB4G/?wpos=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Content-Length
26
Content-Type
image/gif
/
b1t-nydc1.zemanta.com/t/imp/impression/64PEZUDC7YRNUI42TLDE7BCF6VP7HBI2IJCBU5AS3KJBOEIZ4P5Y5NEHXDK7B3TNYINPYDEXUEDV5DJEFBGQ6RD2AWYPDUUKSARMECDLYW2OZQILN7GRHRHPHHOEZNGQI2O23W7YZ6W6742RAO26ZXYVUHABG4... Frame 1218 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-nydc1.zemanta.com/t/imp/impression/64PEZUDC7YRNUI42TLDE7BCF6VP7HBI2IJCBU5AS3KJBOEIZ4P5Y5NEHXDK7B3TNYINPYDEXUEDV5DJEFBGQ6RD2AWYPDUUKSARMECDLYW2OZQILN7GRHRHPHHOEZNGQI2O23W7YZ6W6742RAO26ZXYVUHABG4BG6HI6DB5F4N4EUAGJYHLK3PPZK4F63FJDGWYTIJV6KZHDGXFZUBX3SNSX55DCIN73KOY6JOU4243BYJ4LW7XDLY2D2SJ7FZM5WWTBZMGPW5GY2LMFPGGH32YC5GA4RPFQWZS3MQSB7NH6IZJLJXXV7KAUARJ6KLY5GC6R5JVTNHUDRSIFG64HDXNFNXKUDPI7CMCMPBI/?
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Content-Length
26
Content-Type
image/gif
pixel
amplify-imp.outbrain.com/ Frame 167B 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXT_b-O6shlaqjuW9cXqzQ-KN_sNTlpF19bun59OGuR4GRPS_UPhrOusLjyyKxE9r-S2hshbIPbthTk50BSxOtI4UKZ59xY17mLI3PgTFCei9DtWr149B1M14osKKsoEdoPmHmjwOUBPmJLOEbT9H9WJhk0wnQuvuv-gQLc06TybSR_OLpjCGVWcjBt4ZjA-JoB5jXOOPEBd4N8vPL2SaGUsvBSCeLYgvrGiK1XkCGvcATn8CpptZrRWArsED5cTPIVe5YlSFW5p88z2pGaIYXW6ic9FgDiYU1PHIT4OPM1dJu7Eh9oUn1Ny4Sgj46k6jwTXbJB9uyw0u3nxJAIeoVkMziG6ySlumPv9nyPZF4z79gL-9dE9skYaLlTVDXXgWLlgYz1EjR5CgcRvdkbGLsBb_OL9JJ5DicPVTV2nE3z0mo1vmZ9zDVKaIH8PEyA7engs3qWPLKLiKm-aib12OfEolZ0ceYdwSu9cJFae1v13Um2nNpvI0yb0nxy0sHPUsv2OOcF_0ooRexq0TT_zx9F7ayGeOmHNiu0wrXH-EF3-NwlPOuPsztUeMi81AWwOGsId02ghY2xoF6wFOcmvZ1sjG1uOb0IR7S7h1Vr4Jmd2saxZmT8q4nbNM9cE_RmKJ_ITteuQsHyTTSrSuEBCVRx6W_SkM0HxuJ2s5YGNank-RMdmGmxOsk4mRw2CmjaNqK-_lCQmxVAlvjODL6D81GGwQrNlsanAflSyawz6dgdgPswPwMYSGEGQsKrmrxEqmCQKX8moLn8IaycSfF1aK0YDyG4hlH-3rkSae1zdF2BDKxHnx6lUip72n27N0uFMWOQWWHPVDvKgqBxFdNDoZnhA5c7Pwuj7eIoghI2WaiFyguFcH5G_tgbF7z_M-9ReMC_Mzp05fJymCB7ap7kwOcaX-YGgokKLW0iPMTm2Wmrg0g8ZQHin82OjfdN4_lS6XOHpe721o9_6EQxmULF9MBmjBgNdSgfNCgeaMQ8G6xZPGC4rmqZ0mNf0FrDqzLfFtxGPzRpeWHHVHRl9W7yRFjKAWBN7xSFMokssY4jvRcroMulGgb128uUVpIsTVvTN3qMIKGNlSOijRMTUFVyGVI25MpY-jUm9NFm2sM3ZVLmbaYRIHBJN512nX_cnFT0UwoRB0YeB2UzIGivQ2kQY8RnA6Ch9PXxMhGncOGRVn0zHHLa_p20H9jJ9CI_qd_Tjx3chH-JTiJK3XtVcdTb8Ao7mdJEsqQMh_YnlxpwyxHjogZJI9ryBKmHxxnSuwDMtSH8XVTyNnkCqBpKg9scZCnLOlfYoZ4Lbr7J--NVmvVE0XxogeGn2nxktAV4vQ0OCZcKkk_WWv-kc2mwognUqWKl1r2pgRDlWnDIIg7TTcNQtTcIj3UGODtzFFnOBh8gGM34lvJjrKt1DAwiRFc53xOLa076sW2XwJyW_AltVlLHbAWb4ZH9N9pD_6pHljax_KyLs3V72IuKMTM1OQV9UJxufDk1pc7hSV1_TU2pw3ygWohGfLiXMyeg-AJkW8xZwn00ZzQGUqlu8OQsynDrSiyvLHaaLnLnRavqv8gY_LweHi5je3QC4_R2Qc81NajRLR6lUC_nPKhk3wDx1bF95czT72tMJu7eQ583pL_1viWtthc&c=2a6b154a&v=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Cache-Control
no-cache
X-TraceId
32048e985a340615ca154e4d756384ae
Content-Length
53
Content-Type
image/gif;
/
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4e0c2ac8-f5f7-11ed-811b-094e1969a315/0.017545/FWO5V4GGCD4QID5I5Y726KR52UIEZIYVWMZ5MMFOUQQD7XMJTNIZEPE7N4UT42ZKX522WZ6JXVZACQ3EPJJKI4ZA364M7ADYZP3FZBQLFS6... Frame A1B2 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4e0c2ac8-f5f7-11ed-811b-094e1969a315/0.017545/FWO5V4GGCD4QID5I5Y726KR52UIEZIYVWMZ5MMFOUQQD7XMJTNIZEPE7N4UT42ZKX522WZ6JXVZACQ3EPJJKI4ZA364M7ADYZP3FZBQLFS6LVOYP6Z65TKP5Y3TIO6DMP7AMTHH5Z5MJ6YU5HZLZQXP4KRYSBVBAMWR5SAX3INT4PXISAGQIJUVOYMLELIBECOIABQIAC3VW3ZZC6DQKO5IGVLNTI2Y3GQROI3C7POXXKTQOJ2XPGL5BLFQ75SZXV7JLNGRDFLBSOI4T3T2TKP3XHK6RUAUBGQJ5JLCR4AONBTZ6TDVEPXIWY3VTWISOKCRXTODSQSRTJ3OUOTEW36LIFR3YH36DQES5MD2LKTMRDHL4D36IA27HCPBNPIU2F472Y74IXSP6HFJEMF5L3SYRZ6ANNTY4D4WWFXDAAAYBIUCKW7NMGLQPMO463O672LY4RWUZQXINCI6TYXHCJK7SXU2BZF2H5E5DDAHQVNOHUW24LMUMAGEAFETT5ZFI6FQH7DWSSXT6O6CQOSMGVVYEJGDDBD3VBLHKUH45YOJDEIC2TUE6QX5KPKZ5AEJ7/?wpos=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Content-Length
26
Content-Type
image/gif
/
b1t-nydc1.zemanta.com/t/imp/impression/64PEZUDC7YRNUI42TLDE7BCF6VP7HBI2IJCBU5AS3KJBOEIZ4P5Y5NEHXDK7B3TNYINPYDEXUEDV5DJEFBGQ6RD2AWYPDUUKSARMECDLYW2OZQILN7G2BFYYNWCLRS4H762WXX7ND55AP42RAO26ZXYVUHABG4... Frame 0701 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-nydc1.zemanta.com/t/imp/impression/64PEZUDC7YRNUI42TLDE7BCF6VP7HBI2IJCBU5AS3KJBOEIZ4P5Y5NEHXDK7B3TNYINPYDEXUEDV5DJEFBGQ6RD2AWYPDUUKSARMECDLYW2OZQILN7G2BFYYNWCLRS4H762WXX7ND55AP42RAO26ZXYVUHABG4BG6HI6DB2IRCJ4KQJC3G6WBJJOQKIGIKJT6CDA3ICUBC62JUPKXCJO3NZRVBIWQFRMVRBHBL7BIRIUC7JNSYFOERBWU47MOG2LJFNOGRUEWRDRAFU6EAWYKZPRXFOTA2JX5M7FUSP26TIVVLPMFMMRD535EIIDK3A6X77NQWYLLSQDYDHQMSEVRFJYIXJQCMRCGUM6XLA/?
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Content-Length
26
Content-Type
image/gif
pixel
amplify-imp.outbrain.com/ Frame 6274 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXT_b-O6shlaqjuW9cXqzQ-KN_sNTlpF19bun59OGuR4GRPS_UPhrOusLjyyKxE9r-S2hshbIPbthTk50BSxOtI4UKZ59xY17mLI3PgTFCei9DtWr149B1M14osKKsoEdoPbg84S7sBfcD9DNJKjTwS9CCBQAL_j0ZiLbSP0J5Z4Pp2frgtfYh7p9fAoebifuef_Vkrao_HuzgqWwt_vEkd6c7xrZurf6sIpePVoqUnBETpboH8lKWw-eaTz2J_zu5lp9YrTRJhD8yHKiCzx1r-biBD8Z99whOe3Jm3vZPtamvcS320EjhLRQWtxXPwFAcrzjh6V6jb_-F_LkSh00RXytfOzJb9zmHq3CmzB5qTf-Q_HwYfi0YJ3sC2rjJUkzph8nO_PS9yjHg6pf0XceN6pLIJEKwO7vdWEA3wCnJMSSH8foIuyYeB6Zt1agSVAlfxvRHAlyvhZLzVqemGhERJbomx_wLiYLz213_C7ehLoiwEjkZMkfm5CQY16MEvTCNWcMyN8TIv47twRVzrQpz1IKI4tq9uZV_Kj82tYh5QGnVtxR-ENUq7vfW_-A8JbVJM4oeglSr_Dtw1RHqnttcek-4tR8k3UNgtRaZU2FXZQWrBD4Aucb6WJTFNggHhtViY9lEVT3BQ6-3Yj0stPHTojtJLC6WFdvKe3qe5PGg1dorJiRdI7zJfGnWW9YbbDNB1wuenlVmTYeazLJLIjp_dRp7efmyCT8igOl9SeE0VtUvAnZSxkCU19x7-bVDJZRe_OLVs-n9soX4BEgH4flkAx2gs4sitSwKqZMLy3aXv66yqPB9fi7expbjY7eVqoXs-RnRCU4sL7pP1n-pHi4pqYznMdyZSL5PdNLbgPSLjuO1UX6hWp_OlOUfTdIoPj3LlgiTSgIy3As-amTKCyb1Ug7ewC5nbaPzDSoCpgmiuOIk3zVico4K1A5Pn0PQsz3rf1ajulsEgEJ_5SR_q6MPsXCxSLe8akKrXkjZvejOHSovtvypwiVEq91euvFXqKburTyDE6xQc1ECxzEtrGyH3iRnX6wWTZMa8QNBKJro-44Fd3r3o4zTq5LWgKM4khGBXDNmd9bWJmkk1IE-D9NQY9OCWDjaN_JFaJmCpkhKhiEYndJtujU6AAyEdUdfJ0_KD7m4W3eDpj5vq_TEo18_meAITzUgtWqFVq-kuxzNJVX3D-D-HCtSPfotkHQGQUzW_CWgjGrp-k41fzWlbJEANYEBgTOWhaKoATluTE9lcBtdBTirPx5HwT1HL9dR_LQjM4rB_ZwZ-c1CQnMY0sUWPXUznZjXKwptZqs9-rHt_Y2Sy_ajKRbqKVBsEHmjzjMfzhF_TVTzGvqWoz8oYt8OU9TaFgSAXZ39wpU6bBfOij4LF_rULgRmdKEJOrnHLnhCepCZ5V5fhlzIVS3MfM22hn1MIrrkTv5MHKw8yHT1y30xprPkWV-YI4E9-XifiCrf7FxDyUtophqN_gDvI7A9qjliCeLk7Mkn_kU1nLepyG1RBv7MsMrYedh2EHgP0ETUC0OMDdJdDTKkmeNLtxnHNXQ&c=8a82fe97&v=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Cache-Control
no-cache
X-TraceId
ecd55352a160dc092e1135734616d54e
Content-Length
53
Content-Type
image/gif;
/
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4e0c2ac8-f5f7-11ed-811b-bbaf09058515/0.015448/27EYHZENDVGZLJPWAFDJ5S2ZY4IEZIYVWMZ5MMFOUQQD7XMJTNIUVK7G36BZ3PH5R2HM5JMEQ2J3Q6PP6SZ5SVQJVZ372425P5CY2FCHQ7R... Frame 7239 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4e0c2ac8-f5f7-11ed-811b-bbaf09058515/0.015448/27EYHZENDVGZLJPWAFDJ5S2ZY4IEZIYVWMZ5MMFOUQQD7XMJTNIUVK7G36BZ3PH5R2HM5JMEQ2J3Q6PP6SZ5SVQJVZ372425P5CY2FCHQ7RBA546XYLWPPARN2BMEG4GPX4HH5Y3KWXTMU242YX2TTNJKPGEKLWIWMIHMJ6ZUHIXNACSFED5Q66FNDKHEPAULLPKQK7UGVCSQDYK4WJ6TAU67SGMXZWQGIQ7D5EBXTLFDTKXFOSFTOP6GP25NDN7ETQCQF4Z6YXWERBB5IAX53NBCK5ZV2RMWTWFR5QMS4VYQW7ZBUIZUWIVO6STOVATERSUHYFP7ALNGXBOV3L5OWEMOLWDD2TU47REHJFISV6CIWO3SGRO6SEIYWOWGOYAYJNFCPPDA5QQ5VJ4TO3GE23APCIALWYSV2EDAOXGUINFYNYHIWQUGN52SQTCTOSW5SAMYQFGGLAPR66ZSKFA5VB6FR6LAV3LG7GKTOS5PYKYVO74ABZWG665T3MNXNYMQW76ENF4AMV6XF7HQSOT7WGOWEPSYU6RWTKNNHVYAHTJDPAXUQRPJJ6PNBO3KYDN/?wpos=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Content-Length
26
Content-Type
image/gif
/
b1t-nydc1.zemanta.com/t/imp/impression/64PEZUDC7YRNUI42TLDE7BCF6VP7HBI2IJCBU5AS3KJBOEIZ4P5Y5NEHXDK7B3TNYINPYDEXUEDV5DJEFBGQ6RD2AWYPDUUKSARMECDLYW2OZQILN7GSNJIN4EHK2GWOO455LBON3DLIZ42RAO26ZXYVUHABG4... Frame FCF3 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-nydc1.zemanta.com/t/imp/impression/64PEZUDC7YRNUI42TLDE7BCF6VP7HBI2IJCBU5AS3KJBOEIZ4P5Y5NEHXDK7B3TNYINPYDEXUEDV5DJEFBGQ6RD2AWYPDUUKSARMECDLYW2OZQILN7GSNJIN4EHK2GWOO455LBON3DLIZ42RAO26ZXYVUHABG4BG6HI6DB2OF2LQAVBPWF7XJPKPFPTM2IS6YVAUOTTCXRW5CGGBKI45STTSPNDCIN73KOY6JOX7MVXJDDJU5YVDLY2D2SJ7FZM5WWTBZMGPW5GY2LMFPGGH32YC5GFCERLNWN3DCZ5D7LMFXAYRDQWV7KAUARJ6KLY5GC6R5JVTNHUDRSIFG64HDXNFNXKUDPI7CMCMPBI/?
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Content-Length
26
Content-Type
image/gif
pixel
amplify-imp.outbrain.com/ Frame AD38 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXTnRmCGttD5sYBDbJJdNY_b9_mgWzYKdhy2hR15CZboHwxGkcHffvuFz2059BqivIH1SVpcu2SJgeHUxbeARKMtQTnrw8ZXSeHi_hoj0x1VGl2dyh3SnGNtixoads2aHOIKmt_i6WIz32h833JdMWqispUzXX-wObvG0T1adf1vHOYNlt40-UPLq-l-4EMTCxyfC7ekJbWyx4T5JkbQwtzY5fVSHLjFUNzcCTP3MOyUsktg6cbwPKj7sdu5cgl7TUOiL9UsytJEfzlif0eTIXzIuTeyoZJ42gAZq5KczKCP0ez_wNUmeje6G6aVa4_G9ZIjUcFFcNj6Kbh08Vt-u10zwm7ped8pZxvUDZAwubnPUAtJx6F_up2zfnJbULnVrpViVaJZvIPdGYeNP-XyvOw-Xidkw2tRnZjlZr2volqR46e4AMS3yqwA8AZlOxaKcY7kCOkCyIkv3yLxtBPBmsCvRdpzfo6f5Sg9-pcZtt3UP_gltbpfWR5qWh7-qgAtJh58PZQXhP8T1q7GVwOrDd-ee3o03Kk1qWNJYcTRVcT27FX3doV9RwKnF46O1oIvQ6CBqnXUuUF2prdIIx7c6-DT0kUNZA7ym76vaQubiwZjsUBT1ZpAGnH4RBPD8PgH4jOz52VhuJlrYmWw9e6pHn3wQsFwLgpaItAWO0TObhL-RfwU7eNgeZyAjVVD0Rq3FQsbUCUKDhrneaVrmgJh0n_sRiAot-gF72ipaGr35o-SeGVYz2lmB5efKv1hFnGQuWrmx7JGNyWlB9_FUnsTQdYAqOPQZl4LEZKVIcDG3SDF-95xaPPHISgMG_NOjjlApWCFRkqtTeZPMhb_vWLmAEz2sZW-P6zdIei85Fq_LJnyPFt84A6KhlK1QRdooWc5-HzJaWCwDs82fqducopOeehu7ZKFraoHljo3AEVh3yfOulOAU6xhLgAypFCsm2KdP3C853tu8kyWSfmO22CXqzaPnzB_tvmZtc29Ccgya5n68rkmde_z9YAsZ77RpwxJSQOMKxNmOdfv8qAlQeo6l1AvTe2ZZUwXiivnNRHfC5EHtyJJK5m_hQpfurM2I1aXxwHvmxE7j0ZdQ00OK-poaMlRgN7OeOL48CN8uqDW7T_dNfEitELyaZ_p6bM96uNYxgSjuzBDEuFZDJLi46c8JUu7PrEvpXptV5wH8hv_j7AEa3Hy6vtwUHHZLmoxGFDrdRLPu7lYyVUoN9oUXitSzq3TeBJQM5WCbcCL1NNlA7JVBFNuE3Afo525CLkZrT710FiduMHboqIt22olQUOXS9oagM3uLLuGOMOdw1zYer5SkRitdNUkl2tKsFXwHIqiyZOx0qqjgO4PvUJIsurDskAucEK4N66isn5V9K6rvoSqAkTBjhzAu10oTHJIU7OD7c_jlE8XUfkV37c2mQRbM4b5-gdZmxzw3h08HPldQwlzp_2NNE1sOMmH0ZXzRw5I49wwRx91EU1KPdbC76i3nll4N7OKgBIXG4T9vtKRLVmeDuArYRnc4zN8nh6B8p8JO4wYTSTzNX0szPm1y1q273D_A&c=29f925bb&v=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Cache-Control
no-cache
X-TraceId
eccaab0aea35898aef769293c2de1f5f
Content-Length
53
Content-Type
image/gif;
/
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4e1f33e0-f5f7-11ed-b685-23074978416e/0.015679/FWO5V4GGCD4QID5I5Y726KR52WOC5BZ3SO35B4NOUQQD7XMJTNI7GP7BIA5A2DM557T5FU7HGSPGY5RDQE3XEBHDSDC3RXKCNTAKQKRLQP6... Frame 63DC 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4e1f33e0-f5f7-11ed-b685-23074978416e/0.015679/FWO5V4GGCD4QID5I5Y726KR52WOC5BZ3SO35B4NOUQQD7XMJTNI7GP7BIA5A2DM557T5FU7HGSPGY5RDQE3XEBHDSDC3RXKCNTAKQKRLQP6VBY2FY3SKZVCQ7HDWA6P4P2KUQ5UKP7LP6U242YX2TTNJKPGEKLWIWMIHMJ6ZUHIXNACSFED5Q66FNDKHEPAULLPKQK7UGVCSQXG5JYCMC7BUCWGMXZWQGIQ7D5EBXTLFDTKXFOSFTOP6GP25NDN7ETQCQF4Z6YXWERBB5IAX53NBCL5A6PFQEISBRMCRBCFOYR4LQBBXCEZLVS6YL3OAKCRXTODSQSRTILWGMOXI25EUOV3YH36DQES5MD2LKTMRDHL4D36IA27HCPBNPIU2F472Y74IXSP6HFJEMF5L3SYRZ4NXPPJBYA7RZR7HTMVBE5V3U2B5GGU5HOYAEC2H2LY4RWUZQXINCI6TYXHCJK7SXU2BZF2H5E5DDAHQVNOHUW24LMUMAGEAFETT5ZFI6FQH7DWSSXT6O6CQOSMGVVYEJFNIPXHCPCE7BIZDYXLB23YCL7Q6VW5JD4DYQYML/?wpos=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Content-Length
26
Content-Type
image/gif
/
b1t-nydc1.zemanta.com/t/imp/impression/64PEZUDC7YRNV546Z6O4G7COCFP7HBI2IJCBU5D2NTEY4PIIKB75M6XSKEGM4LH2PS7RVSQLR52PTIJARIEXO2IPCCDZBGZE2Y2ZZBNKFBFOMEPTKYFLL3LRE5UOX33RYL7ZC6BCBUP5H42RAO26ZXYVUHABG4... Frame AE6F 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-nydc1.zemanta.com/t/imp/impression/64PEZUDC7YRNV546Z6O4G7COCFP7HBI2IJCBU5D2NTEY4PIIKB75M6XSKEGM4LH2PS7RVSQLR52PTIJARIEXO2IPCCDZBGZE2Y2ZZBNKFBFOMEPTKYFLL3LRE5UOX33RYL7ZC6BCBUP5H42RAO26ZXYVUHABG4BG6HI6DBZ3CBSPKSRZBMN2SVGOO74KU6MQQAIGNKAMYH57BEN6PIVV3YORIUSRNINGOU6ADLHP3YLWM2E5MCMOERBWU47MOG2LJFNOGRUEWRDRBT6S76JKNPGXSP3WGVBCCDVYRLGF6AQD7A6D5LC4FVSDACD43UB3TOZNLUW2RA3VOFQTCDT4PVQQ2HCMCNJ6MKRMKVDAIUE5YANSSH2Q/?
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Content-Length
26
Content-Type
image/gif
pixel
amplify-imp.outbrain.com/ Frame 83EB 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXTnRmCGttD5sYBDbJJdNY_b9_mgWzYKdhy2hR15CZboHwxGkcHffvuFz2059BqivIH1SVpcu2SJgeHUxbeARKMtQTnrw8ZXSeHi_hoj0x1VGl2dyh3SnGNtixoads2aHOIB5fzvfvd5da6s8qiPmP1uDjf0pIdj9Dd0qsls9UnlOiEIaiMYoS-BVWWm8opLIjV6GhAdxdZ0Q46Ew49diNjQImIHeOVMex5myaxdmJa19UqfczdUNOIHsclYSG9WNIYOq1QWrt0kV-T_iHfBCT-Y7rIpYog5UX1AyrM9QFCTVC7XspxUc69k21BggkZknQ3GOMB6Mk5M3Md__RtTgnc2HAB36jmfVMU0Z63ZCDLhNAU-bXcEECNG_SyP6vDf0D61hsIhcf_iotSxq2jFzBto5D0PYobldOX8hu6ylQh8CKDIoJCMWLdYC392MNmcT-T4tgHKqegwQG8M69CXAT5uCsuOUChKPkZm52WZnebFae4fK0Y8JXUmOhf1q5STDpE6XeZMTEq2au-WkfMsi74f5mOLAQhnn0LJzZq7cakJiPMbfwi6_MnmSlg-hEQUAYIiaz73BLvMeZVVnr1OX8RUWOsFSgUAArPGnu1ZKd2QdekkJZQYT_6qGhOqproJLx_DkG_DcD4SVFBCPXXrnICPPzAaDIYFltj1ji5s_5-ljSqAC65TmmGXS3kUllj2mYIijJG1klhA_95FMPa5v3q_Wcv1jJdF3AI0LhCe6d1bM11p1eEVIr8jp0IcGcpDmy3qWpT_FikdXfXPI9qNneKglAQx58FvtKt22cY-9a307EGWbTjmCORch_iszm2eqUf-oAwCI4DFXJRqzQ2aj70sfSrPTFOAVmTm3Mx8Lv-A-JWH3NDgeeRExBpV3eZI6KB3brrM_J4ULYgtpw20-BDN5eKESQuWAm_MbCtXPMATKRxPEcraIzB0sT6PNv71uxhRPlglakUY9w2qRFEJ-4LkwRuebRBVz3QVmb2baUuZ_TVDWI4H_G4flZeTYgiDdllnOmI6Du3NVSMmziqF4NYRP8dHNoKorFFQJQsOX8TMVPYAkRwQ7w6eRkW8RNkGTuemWUO623PLWdq8oCP59hSAUTrVqHYg2Vh2rlBecUe7PSeySCn4U81Hu9Xi-Mkkmx-HdIbZ_CgT28oauiz7FaOZZR3LDpK7jnN4UW3h-Ghyod1lln6FOSvUtsLiHDIf91wmILaV8OW18zJkuqrnyw1-u5EVY76dbkQ8rLic-K430XqiKEXRLEs1jjToVwGIzdfTEiD1oYDxO3K8M3vR5konsjoc5egQw_x9087KwLYdOgpMOOJqbdzhpxbt8MXB2ewNObe7ZhkJ6tKE2WO2lRxA46-jUHGFOZYYnt4SabZPxAez_HanJDeAQB-FLCcZG22sReki24iGcBx8WxjB6RFy2uAlCH_zyru7iwvMXhcR5LC3GWezFeXL_JSuetZZjUPbzIoUURg_duRLGMOBVv73rbP7ndZ0HRO1x7z2LyPxdupJeHPLD4TvjCjZPlLfWzoY_5RIn1gC_OJb7E7wTzV_A&c=fc955886&v=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Cache-Control
no-cache
X-TraceId
1ee73af63714d420e606be30c25ce854
Content-Length
53
Content-Type
image/gif;
/
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4e1f33e0-f5f7-11ed-b685-78aface3f76e/0.01363/FWO5V4GGCD4QID5I5Y726KR52WOC5BZ3SO35B4NOUQQD7XMJTNISSAKCEDKJUTTSBJYVS7KVXMLD76B54J5NTQYLUUAZL5P3KWSTQQDP4ZUT... Frame BD89 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4e1f33e0-f5f7-11ed-b685-78aface3f76e/0.01363/FWO5V4GGCD4QID5I5Y726KR52WOC5BZ3SO35B4NOUQQD7XMJTNISSAKCEDKJUTTSBJYVS7KVXMLD76B54J5NTQYLUUAZL5P3KWSTQQDP4ZUT2PGIYJQEERQA4XSHLWFDGE6XZCAOLNI4UU242YX2TTNJKPGEKLWIWMIHMJ6ZUHIXNACSFED5Q66FNDKHEPAULLPKQK7UGVCSQXG5JYCMC7BUCWGMXZWQGIQ7D5EBXTLFDTKXFOSFTOP6GP25NDN7ETQCQF4Z6YXWERBB5IAX53NBCL5A6PFQEISBRMCRBCFOYR4LQBBXCEZLVS6YL3OAKCRXTODSQSRTILWGMOXI25EUOV3YH36DQES5MD2LKTMRDHL4D36IA27HCPBNPIU2F472Y74IXSP6HFJEMF5L3SYRZ4NXPPJBYA7RZR7HTMVBE5V3U2B5GGU5HOYAEC2H2LY4RWUZQXINCI6TYXHCJK7SXU2BZF2H5E5DDAHQVNOHUW24LMUMAGEAFETT5ZFI6FQH7DWSSXT6O6CQOSMGVVYEJFNIPXHCPCE7BIZDYXLB23YCL7QS6BIIFPIK7GTW/?wpos=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Content-Length
26
Content-Type
image/gif
pixel
amplify-imp.outbrain.com/ Frame C6C2 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXTnRmCGttD5sYBDbJJdNY_b9_mgWzYKdhy2hR15CZboHwxGkcHffvuFz2059BqivIH1SVpcu2SJgeHUxbeARKMtQTnrw8ZXSeHi_hoj0x1VGl2dyh3SnGNtixoads2aHOIB5fzvfvd5da6s8qiPmP1uL3JUzvU2mECQlt1l_563ZLBZCC6Kq5EhGle2I7frcmIBtMioTDUwi55BbpSfxWSLI0yzLmuPlNQOUPtYxDDRI3Qm8fJyFEUa_0Zaz9-wUzq-WVfcRhMgS9AXck00pzhRWv_pMr13WFOisWcaE2ooCCSNkVfnFRVyfYzAchtYhpj0PbgbyCe7wNKY-Ow92V4FKxkA12RriYQBp78ux0qDlJ8kUlK5GDSNJZzfOuPDHOZl0juFNXUjc5ahaT0mOkMdvs8PWtvdkr0U7utbWhZUFc-ZPQZjF7isBhy_4tZ6wy-AhwAR3joK-Wtu7yqn2R8Kv2FD8kLcuvXEiucNHXBCNCZD4nUcqTD6Gy70IoVb6Y5Cifp2pKvicGLV80u1h2-m4C6zALlgt7H5SnKx4y4YMi_BoO7f_z_h_gYzDbsfvdP5l5V3_QMdT5xif_bbhoyxfRcLB74fgh5xFxRAEPadVWmgK3RwBMRZY2alWZd8pobYV-z6UajcuKP3Ae-D2_O157s7UVmOJZQ0krNNpY8zYMk5TPir7g42ykKDsx1Hd2_hj4I6f1DumOKR4md7gC6aX4FZIY16y0FPMfbuEj_Dozeks-g8zhstBafyHw-R6AMJKap09II_an5z7ZYyvyNsK9rY6nEpWJz-D7Uy9vN9ABFWHRdhwI7b4YPRw22MvCkW585HX9OihxehiLAcGA0Jh4AP1clJa1_i9WUuoDOd6QG-TiArE4wiDXJT1lh7DN6VZc3xVrW5PGrPLSzrEbHQn7_7u2XlV1x2CeIwTUtyvKyY416SXQMVxVZBk7IZK9eTudIgnbwfPpWmwpxdGFC9kLHNpIo3Y6tg_bxIuST_O3-XYe_CgmeHQuK-VDhWshBYXwtmaIssShUgRjKCMnwEMkKHkovNtJuGuAnyzKYb8DvJwElt54qz_29ivcK1RmnSUHv0OKoNHp9ALDpoFIrPbd71O9jH2n4F74WsoGQT_UzxHlPF3kWrAzT_DmU3uT_bbXDvHFgkZs_Oh4klFJ9AsLuGIyVixhC3ckupSGhwz0FqIHPpwr6M_pyQLdC49CESeG6zkAeFNa5865yOq3nQTc72zBMNASZcLZHNQaQeKT22AQYotav4_krSShe7mU8o90Zb0X7WWtSp3hcAfUveu8YU7qCigXTHDJQtY3wnI9cpXPJC5GXj0C-QZQm_NnryX7OHkKcw-WhA4fQxc9QZybAlkQFEek0ZAvuWWbh8vm0uWRlkkcpGTJP3kab98HR6oab_UOSGF0tBB36GLAECcrQV_OA8P2PIwyKgtyzFjIMpWZyqNaAMUQNbkFQ2UV4ROfvGtcbNCqnHGWxBHXstdXCgRwF0zum7GTl5RaFPV8Hm1PY_2Z4MvRqOTjntyC8XPJT0D3B1dJn_XSTzXrMQw&c=75535e14&v=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Cache-Control
no-cache
X-TraceId
9c5164efbf6471108540ed3298c280cf
Content-Length
53
Content-Type
image/gif;
/
b1t-nydc1.zemanta.com/t/imp/impression/64PEZUDC7YRNV546Z6O4G7COCFP7HBI2IJCBU5D2NTEY4PIIKB75M6XSKEGM4LH2PS7RVSQLR52PTIJARIEXO2IPCCDZBGZE2Y2ZZBNKFBFOMEPTKYFFYRGQQOE5WVSWJVXRHXX3XB2NR42RAO26ZXYVUHABG4... Frame 8670 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-nydc1.zemanta.com/t/imp/impression/64PEZUDC7YRNV546Z6O4G7COCFP7HBI2IJCBU5D2NTEY4PIIKB75M6XSKEGM4LH2PS7RVSQLR52PTIJARIEXO2IPCCDZBGZE2Y2ZZBNKFBFOMEPTKYFFYRGQQOE5WVSWJVXRHXX3XB2NR42RAO26ZXYVUHABG4BG6HI6DB3J6XFWPHDEN2F77GFLTXWLVNB3HYBDRLMZSV62E6XQ7EZZ5OQVKQSRNINGOU6ADLDTNQY4OBQOOKOOERBWU47MOG2LJFNOGRUEWRDRBT6S76JKNPGXSP3WGVBCCDVYRLDLWT7TJQTWQQWMFVSDACD43UB3TOZNLUW2RA3VOFQTCDT4PVQQ2HCMCNJ6MKRMKVDAIUE5YANSSH2Q/?
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Content-Length
26
Content-Type
image/gif
/
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4e1f33e0-f5f7-11ed-b685-c213a69eef6e/0.012471/FWO5V4GGCD4QJEH733MOOPD3ZGOC5BZ3SO35B4NOUQQD7XMJTNIVP3EYPUIQBIC4FNF5IA7IUSXXG6OTXJNJWHSXDYCLKB5GNLTAHY6E236... Frame 209F 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4e1f33e0-f5f7-11ed-b685-c213a69eef6e/0.012471/FWO5V4GGCD4QJEH733MOOPD3ZGOC5BZ3SO35B4NOUQQD7XMJTNIVP3EYPUIQBIC4FNF5IA7IUSXXG6OTXJNJWHSXDYCLKB5GNLTAHY6E236JXIPVZDZ3VULVEUQ375HEOCGHFCYPQ3KB2U242YX2TTNJKPGEKLWIWMIHMJ6ZUHIXNACSFED5Q66FNDKHEPAULLPKQK7UGVCSQXG5JYCMC7BUCWGMXZWQGIQ7D5EBXTLFDTKXFOSFTOP6GP25NDN7ETQCQF4Z6YXWERBB5IAX53NBCL5A6PFQEISBRMCRBCFOYR4LQBBXCEZLVS6YL3OAKCRXTODSQSRTJ3OUOTEW36LIFR3YH36DQES5MD2LKTMRDHL4D36IA27HCPBNPIU2F472Y74IXSP6HFJEMF5L3SYRZ4NXPPJBYA7RZR4YHF3JNU6TSRRJCUB442DSAHPLEMPNDINOBWEYASM2IT57DOTFHVASPZOTCWGT5SZGHNL5ON4Y4ZHTNHWRLBLTFGWSTMPNCWY23IDLCVZE5X4SXFUX6G2YUKHKFZP73WPTQAT2UN2HRLGOTN7DG7P6NTHQ/?wpos=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:24 GMT
Content-Length
26
Content-Type
image/gif
/
b1t-nydc1.zemanta.com/t/imp/impression/64PEZUDC7YRNV546Z6O4G7COCFP7HBI2IJCBU5D2NTEY4PIIKB75M6XSKEGM4LH2PS7RVSQLR52PTIJARIEXO2IPCCDZBGZE2Y2ZZBNKFBFOMEPTKYFF646ZQENLUCUF6UR5CTD6ZNRQR42RAO26ZXYVUHABG4... Frame 0052 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-nydc1.zemanta.com/t/imp/impression/64PEZUDC7YRNV546Z6O4G7COCFP7HBI2IJCBU5D2NTEY4PIIKB75M6XSKEGM4LH2PS7RVSQLR52PTIJARIEXO2IPCCDZBGZE2Y2ZZBNKFBFOMEPTKYFF646ZQENLUCUF6UR5CTD6ZNRQR42RAO26ZXYVUHABG4BG6HI6DB3LOYOVC6VGI2KZZOSB2LKHGMSJYRQFLTV6QDMYC3VIYNBGIM3BKJDCIN73KOY6JOXJGXOB6JTDSAXDLY2D2SJ7FZM5WWTBZMGPW5GY2SIVLKIE6LBTSRV4MG3OS77U2NUUH6Q3RG2DFVWAUUSYG66VEQN7VG7UZZUZZZ74V66WPNGJE6GFTMWIPPEXRVANBTQ2XVGLFJDUNH2Q/?
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:23 GMT
Content-Length
26
Content-Type
image/gif
pixel
amplify-imp.outbrain.com/ Frame 9BAF 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXTnRmCGttD5sYBDbJJdNY_b9_mgWzYKdhy2hR15CZboHwxGkcHffvuFz2059BqivIH1SVpcu2SJgeHUxbeARKMtQTnrw8ZXSeHi_hoj0x1VGl2dyh3SnGNtixoads2aHOIB5fzvfvd5da6s8qiPmP1uE2tR4K4lijU3jOjVh79fUks1j5LZgr5cI62Ym4rqlDgqwmSiuM_tK3D8TqbYwHUiRjwblxhPf5m2JfsHHcrpeO61cqqJcHesFS3cdMZeZiYwXUYoWLu-d02xxyV3zQYvS2fLr6JN7LMFkqyZ9ZtkeFAmdoVCnmqd9UlaeRUPW970zq3_5sRSNkg9xCr1rL8SICbeYhTqUdqQnl0GqWhtB9QLc6L_J8OBPNgca1ERT0SRx3VB4TUMqO_tEF5c8h6_wV8cJLYzvNtfQ9GNGYbheZqwDzCMapl-c3Z57F1OYsEjApxT2_blxizDGdFx4a1vyu9MpEP80OKtX-jxuQ0FDoeWkTiHTVux_OMo9wl6LSvHChvC0UYp9H0ZnQ9q8R0j-CCeD-xd6NEi34zgLub7jBYKPVAw4mXRBaQP4Rb6Tyuh5zW8PXD3kmb6cPUQaiTbqQXWqsxGO347-fg7Jf0GfULhV5AHuiidWVJSGbkXTqg2U8diRyKit9nG_v2LgKeZsloz1AhZuXRdxfqvAq8R7XMck1_I2S1NLCaPnuRA4hDEg_j5TAR_0mBKX7P3lvpxuvwlDdfryqz0gr5iqleSZyBLVKYTCP4PNsInZG0pCTRh-KXaGvIYIp5kNIOF6RhMWa65oFH2SnDqOBYnCxZ6A1nlPmBZ5g_jI9rihluRkgv55jOnrV6dMJJLpjTqWeLAIAod2eyWymu-mFE8vdt5xrZBkWZ6kVCxt4a6fDnZN_QX7pVJrHShkKaVj-InRUX-O5R1QUl0CNq0E3ONbRoqcv2uQDTfxZvUMxfIiE5Pqq4o-pktZB0ZHR7JujaJogwkDU5Mdcqg-op5p7suJ5Wz4dRWsiYFgtxKUaeef5fJnc1nD4zu63pm7Ww2Gu1WBvb9cXGhp7TAu4TsUpj9AvKy54FqMqrZzMNZtehJgfdSb5DOzDQPdg4jJsZ0u0S9S0kp9p4bih7kAX7e5eGaeYz5QdwG49_CejvL9d4kpHBg2Kc3WiSnIWcCdnOTKPE-ufe-D__SE9YuJ5NOlniAlK86RC_2-o5oyG_kYiOdUyw-riAii_coAcdecfQ3eS4gxFqUU2g6j5HQ8tJb5LnvRe2rOqOL0pruSmr5CCK32R3wp80wX_J6OiHXXTGcIIP5VumtGXIpRLY0iiU8VP_TWH_hYGp5TPYL-zV0qI3ob1I1JY3kuW4NzcYXitb2R696alGlXoxGVJhmeaFPo1Lpam4U5PLvM1vbUtbpMjIlxmYmPTqTWu6X-h6yf6wabeCyFonRjwT-x0BzAk1dfqGAeq3unwTBJfnjqblTd3Tev5gMeMsui9Flb1rahaJ040WV-IJA4BoIX61PcXgx3WiuhJFYi9op_snNaZ_p5LgWgM1eroC1NqgR7Drrw-qb3JDMtZdVQ&c=2d41f3af&v=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:24 GMT
Cache-Control
no-cache
X-TraceId
b308e1b572602199daaf8d343c522565
Content-Length
53
Content-Type
image/gif;
/
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4e1f33e0-f5f7-11ed-b685-2f23ebec3b6e/0.010907/X3SQD7BK2RHR3P2I5YMSEULXF6OC5BZ3SO35B4NOUQQD7XMJTNI7GP7BIA5A2DM5NYCMP53ZA7UCFA4SLU6DNJT4PXTKUN7BDJDQC2NZPQA... Frame 7CDF 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4e1f33e0-f5f7-11ed-b685-2f23ebec3b6e/0.010907/X3SQD7BK2RHR3P2I5YMSEULXF6OC5BZ3SO35B4NOUQQD7XMJTNI7GP7BIA5A2DM5NYCMP53ZA7UCFA4SLU6DNJT4PXTKUN7BDJDQC2NZPQAZRP6HU5JRDFUYM3RWFLB5UUW2MB5632F3Q32XK6BPAJNACWMT3V5I47O6DNC7CYWEQMBN4BWSHFICZO5RYD4LHCNQRCPKA5TMEHZKZTD3SCRJXE7C4UYPHHLD2EX5C3I5LQP3CX7NF6KHFHRQKJ5P6WNHKTOVCM4WNSOCRTKEPTL2IOQTAQVCU3SRHL7M3HHKAH4BBCAFASM2TSSVTQ7LSSF7GPMOMYX4VO76JZOE766HMQ73NSQCPEVXXFFFS3JNHLJAAHH7C6SM5IUMD3VHBTH227UYBUUN7J43IWFMZFQFZE6EARBKVSH2ENWCJUU34NOMVOPWREGCGHI4BDCGRGXITFFIXGCGM7T2W5IL67HZNJ47MTF6V2DSZUMEVEDREX7QDIVZ4J2FH3IFJIKR77VUPH4DBK4ZSD43SA2FKN6UDPYYO2BZHQMAH3DNGAJ633FGMVAKBFYQVIHWHQRHIPVAZSZHV3MAI/?wpos=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:24 GMT
Content-Length
26
Content-Type
image/gif
/
b1t-nydc1.zemanta.com/t/imp/impression/64PEZUDC7YRNV546Z6O4G7COCFP7HBI2IJCBU5D2NTEY4PIIKB75M6XSKEGM4LH2PS7RVSQLR52PTIJARIEXO2IPCCDZBGZE2Y2ZZBNKFBFOMEPTKYFN6SEOUZ2SFSPX7H3STTZCBHVI342RAO26ZXYVUHABG4... Frame 8476 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-nydc1.zemanta.com/t/imp/impression/64PEZUDC7YRNV546Z6O4G7COCFP7HBI2IJCBU5D2NTEY4PIIKB75M6XSKEGM4LH2PS7RVSQLR52PTIJARIEXO2IPCCDZBGZE2Y2ZZBNKFBFOMEPTKYFN6SEOUZ2SFSPX7H3STTZCBHVI342RAO26ZXYVUHABG4BG6HI6DB7IBS6GFCNYGNX75RXCEAKOP3UVOEUF3WOAXZNYNWFYIEJZYIRGUCWDGB6EWPRA7DQNITG7OSOJNTN6ERBWU47MOG2LJFNOGRUEWRDRBT6S76JKNPGXSP3WGVBCCDVYRLAB247L44KRNXHAUUSYG66VEQN7VG7UZZUZZZ74V66WPNGJE6GFTMWIPPEXRVANBTQ2XVGLFJDUNH2Q/?
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:24 GMT
Content-Length
26
Content-Type
image/gif
/
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4e1f33e0-f5f7-11ed-b685-dabebdfc186e/0.010819/FWO5V4GGCD4QID5I5Y726KR52WOC5BZ3SO35B4NOUQQD7XMJTNI64XETPPOJ34KPLKVA5NA6MWXX2OYLYV5NTHMS27MHP3TUMAAVDLJBWXU... Frame 45A1 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/4e1f33e0-f5f7-11ed-b685-dabebdfc186e/0.010819/FWO5V4GGCD4QID5I5Y726KR52WOC5BZ3SO35B4NOUQQD7XMJTNI64XETPPOJ34KPLKVA5NA6MWXX2OYLYV5NTHMS27MHP3TUMAAVDLJBWXUAB2IUTQ7AM4PSAERQZZ2Z26CKGKRGT4XKWU242YX2TTNJKPGEKLWIWMIHMJ6ZUHIXNACSFED5Q66FNDKHEPAULLPKQK7UGVCSQXG5JYCMC7BUCWGMXZWQGIQ7D5EBXTLFDTKXFOSFTOP6GP25NDN7ETQCQF4Z6YXWERBB5IAX53NBCL5A6PFQEISBRMCRBCFOYR4LQBBXCEZLVS6YL3OAKCRXTODSQSRTILWGMOXI25EUOV3YH36DQES5MD2LKTMRDHL4D36IA27HCPBNPIU2F472Y74IXSP6HFJEMF5L3SYRZ4NXPPJBYA7RZR7HTMVBE5V3U2B5GGU5HOYAEC2H2LY4RWUZQXINCI6TYXHCJK7SXU2BZF2H5E5DDAHQVNOHUW24LMUMAGEAFETT5ZFI6FQH7DWSSXT6O6CQOSMGVVYEJFNIPXHCPCE7BIZDYXLB23YCL7QUCPTIED6QTWDB/?wpos=4
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:24 GMT
Content-Length
26
Content-Type
image/gif
pixel
amplify-imp.outbrain.com/ Frame 2BE7 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXTnRmCGttD5sYBDbJJdNY_b9_mgWzYKdhy2hR15CZboHwxGkcHffvuFz2059BqivIH1SVpcu2SJgeHUxbeARKMtQTnrw8ZXSeHi_hoj0x1VGl2dyh3SnGNtixoads2aHOIB5fzvfvd5da6s8qiPmP1uMTBMEx-eauC8cC0ymEwLs5_MuDlhM4wVyFsxFj1RJjHGbgdu4zRZkuWCI5xIPdJMNhyn4Cv5ftVHaIQ15XukVLX1hnesS5PgXEdAX3En2ZMm4Va2008BF7IyJKUDz_szLU0txVyWLnKLvCOx_TCAmVPiznSC1nyUdE57Hc79YybRix9V1VnsVyPFy2k6GY4VCAQNQh4A1lPnV2q5RNWv6fHPbYR1Yl5Vu7EP-k7TgdiEINk0-Zq_tYJVpEVzdKUMUpuzMFRZIE-MHvgXlqFJIsDoo-6Z_6EARUVMnuHvhViR5FKgh9_GFyW5KsX_QOWXId902yrnhVZ0f7YGnu3gswJ_20emq8oBYEXlxhseNEMs3f84MR7YorvPooalyt_1T7oP2KLrkTpArqdKQR7dCO4nPH8YArmk8tnu4zTDJsvFCz5uq7e_hSnE4E6uR-uF9Nv28U1ogF6o0DAEH7IsQerK8kZ7fZGTbN8PbYj_0uHaRbK_-Y8w-aeeLPOSGVXfRumw4mhTYbzTN9sEJFIITZ7sJvsHU9P4K89AY5YQWR4fJMTGIkvuQ-UzAwRcz1b6f9n26qdxdsNx0IqOKXkFo7bNR6v9CCM_asjgBAdK8W65e0F_dI-YdyTPgUfd6Q2sXhPjzzCWg7KW8DqeVrL3vw9Lf-Z4WOaGXd1MZrCmFuDMcCvfB7q_VE61cWN1v5iuywAnoibbnIejM005kFXmnQR8cSPpwg_nAmVFZonrHJooZvyCTnEVHtjjMS5kFNuNvTSS37cg7Vwu2oltaVQ-NSF2l0DyMxOcYLXdAmJqCv1LorE91ch9CFwUaIGhlSZ1g_quIs7M_kb4F5WTQeriYKfoJv3WqRA6tl_IwcW4UX-vpvXz1T0rSEqCSYgC94zW2VLNVJW65AZnjiUD76hjx5C0kn_bK_O8Ts3CYM2cWGyJl20R4XGOAa0jk3CjmrPe7e5UCe1KQQc6LyYEGjHqtyJdfVOAOx-ssRRvsq26sgG584wyYzjnATXiSvwbEnrymkNfttumPlsNguHxd8J6Ai80PHNxmuAVk-b3_Oyn9Hv878rTP1TYSrK-2MiUuWvRmBPHd6emU5D_htcrcvjXWRzmJOKaDdL7ikG1qI4bhdiQwrNRKL7sskVpkXekTZ_vj49U213wHPoahi1gWD7s8tnTUGHJ37OeQJOfjzPhJxG1_0rG-niH2oKg8SiVpWOUmPG99SFL0faO62GBhAk-JCfTvrjAc6T6mnbK6UZmkdhr_tZ55l-C31RWnlPTNE9_yqbqYaj2fVel2LBrBaO-65jQMn0iYwrkHuZplDCViR2-h3OZKRzGjFTa8XVKMx_qxU-91E-HzBo1esJQV53yEFPJXbhEia3I8aDQkz0zo683vxqmgZgC-5Wlkh1qmVNqQ&c=f6ba01&v=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:24 GMT
Cache-Control
no-cache
X-TraceId
716ab4771beda0861f1f048ecea20098
Content-Length
53
Content-Type
image/gif;
/
b1t-nydc1.zemanta.com/t/imp/impression/64PEZUDC7YRNV546Z6O4G7COCFP7HBI2IJCBU5D2NTEY4PIIKB75M6XSKEGM4LH2PS7RVSQLR52PTIJARIEXO2IPCCDZBGZE2Y2ZZBNKFBFOMEPTKYFFJBPC3YWY3NMPWG4S6JW23EVVX42RAO26ZXYVUHABG4... Frame 493D 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-nydc1.zemanta.com/t/imp/impression/64PEZUDC7YRNV546Z6O4G7COCFP7HBI2IJCBU5D2NTEY4PIIKB75M6XSKEGM4LH2PS7RVSQLR52PTIJARIEXO2IPCCDZBGZE2Y2ZZBNKFBFOMEPTKYFFJBPC3YWY3NMPWG4S6JW23EVVX42RAO26ZXYVUHABG4BG6HI6DB7GQN6IZHM5TMRTJ4OJDRQ67REXFDOMZHCXGN4IHHLOMQKO2LHYTASRNINGOU6ADLEY6OEFOYAHLDG6ERBWU47MOG2LJFNOGRUEWRDRBT6S76JKNPGXSP3WGVBCCDVYRLDMDLWRQI3HYLG4FVSDACD43UB3TOZNLUW2RA3VOFQTCDT4PVQQ2HCMCNJ6MKRMKVDAIUE5YANSSH2Q/?
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:24 GMT
Content-Length
26
Content-Type
image/gif
monitor.html
widgets.outbrain.com/widgetMonitor/ Frame 7D9A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXT_b-O6shlaqjuW9cXqzQ-KN_sNTlpF19bun59OGuR4GRPS_UPhrOusLjyyKxE9r-S2hshbIPbthTk50BSxOtI4UKZ59xY17mLI3PgTFCei9DtWr149B1M14osKKsoEdoPbg84S7sBfcD9DNJKjTwS9CCBQAL_j0ZiLbSP0J5Z4Pp2frgtfYh7p9fAoebifuef_Vkrao_HuzgqWwt_vEkd6c7xrZurf6sIpePVoqUnBETpboH8lKWw-eaTz2J_zu5lp9YrTRJhD8yHKiCzx1r-biBD8Z99whOe3Jm3vZPtamvcS320EjhLRQWtxXPwFAcrzjh6V6jb_-F_LkSh00RXytfOzJb9zmHq3CmzB5qTf-Q_HwYfi0YJ3sC2rjJUkzph8nO_PS9yjHg6pf0XceN6pLIJEKwO7vdWEA3wCnJMSSH8foIuyYeB6Zt1agSVAlfxvRHAlyvhZLzVqemGhERJbomx_wLiYLz213_C7ehLoiwEjkZMkfm5CQY16MEvTCNWcMyN8TIv47twRVzrQpz1IKI4tq9uZV_Kj82tYh5QGnVtxR-ENUq7vfW_-A8JbVJM4oeglSr_Dtw1RHqnttcek-4tR8k3UNgtRaZU2FXZQWrBD4Aucb6WJTFNggHhtViY9lEVT3BQ6-3Yj0stPHTojtJLC6WFdvKe3qe5PGg1dorJiRdI7zJfGnWW9YbbDNB1wuenlVmTYeazLJLIjp_dRp7efmyCT8igOl9SeE0VtUvAnZSxkCU19x7-bVDJZRe_OLVs-n9soX4BEgH4flkAx2gs4sitSwKqZMLy3aXv66yqPB9fi7expbjY7eVqoXs-RnRCU4sL7pP1n-pHi4pqYznMdyZSL5PdNLbgPSLjuO1UX6hWp_OlOUfTdIoPj3LlgiTSgIy3As-amTKCyb1Ug7ewC5nbaPzDSoCpgmiuOIk3zVico4K1A5Pn0PQsz3rf1ajulsEgEJ_5SR_q6MPsXCxSLe8akKrXkjZvejOHSovtvypwiVEq91euvFXqKburTyDE6xQc1ECxzEtrGyH3iRnX6wWTZMa8QNBKJro-44Fd3r3o4zTq5LWgKM4khGBXDNmd9bWJmkk1IE-D9NQY9OCWDjaN_JFaJmCpkhKhiEYndJtujU6AAyEdUdfJ0_KD7m4W3eDpj5vq_TEo18_meAITzUgtWqFVq-kuxzNJVX3D-D-HCtSPfotkHQGQUzW_CWgjGrp-k41fzWlbJEANYEBgTOWhaKoATluTE9lcBtdBTirPx5HwT1HL9dR_LQjM4rB_ZwZ-c1CQnMY0sUWPXUznZjXKwptZqs9-rHt_Y2Sy_ajKRbqKVBsEHmjzjMfzhF_TVTzGvqWoz8oYt8OU9TaFgSAXZ39wpU6bBfOij4LF_rULgRmdKEJOrnHLnhCepCZ5V5fhlzIVS3MfM22hn1MIrrkTv5MHKw8yHT1y30xprPkWV-YI4E9-XifiCrf7FxDyUtophqN_gDvI7A9qjliCeLk7Mkn_kU1nLepyG1RBv7MsMrYedh2EHgP0ETUC0OMDdJdDTKkmeNLtxnHNXQ%26c%3D8a82fe97%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
1606
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"1295e69d949ede7964200763acaebc50:1679841729.42395"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Sun, 26 Mar 2023 14:35:45 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
monitor.html
widgets.outbrain.com/widgetMonitor/ Frame 8E2E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXT_b-O6shlaqjuW9cXqzQ-KN_sNTlpF19bun59OGuR4GRPS_UPhrOusLjyyKxE9r-S2hshbIPbthTk50BSxOtI4UKZ59xY17mLI3PgTFCei9DtWr149B1M14osKKsoEdoPbg84S7sBfcD9DNJKjTwS9AtyClyFM0HZAMjCkZCd_vrjDuEFPSVPBqc7R0WuKTlfXiBjO6MUretnyd1vFfqjT4FBz3Mz3oKBGTnG2rBnCrP7XZwaZHNSK_xWNKDRzLCZummnRBOIfi6uqUTvNrvhKy_lom80DvjJC_EIPYl1IT5yB30fZppF4mI4YEivASWTFSncNd3-JGkkQz9jeO5s_5909mRu0sI7eeTedD_TXyYLRRAM-cRsh7dPnHoCkYfhrr6ga8jM5_aQuCeavVMm3pSHxe72y95NOKsN2a3e9CYVFwG0kiXG-PThmZmGU-qwxF2_l72cV_hMutnEGkLXOtSCwwcs4ynIe4MV0FKvQyQXO0DwoZPYTus7YfQW_b2omF4LnD6qhHty9_-KXKS_XDpljLeP_z63uifQLOU_Cvvh5wv4kTBNwGIWDmVnTgH6Fxe0Q8wmdCxEy84eEQWn4mdsvpTxHVm57AcuzJYsZyheFL62djqZ7oGoi2TQXrGFv4pEAjYkFuWrgNjCj9hkMPukhk0iE48U6E47PElLHYB-tCPvgGXPmJjqHDVq4kksGiEiB2rm1625gmuNGiZvg_sHwhzQwrGCUQGHBzjff3geB9UsN45GfnsiHJDvxVSi3kte8oeQE3thaE34lnoCHTazhnEuQ9zpLordLbAsu3MXWVJWWPc6MX9t2bobuaR-lKcibzAkopTnO6VtTQ3MxTZGuaNuOMJv2SuyWCyy6Or9xGSHaqrBS0GlJbOjwtvPN2XM1ezaIpDNp9vmDXkMW1R0PhRcGLY0W5PzvGG0VrZTbbemIVFNc21SUAAUylyzPMS_uT7X51XZ4IP2pd9-ezhYdISjIbkQiBbyVPE8-j9E624LZNK6ay2aXSUkfPlIVcD4CSmRZ-U1yXbiQmIWcCISL_09Hi9X69RL3XumIpwu_7cpYjI-aU3NrnPcYd8lk1prO-Qas2JUsGtEByMIBqA3WpNXbx6ntgDND7ZSciUc5U9mijVugj_zaoh6jJ0J67kx2TWy3UlNV7Ajv0Mm-eCcNWo0wFGNEtjUasJyI8bUp_AzMua79qx4PTEUsTvroox5j4xL5YC-_ZrQW4zQb2bp7M1NI6YYZ39YWRQWqiLDjcB6LlOwCQ9dlzh_bDNnF6T3PYMBmogA02A5E7Ch1v-ibP65koU4-x7N37cn9_zp6z6jvoF99z6W72MiP16sZ9xT98SwLYytw56qXxIDaQposDNOOrAev4yXszCH7q9yQwGj4txk25yaAof8Sk47A0_KmACd1QiCUOyAeJIYU45kurw7ECkdXRhlzjMleuQbLqN-wap1af6Hetamzc2c0Lwytqw6WfA_G1HFETV0Er-9hUcoI6GRBsnDTFuWW0u6PeYRvg-9FYMt3K6njH5yqwAaRxQpN4PrK-HmT7a1Lw%26c%3De5cd7fe9%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
1606
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"1295e69d949ede7964200763acaebc50:1679841729.42395"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Sun, 26 Mar 2023 14:35:45 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
monitor.html
widgets.outbrain.com/widgetMonitor/ Frame FAF6 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXT_b-O6shlaqjuW9cXqzQ-KN_sNTlpF19bun59OGuR4GRPS_UPhrOusLjyyKxE9r-S2hshbIPbthTk50BSxOtI4UKZ59xY17mLI3PgTFCei9DtWr149B1M14osKKsoEdoPmHmjwOUBPmJLOEbT9H9WJhk0wnQuvuv-gQLc06TybSR_OLpjCGVWcjBt4ZjA-JoB5jXOOPEBd4N8vPL2SaGUsvBSCeLYgvrGiK1XkCGvcATn8CpptZrRWArsED5cTPIVe5YlSFW5p88z2pGaIYXW6ic9FgDiYU1PHIT4OPM1dJu7Eh9oUn1Ny4Sgj46k6jwTXbJB9uyw0u3nxJAIeoVkMziG6ySlumPv9nyPZF4z79gL-9dE9skYaLlTVDXXgWLlgYz1EjR5CgcRvdkbGLsBb_OL9JJ5DicPVTV2nE3z0mo1vmZ9zDVKaIH8PEyA7engs3qWPLKLiKm-aib12OfEolZ0ceYdwSu9cJFae1v13Um2nNpvI0yb0nxy0sHPUsv2OOcF_0ooRexq0TT_zx9F7ayGeOmHNiu0wrXH-EF3-NwlPOuPsztUeMi81AWwOGsId02ghY2xoF6wFOcmvZ1sjG1uOb0IR7S7h1Vr4Jmd2saxZmT8q4nbNM9cE_RmKJ_ITteuQsHyTTSrSuEBCVRx6W_SkM0HxuJ2s5YGNank-RMdmGmxOsk4mRw2CmjaNqK-_lCQmxVAlvjODL6D81GGwQrNlsanAflSyawz6dgdgPswPwMYSGEGQsKrmrxEqmCQKX8moLn8IaycSfF1aK0YDyG4hlH-3rkSae1zdF2BDKxHnx6lUip72n27N0uFMWOQWWHPVDvKgqBxFdNDoZnhA5c7Pwuj7eIoghI2WaiFyguFcH5G_tgbF7z_M-9ReMC_Mzp05fJymCB7ap7kwOcaX-YGgokKLW0iPMTm2Wmrg0g8ZQHin82OjfdN4_lS6XOHpe721o9_6EQxmULF9MBmjBgNdSgfNCgeaMQ8G6xZPGC4rmqZ0mNf0FrDqzLfFtxGPzRpeWHHVHRl9W7yRFjKAWBN7xSFMokssY4jvRcroMulGgb128uUVpIsTVvTN3qMIKGNlSOijRMTUFVyGVI25MpY-jUm9NFm2sM3ZVLmbaYRIHBJN512nX_cnFT0UwoRB0YeB2UzIGivQ2kQY8RnA6Ch9PXxMhGncOGRVn0zHHLa_p20H9jJ9CI_qd_Tjx3chH-JTiJK3XtVcdTb8Ao7mdJEsqQMh_YnlxpwyxHjogZJI9ryBKmHxxnSuwDMtSH8XVTyNnkCqBpKg9scZCnLOlfYoZ4Lbr7J--NVmvVE0XxogeGn2nxktAV4vQ0OCZcKkk_WWv-kc2mwognUqWKl1r2pgRDlWnDIIg7TTcNQtTcIj3UGODtzFFnOBh8gGM34lvJjrKt1DAwiRFc53xOLa076sW2XwJyW_AltVlLHbAWb4ZH9N9pD_6pHljax_KyLs3V72IuKMTM1OQV9UJxufDk1pc7hSV1_TU2pw3ygWohGfLiXMyeg-AJkW8xZwn00ZzQGUqlu8OQsynDrSiyvLHaaLnLnRavqv8gY_LweHi5je3QC4_R2Qc81NajRLR6lUC_nPKhk3wDx1bF95czT72tMJu7eQ583pL_1viWtthc%26c%3D2a6b154a%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
1606
content-type
text/html
date
Fri, 19 May 2023 03:43:23 GMT
etag
"1295e69d949ede7964200763acaebc50:1679841729.42395"
expires
Fri, 26 May 2023 03:43:23 GMT
last-modified
Sun, 26 Mar 2023 14:35:45 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
monitor.html
widgets.outbrain.com/widgetMonitor/ Frame 6CC9 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXTnRmCGttD5sYBDbJJdNY_b9_mgWzYKdhy2hR15CZboHwxGkcHffvuFz2059BqivIH1SVpcu2SJgeHUxbeARKMtQTnrw8ZXSeHi_hoj0x1VGl2dyh3SnGNtixoads2aHOIKmt_i6WIz32h833JdMWqispUzXX-wObvG0T1adf1vHOYNlt40-UPLq-l-4EMTCxyfC7ekJbWyx4T5JkbQwtzY5fVSHLjFUNzcCTP3MOyUsktg6cbwPKj7sdu5cgl7TUOiL9UsytJEfzlif0eTIXzIuTeyoZJ42gAZq5KczKCP0ez_wNUmeje6G6aVa4_G9ZIjUcFFcNj6Kbh08Vt-u10zwm7ped8pZxvUDZAwubnPUAtJx6F_up2zfnJbULnVrpViVaJZvIPdGYeNP-XyvOw-Xidkw2tRnZjlZr2volqR46e4AMS3yqwA8AZlOxaKcY7kCOkCyIkv3yLxtBPBmsCvRdpzfo6f5Sg9-pcZtt3UP_gltbpfWR5qWh7-qgAtJh58PZQXhP8T1q7GVwOrDd-ee3o03Kk1qWNJYcTRVcT27FX3doV9RwKnF46O1oIvQ6CBqnXUuUF2prdIIx7c6-DT0kUNZA7ym76vaQubiwZjsUBT1ZpAGnH4RBPD8PgH4jOz52VhuJlrYmWw9e6pHn3wQsFwLgpaItAWO0TObhL-RfwU7eNgeZyAjVVD0Rq3FQsbUCUKDhrneaVrmgJh0n_sRiAot-gF72ipaGr35o-SeGVYz2lmB5efKv1hFnGQuWrmx7JGNyWlB9_FUnsTQdYAqOPQZl4LEZKVIcDG3SDF-95xaPPHISgMG_NOjjlApWCFRkqtTeZPMhb_vWLmAEz2sZW-P6zdIei85Fq_LJnyPFt84A6KhlK1QRdooWc5-HzJaWCwDs82fqducopOeehu7ZKFraoHljo3AEVh3yfOulOAU6xhLgAypFCsm2KdP3C853tu8kyWSfmO22CXqzaPnzB_tvmZtc29Ccgya5n68rkmde_z9YAsZ77RpwxJSQOMKxNmOdfv8qAlQeo6l1AvTe2ZZUwXiivnNRHfC5EHtyJJK5m_hQpfurM2I1aXxwHvmxE7j0ZdQ00OK-poaMlRgN7OeOL48CN8uqDW7T_dNfEitELyaZ_p6bM96uNYxgSjuzBDEuFZDJLi46c8JUu7PrEvpXptV5wH8hv_j7AEa3Hy6vtwUHHZLmoxGFDrdRLPu7lYyVUoN9oUXitSzq3TeBJQM5WCbcCL1NNlA7JVBFNuE3Afo525CLkZrT710FiduMHboqIt22olQUOXS9oagM3uLLuGOMOdw1zYer5SkRitdNUkl2tKsFXwHIqiyZOx0qqjgO4PvUJIsurDskAucEK4N66isn5V9K6rvoSqAkTBjhzAu10oTHJIU7OD7c_jlE8XUfkV37c2mQRbM4b5-gdZmxzw3h08HPldQwlzp_2NNE1sOMmH0ZXzRw5I49wwRx91EU1KPdbC76i3nll4N7OKgBIXG4T9vtKRLVmeDuArYRnc4zN8nh6B8p8JO4wYTSTzNX0szPm1y1q273D_A%26c%3D29f925bb%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
1606
content-type
text/html
date
Fri, 19 May 2023 03:43:24 GMT
etag
"1295e69d949ede7964200763acaebc50:1679841729.42395"
expires
Fri, 26 May 2023 03:43:24 GMT
last-modified
Sun, 26 Mar 2023 14:35:45 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
monitor.html
widgets.outbrain.com/widgetMonitor/ Frame 256D 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXTnRmCGttD5sYBDbJJdNY_b9_mgWzYKdhy2hR15CZboHwxGkcHffvuFz2059BqivIH1SVpcu2SJgeHUxbeARKMtQTnrw8ZXSeHi_hoj0x1VGl2dyh3SnGNtixoads2aHOIB5fzvfvd5da6s8qiPmP1uL3JUzvU2mECQlt1l_563ZLBZCC6Kq5EhGle2I7frcmIBtMioTDUwi55BbpSfxWSLI0yzLmuPlNQOUPtYxDDRI3Qm8fJyFEUa_0Zaz9-wUzq-WVfcRhMgS9AXck00pzhRWv_pMr13WFOisWcaE2ooCCSNkVfnFRVyfYzAchtYhpj0PbgbyCe7wNKY-Ow92V4FKxkA12RriYQBp78ux0qDlJ8kUlK5GDSNJZzfOuPDHOZl0juFNXUjc5ahaT0mOkMdvs8PWtvdkr0U7utbWhZUFc-ZPQZjF7isBhy_4tZ6wy-AhwAR3joK-Wtu7yqn2R8Kv2FD8kLcuvXEiucNHXBCNCZD4nUcqTD6Gy70IoVb6Y5Cifp2pKvicGLV80u1h2-m4C6zALlgt7H5SnKx4y4YMi_BoO7f_z_h_gYzDbsfvdP5l5V3_QMdT5xif_bbhoyxfRcLB74fgh5xFxRAEPadVWmgK3RwBMRZY2alWZd8pobYV-z6UajcuKP3Ae-D2_O157s7UVmOJZQ0krNNpY8zYMk5TPir7g42ykKDsx1Hd2_hj4I6f1DumOKR4md7gC6aX4FZIY16y0FPMfbuEj_Dozeks-g8zhstBafyHw-R6AMJKap09II_an5z7ZYyvyNsK9rY6nEpWJz-D7Uy9vN9ABFWHRdhwI7b4YPRw22MvCkW585HX9OihxehiLAcGA0Jh4AP1clJa1_i9WUuoDOd6QG-TiArE4wiDXJT1lh7DN6VZc3xVrW5PGrPLSzrEbHQn7_7u2XlV1x2CeIwTUtyvKyY416SXQMVxVZBk7IZK9eTudIgnbwfPpWmwpxdGFC9kLHNpIo3Y6tg_bxIuST_O3-XYe_CgmeHQuK-VDhWshBYXwtmaIssShUgRjKCMnwEMkKHkovNtJuGuAnyzKYb8DvJwElt54qz_29ivcK1RmnSUHv0OKoNHp9ALDpoFIrPbd71O9jH2n4F74WsoGQT_UzxHlPF3kWrAzT_DmU3uT_bbXDvHFgkZs_Oh4klFJ9AsLuGIyVixhC3ckupSGhwz0FqIHPpwr6M_pyQLdC49CESeG6zkAeFNa5865yOq3nQTc72zBMNASZcLZHNQaQeKT22AQYotav4_krSShe7mU8o90Zb0X7WWtSp3hcAfUveu8YU7qCigXTHDJQtY3wnI9cpXPJC5GXj0C-QZQm_NnryX7OHkKcw-WhA4fQxc9QZybAlkQFEek0ZAvuWWbh8vm0uWRlkkcpGTJP3kab98HR6oab_UOSGF0tBB36GLAECcrQV_OA8P2PIwyKgtyzFjIMpWZyqNaAMUQNbkFQ2UV4ROfvGtcbNCqnHGWxBHXstdXCgRwF0zum7GTl5RaFPV8Hm1PY_2Z4MvRqOTjntyC8XPJT0D3B1dJn_XSTzXrMQw%26c%3D75535e14%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
1606
content-type
text/html
date
Fri, 19 May 2023 03:43:24 GMT
etag
"1295e69d949ede7964200763acaebc50:1679841729.42395"
expires
Fri, 26 May 2023 03:43:24 GMT
last-modified
Sun, 26 Mar 2023 14:35:45 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
monitor.html
widgets.outbrain.com/widgetMonitor/ Frame EA41 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXTnRmCGttD5sYBDbJJdNY_b9_mgWzYKdhy2hR15CZboHwxGkcHffvuFz2059BqivIH1SVpcu2SJgeHUxbeARKMtQTnrw8ZXSeHi_hoj0x1VGl2dyh3SnGNtixoads2aHOIB5fzvfvd5da6s8qiPmP1uDjf0pIdj9Dd0qsls9UnlOiEIaiMYoS-BVWWm8opLIjV6GhAdxdZ0Q46Ew49diNjQImIHeOVMex5myaxdmJa19UqfczdUNOIHsclYSG9WNIYOq1QWrt0kV-T_iHfBCT-Y7rIpYog5UX1AyrM9QFCTVC7XspxUc69k21BggkZknQ3GOMB6Mk5M3Md__RtTgnc2HAB36jmfVMU0Z63ZCDLhNAU-bXcEECNG_SyP6vDf0D61hsIhcf_iotSxq2jFzBto5D0PYobldOX8hu6ylQh8CKDIoJCMWLdYC392MNmcT-T4tgHKqegwQG8M69CXAT5uCsuOUChKPkZm52WZnebFae4fK0Y8JXUmOhf1q5STDpE6XeZMTEq2au-WkfMsi74f5mOLAQhnn0LJzZq7cakJiPMbfwi6_MnmSlg-hEQUAYIiaz73BLvMeZVVnr1OX8RUWOsFSgUAArPGnu1ZKd2QdekkJZQYT_6qGhOqproJLx_DkG_DcD4SVFBCPXXrnICPPzAaDIYFltj1ji5s_5-ljSqAC65TmmGXS3kUllj2mYIijJG1klhA_95FMPa5v3q_Wcv1jJdF3AI0LhCe6d1bM11p1eEVIr8jp0IcGcpDmy3qWpT_FikdXfXPI9qNneKglAQx58FvtKt22cY-9a307EGWbTjmCORch_iszm2eqUf-oAwCI4DFXJRqzQ2aj70sfSrPTFOAVmTm3Mx8Lv-A-JWH3NDgeeRExBpV3eZI6KB3brrM_J4ULYgtpw20-BDN5eKESQuWAm_MbCtXPMATKRxPEcraIzB0sT6PNv71uxhRPlglakUY9w2qRFEJ-4LkwRuebRBVz3QVmb2baUuZ_TVDWI4H_G4flZeTYgiDdllnOmI6Du3NVSMmziqF4NYRP8dHNoKorFFQJQsOX8TMVPYAkRwQ7w6eRkW8RNkGTuemWUO623PLWdq8oCP59hSAUTrVqHYg2Vh2rlBecUe7PSeySCn4U81Hu9Xi-Mkkmx-HdIbZ_CgT28oauiz7FaOZZR3LDpK7jnN4UW3h-Ghyod1lln6FOSvUtsLiHDIf91wmILaV8OW18zJkuqrnyw1-u5EVY76dbkQ8rLic-K430XqiKEXRLEs1jjToVwGIzdfTEiD1oYDxO3K8M3vR5konsjoc5egQw_x9087KwLYdOgpMOOJqbdzhpxbt8MXB2ewNObe7ZhkJ6tKE2WO2lRxA46-jUHGFOZYYnt4SabZPxAez_HanJDeAQB-FLCcZG22sReki24iGcBx8WxjB6RFy2uAlCH_zyru7iwvMXhcR5LC3GWezFeXL_JSuetZZjUPbzIoUURg_duRLGMOBVv73rbP7ndZ0HRO1x7z2LyPxdupJeHPLD4TvjCjZPlLfWzoY_5RIn1gC_OJb7E7wTzV_A%26c%3Dfc955886%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
1606
content-type
text/html
date
Fri, 19 May 2023 03:43:24 GMT
etag
"1295e69d949ede7964200763acaebc50:1679841729.42395"
expires
Fri, 26 May 2023 03:43:24 GMT
last-modified
Sun, 26 Mar 2023 14:35:45 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
monitor.html
widgets.outbrain.com/widgetMonitor/ Frame 951A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXTnRmCGttD5sYBDbJJdNY_b9_mgWzYKdhy2hR15CZboHwxGkcHffvuFz2059BqivIH1SVpcu2SJgeHUxbeARKMtQTnrw8ZXSeHi_hoj0x1VGl2dyh3SnGNtixoads2aHOIB5fzvfvd5da6s8qiPmP1uE2tR4K4lijU3jOjVh79fUks1j5LZgr5cI62Ym4rqlDgqwmSiuM_tK3D8TqbYwHUiRjwblxhPf5m2JfsHHcrpeO61cqqJcHesFS3cdMZeZiYwXUYoWLu-d02xxyV3zQYvS2fLr6JN7LMFkqyZ9ZtkeFAmdoVCnmqd9UlaeRUPW970zq3_5sRSNkg9xCr1rL8SICbeYhTqUdqQnl0GqWhtB9QLc6L_J8OBPNgca1ERT0SRx3VB4TUMqO_tEF5c8h6_wV8cJLYzvNtfQ9GNGYbheZqwDzCMapl-c3Z57F1OYsEjApxT2_blxizDGdFx4a1vyu9MpEP80OKtX-jxuQ0FDoeWkTiHTVux_OMo9wl6LSvHChvC0UYp9H0ZnQ9q8R0j-CCeD-xd6NEi34zgLub7jBYKPVAw4mXRBaQP4Rb6Tyuh5zW8PXD3kmb6cPUQaiTbqQXWqsxGO347-fg7Jf0GfULhV5AHuiidWVJSGbkXTqg2U8diRyKit9nG_v2LgKeZsloz1AhZuXRdxfqvAq8R7XMck1_I2S1NLCaPnuRA4hDEg_j5TAR_0mBKX7P3lvpxuvwlDdfryqz0gr5iqleSZyBLVKYTCP4PNsInZG0pCTRh-KXaGvIYIp5kNIOF6RhMWa65oFH2SnDqOBYnCxZ6A1nlPmBZ5g_jI9rihluRkgv55jOnrV6dMJJLpjTqWeLAIAod2eyWymu-mFE8vdt5xrZBkWZ6kVCxt4a6fDnZN_QX7pVJrHShkKaVj-InRUX-O5R1QUl0CNq0E3ONbRoqcv2uQDTfxZvUMxfIiE5Pqq4o-pktZB0ZHR7JujaJogwkDU5Mdcqg-op5p7suJ5Wz4dRWsiYFgtxKUaeef5fJnc1nD4zu63pm7Ww2Gu1WBvb9cXGhp7TAu4TsUpj9AvKy54FqMqrZzMNZtehJgfdSb5DOzDQPdg4jJsZ0u0S9S0kp9p4bih7kAX7e5eGaeYz5QdwG49_CejvL9d4kpHBg2Kc3WiSnIWcCdnOTKPE-ufe-D__SE9YuJ5NOlniAlK86RC_2-o5oyG_kYiOdUyw-riAii_coAcdecfQ3eS4gxFqUU2g6j5HQ8tJb5LnvRe2rOqOL0pruSmr5CCK32R3wp80wX_J6OiHXXTGcIIP5VumtGXIpRLY0iiU8VP_TWH_hYGp5TPYL-zV0qI3ob1I1JY3kuW4NzcYXitb2R696alGlXoxGVJhmeaFPo1Lpam4U5PLvM1vbUtbpMjIlxmYmPTqTWu6X-h6yf6wabeCyFonRjwT-x0BzAk1dfqGAeq3unwTBJfnjqblTd3Tev5gMeMsui9Flb1rahaJ040WV-IJA4BoIX61PcXgx3WiuhJFYi9op_snNaZ_p5LgWgM1eroC1NqgR7Drrw-qb3JDMtZdVQ%26c%3D2d41f3af%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
1606
content-type
text/html
date
Fri, 19 May 2023 03:43:24 GMT
etag
"1295e69d949ede7964200763acaebc50:1679841729.42395"
expires
Fri, 26 May 2023 03:43:24 GMT
last-modified
Sun, 26 Mar 2023 14:35:45 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
monitor.html
widgets.outbrain.com/widgetMonitor/ Frame 8DCC 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-VxT98UhdwURiO0MkbWX-E5AAk8MigzZmoX2P45vd0AXTnRmCGttD5sYBDbJJdNY_b9_mgWzYKdhy2hR15CZboHwxGkcHffvuFz2059BqivIH1SVpcu2SJgeHUxbeARKMtQTnrw8ZXSeHi_hoj0x1VGl2dyh3SnGNtixoads2aHOIB5fzvfvd5da6s8qiPmP1uMTBMEx-eauC8cC0ymEwLs5_MuDlhM4wVyFsxFj1RJjHGbgdu4zRZkuWCI5xIPdJMNhyn4Cv5ftVHaIQ15XukVLX1hnesS5PgXEdAX3En2ZMm4Va2008BF7IyJKUDz_szLU0txVyWLnKLvCOx_TCAmVPiznSC1nyUdE57Hc79YybRix9V1VnsVyPFy2k6GY4VCAQNQh4A1lPnV2q5RNWv6fHPbYR1Yl5Vu7EP-k7TgdiEINk0-Zq_tYJVpEVzdKUMUpuzMFRZIE-MHvgXlqFJIsDoo-6Z_6EARUVMnuHvhViR5FKgh9_GFyW5KsX_QOWXId902yrnhVZ0f7YGnu3gswJ_20emq8oBYEXlxhseNEMs3f84MR7YorvPooalyt_1T7oP2KLrkTpArqdKQR7dCO4nPH8YArmk8tnu4zTDJsvFCz5uq7e_hSnE4E6uR-uF9Nv28U1ogF6o0DAEH7IsQerK8kZ7fZGTbN8PbYj_0uHaRbK_-Y8w-aeeLPOSGVXfRumw4mhTYbzTN9sEJFIITZ7sJvsHU9P4K89AY5YQWR4fJMTGIkvuQ-UzAwRcz1b6f9n26qdxdsNx0IqOKXkFo7bNR6v9CCM_asjgBAdK8W65e0F_dI-YdyTPgUfd6Q2sXhPjzzCWg7KW8DqeVrL3vw9Lf-Z4WOaGXd1MZrCmFuDMcCvfB7q_VE61cWN1v5iuywAnoibbnIejM005kFXmnQR8cSPpwg_nAmVFZonrHJooZvyCTnEVHtjjMS5kFNuNvTSS37cg7Vwu2oltaVQ-NSF2l0DyMxOcYLXdAmJqCv1LorE91ch9CFwUaIGhlSZ1g_quIs7M_kb4F5WTQeriYKfoJv3WqRA6tl_IwcW4UX-vpvXz1T0rSEqCSYgC94zW2VLNVJW65AZnjiUD76hjx5C0kn_bK_O8Ts3CYM2cWGyJl20R4XGOAa0jk3CjmrPe7e5UCe1KQQc6LyYEGjHqtyJdfVOAOx-ssRRvsq26sgG584wyYzjnATXiSvwbEnrymkNfttumPlsNguHxd8J6Ai80PHNxmuAVk-b3_Oyn9Hv878rTP1TYSrK-2MiUuWvRmBPHd6emU5D_htcrcvjXWRzmJOKaDdL7ikG1qI4bhdiQwrNRKL7sskVpkXekTZ_vj49U213wHPoahi1gWD7s8tnTUGHJ37OeQJOfjzPhJxG1_0rG-niH2oKg8SiVpWOUmPG99SFL0faO62GBhAk-JCfTvrjAc6T6mnbK6UZmkdhr_tZ55l-C31RWnlPTNE9_yqbqYaj2fVel2LBrBaO-65jQMn0iYwrkHuZplDCViR2-h3OZKRzGjFTa8XVKMx_qxU-91E-HzBo1esJQV53yEFPJXbhEia3I8aDQkz0zo683vxqmgZgC-5Wlkh1qmVNqQ%26c%3Df6ba01%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
1606
content-type
text/html
date
Fri, 19 May 2023 03:43:24 GMT
etag
"1295e69d949ede7964200763acaebc50:1679841729.42395"
expires
Fri, 26 May 2023 03:43:24 GMT
last-modified
Sun, 26 Mar 2023 14:35:45 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
async-api.ad3273bd-1.232.0.min.js
js-agent.newrelic.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/async-api.ad3273bd-1.232.0.min.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
OjwEEoZjF9pbnlt.Cg9dV5pJF0e7Bjo3
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 03:43:24 GMT
strict-transport-security
max-age=300
x-amz-request-id
2HV6J6QHFFESHJRR
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1353
x-amz-id-2
BXEPYmEflhh8Vht8sn9Q1DUjjjCdyno/0vK0P4vna65JsDaTt7F35BfMmDx7zQLw8OCOg9e2TFA=
x-served-by
cache-fra-eddf8230135-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684467804.191130,VS0,VE0
etag
"d7011e3a3501d54c9be8929572a18598"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
224
session-manager.2a8d47d1-1.232.0.min.js
js-agent.newrelic.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/session-manager.2a8d47d1-1.232.0.min.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
D9U.McFOdEj4dYMN5VJBUueQRx486Iwz
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 03:43:24 GMT
strict-transport-security
max-age=300
x-amz-request-id
33YC9JCZQM6STQJG
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
5781
x-amz-id-2
MFfb7MGqGrqmfqqSXBRxyB8p3seuC8FOIGAdlP3GdJhGKDscVqHW57p863nKhRGgnkRzZizmvC4=
x-served-by
cache-fra-eddf8230135-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684467804.191292,VS0,VE0
etag
"e42e9b9282d7865427c32ad60eea44b4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2248
optimus_rules.json
tags.crwdcntrl.net/lt/c/12374/ 		257 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/12374/optimus_rules.json
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddbf719aebcee3cecb379b4e4a7459e38486f19679a2f48f14b8fccef80155e2

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 19 May 2023 00:47:44 GMT
via
1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
10541
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
257
last-modified
Wed, 26 Apr 2023 23:20:00 GMT
server
AmazonS3
etag
"7effe81f70b49d7613c7544920e14c4e"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
RUKRShxxiv1_tVs3OSJXxsdI_Z2j0H_bVGtpB91TtTTS0hU7pUw0IA==
/
graph.facebook.com/ 		235 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?fields=og_object%7Bengagement%7D&id=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&callback=a2a.counters.facebook.cb1
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:10e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1f380910bbec59fdcb699957fc30da0f9d2cb0065ee0dbe2648b51b335dd159f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
date
Fri, 19 May 2023 03:43:24 GMT
x-fb-rev
1007524875
alt-svc
h3=":443"; ma=86400
content-length
174
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
2mTQjyL2vj7RMdMEk9p3MgTli0bHn7WdSOH8uGyFJvJjfifBMz/PCzApYN5ar/wdw+LTiv81t2oeLJ282ywitg==
x-fb-trace-id
BrO4P7efbjy
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
A3BFRy34imuZlwRoGKNPUHR
cache-control
no-store
facebook-api-version
v10.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305150101&st=env
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfaac31fd3d8d6beeafd331d817a3563ab96e24849e7957af7c366ab079974c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11344
x-xss-protection
0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=EE277E41FB864F64A125745FD8C531DD&RedC=c.clarity.ms&MXFR=346E035C9C2A6E8626A2104A982A6052
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EE277E41FB864F64A125745FD8C531DD&MUID=1AF02F0E251163E9138A3C18247A620B
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EE277E41FB864F64A125745FD8C531DD&MUID=1AF02F0E251163E9138A3C18247A620B
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:23 GMT
last-modified
Thu, 04 May 2023 15:33:28 GMT
server
Microsoft-IIS/10.0
etag
"6de038c69d7ed91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:24 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 90A5DAC748544D0E9812ACAC310A27D9 Ref B: FRAEDGE1421 Ref C: 2023-05-19T03:43:24Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EE277E41FB864F64A125745FD8C531DD&MUID=1AF02F0E251163E9138A3C18247A620B
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
tfa.js
cdn.taboola.com/libtrc/unip/1070961/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1070961/tfa.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
685a679e1ff660ec3e109260b30f7271b8c14acf8d41aa6be7bf9926f366234b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
wyDC04QyAp59Dcyj1bXwyzszovqexoa7
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 03:43:24 GMT
x-amz-request-id
37PNG0THPTXCYCNS
age
94
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
18213
x-amz-id-2
LIhLONxgJd4hFNqtBb66VNTfY4e+Lf/czA2BBa09OBm0Ovx4erK2sn0Rr4pN1HWza9pmxkEFhSA=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Sun, 14 May 2023 11:18:36 GMT
server
AmazonS3
x-timer
S1684467804.200023,VS0,VE1
etag
"93940e5c1674ec91134b0cfa4d312806"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
32
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://tagweb.straitstimes.com/j/collect?v=1&_v=j100&a=1629550037&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-te...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11908285-1&cid=1849208897.1684467802&jid=544220171&_gid=1705824386.1684467802&gjid=1428734739&_v=j100&z=1648711006
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11908285-1&cid=1849208897.1684467802&jid=544220171&_v=j100&z=1648711006
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11908285-1&cid=1849208897.1684467802&jid=544220171&_v=j100&z=1648711006&slf_rd=1&random=826684914
42 B
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11908285-1&cid=1849208897.1684467802&jid=544220171&_v=j100&z=1648711006&slf_rd=1&random=826684914
Protocol
H3
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 19 May 2023 03:43:24 GMT
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11908285-1&cid=1849208897.1684467802&jid=544220171&_v=j100&z=1648711006&slf_rd=1&random=826684914
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6288331/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
358 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:42:51 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
34
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
KrqhRZwv9gJfe9Oqds40cSLwpA_-tfYJo3grO4ThIpkfKwf6xMuHfw==

Redirect headers

date
Fri, 19 May 2023 03:43:24 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
DdrdjukHQFJfi18YjIaB7N5ojLOj3mx4Yoa3WaoZmTQH64zBRX-_aA==
0
bat.bing.com/action/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=97024697&tm=gtm002&Ver=2&mid=393f2285-7b62-4be1-bd1d-26de8869631a&sid=4d936cd0f5f711ed97ae7501f6684a52&vid=4d937700f5f711ed9cad797c700f270a&vids=0&msclkid=N&gtm_tag_source=ua&ec=userEvent&gc=SGD&tpp=1&en=Y&p=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&sw=1600&sh=1200&sc=24&evt=custom&rn=283421
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 May 2023 03:43:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1EF06CA88ADB46A7AB3C4A52464CD92A Ref B: FRAEDGE1421 Ref C: 2023-05-19T03:43:24Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
highway.cablecar.sph.com.sg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://highway.cablecar.sph.com.sg/?api-key=xAKXBzNmErQO6OVuChS4K2CHT2ppmyL0u6ugVI3Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.136.47 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-136-47.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.straitstimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
0
apigw-requestid
FJp-eiEuyQ0EPfQ=
date
Fri, 19 May 2023 03:43:24 GMT
/
highway.cablecar.sph.com.sg/ 		345 B
465 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://highway.cablecar.sph.com.sg/?api-key=xAKXBzNmErQO6OVuChS4K2CHT2ppmyL0u6ugVI3Q
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.136.47 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-136-47.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
f706375a2bdae5df357ee5d08be926e742974559ced5574552c44b4465547a60

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 03:43:24 GMT
content-length
345
apigw-requestid
FJp-ggVgyQ0EP1w=
content-type
application/json
data
bcp.crwdcntrl.net/6/ 		60 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.210.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-210-150.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
db08f99821e82d1c9c20f2a70b1a2707cb3bd9967fcf503da29295d99d132833

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:24 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.straitstimes.com
cache-control
no-cache
x-server
10.45.19.181
access-control-allow-credentials
true
content-length
60
expires
0
lazy-loader.c8cd494b-1.232.0.min.js
js-agent.newrelic.com/ 		921 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/lazy-loader.c8cd494b-1.232.0.min.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
JxOZDsaCO.84OJr88feb47MQNIiB.lPY
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 03:43:24 GMT
strict-transport-security
max-age=300
x-amz-request-id
HFKEC7V8RSG7GQ3Z
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
410
x-amz-id-2
sMPeOof8K4e91kQ20uXJDDwefRnsVFND0s9EnxyiOeAw9CM1xr2qBuk5sozOrYVezXVrvqQ6llg=
x-served-by
cache-fra-eddf8230135-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684467804.209678,VS0,VE0
etag
"43b458adcc5ab7566291590de5438262"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2255
json
trc.taboola.com/1070961/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1070961/trc/3/json?tim=1684467804223&data=%7B%22id%22%3A340%2C%22ii%22%3A%22%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1684467804211%2C%22cv%22%3A%2220230511-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsph-straitstimes-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1684467804222%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
37f82a178010cb9331e2c439ef565813de88acb2720976d527feb1736491fe73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-vcl-time-ms
19
date
Fri, 19 May 2023 03:43:24 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-eddf8230023-FRA
server
nginx
x-timer
S1684467804.245644,VS0,VE19
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
875.2c240adb-1.232.0.min.js
js-agent.newrelic.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/875.2c240adb-1.232.0.min.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
hJYscwmqXwVNvHS80_0vRqxt_Uk.MPpY
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 03:43:24 GMT
strict-transport-security
max-age=300
x-amz-request-id
33Y6DMYX2M755T46
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3692
x-amz-id-2
12ESXK8BgHWgzbN3nQPaydy+L59jXSGMNsIQOuRJSUSgpXbpopBHG7CYiWTsgYBLZaJ3F98QqLg=
x-served-by
cache-fra-eddf8230135-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684467804.232679,VS0,VE0
etag
"12b760183a18786621f95a5599ea91d1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2207
page_view_event-aggregate.5a238c1f-1.232.0.min.js
js-agent.newrelic.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.5a238c1f-1.232.0.min.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
m6hQu7Qmu3oSTIZPOga15if6q1_usD02
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 03:43:24 GMT
strict-transport-security
max-age=300
x-amz-request-id
33Y1F68V5R4G1R1S
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
4123
x-amz-id-2
LE8Mmxf56EgzLRhRoenpxF0OXZIwo/pswFnDB4N8n+EeKaME6HXt1Xk7L6rvqhOxcNjSk/xOwSY=
x-served-by
cache-fra-eddf8230135-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684467804.232852,VS0,VE0
etag
"397497131773c37606e11fcb4222917f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2201
page_view_timing-aggregate.ddd91465-1.232.0.min.js
js-agent.newrelic.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.ddd91465-1.232.0.min.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
ZN8S09QpTi3DRaBHssxUl.rChDa0uNQQ
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 03:43:24 GMT
strict-transport-security
max-age=300
x-amz-request-id
33Y867HS6MYT7985
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
4571
x-amz-id-2
CILtP2UgtVGD48J+UTjWq+irCqTwzRZs1VccfZLy4xzSBKIMwL+jwnc8ZZpkzmwxwhHr4pdQKRs=
x-served-by
cache-fra-eddf8230135-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684467804.233172,VS0,VE0
etag
"38f4d68378bfe3989db669dc9385b7c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2201
metrics-aggregate.c2ad263a-1.232.0.min.js
js-agent.newrelic.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/metrics-aggregate.c2ad263a-1.232.0.min.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
Kwxbmu4apiKNi1wg_2QBa578nUzXK.xS
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 03:43:24 GMT
strict-transport-security
max-age=300
x-amz-request-id
33YF3D3MNZZ7XXTH
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1663
x-amz-id-2
0t28v8WC4ksNHlPsbHnq2BFvbag9JdhBEGj1l2cZmwZMryjnQUGTG7J4qr+P0dP0z2Q8RhqNGa0=
x-served-by
cache-fra-eddf8230135-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684467804.233641,VS0,VE0
etag
"581d99ebc34c05e0a160a0c4a848cae7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2226
jserrors-aggregate.017d6ea4-1.232.0.min.js
js-agent.newrelic.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/jserrors-aggregate.017d6ea4-1.232.0.min.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0307f3b9d8215b1581f25bdf8ba24881d8f7030f53ed17b33e3ca6a5e6c8582f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
UxM2U4jEHw4DYwuY_JCWcBxAYgS2_JE2
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 03:43:24 GMT
strict-transport-security
max-age=300
x-amz-request-id
33Y3P9H1YVPCYW5A
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2704
x-amz-id-2
fOJjkf623X4+LNu7HUnbPEqkESbCVUXfegtTcDGCJTSYPYnZIMHyyD/3Rdyml/9Mp1DAV3/tTMA=
x-served-by
cache-fra-eddf8230135-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684467804.233988,VS0,VE0
etag
"3eccc20152284ae6154ef68728b49a85"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1622
ajax-aggregate.666f66ea-1.232.0.min.js
js-agent.newrelic.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/ajax-aggregate.666f66ea-1.232.0.min.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f4d7f3eafb4d9820dd9f359b637ee8df4136b8bdba6705b9dd0a15faf2bc025
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
P1.nxkPqX_AEcic3nbSwWvQGlnr.3FTJ
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 03:43:24 GMT
strict-transport-security
max-age=300
x-amz-request-id
33YAMGSAT4509J8D
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2159
x-amz-id-2
+/vlhDJIBkrB07I08TN2xKY9QCT+tReD92GfPWcSfMLZ777mczQvriIxrhC3OuLLFI+tLbuC4X0=
x-served-by
cache-fra-eddf8230135-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684467804.234430,VS0,VE0
etag
"6f55903bceeb36daf6c5579103364266"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1551
session_trace-aggregate.c0ef217a-1.232.0.min.js
js-agent.newrelic.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/session_trace-aggregate.c0ef217a-1.232.0.min.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be222ebe8d76ed95e6241fd6e80b43e87cee11ee97871ba3e0e6dcf439ad66b9
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
g_UxNBJ25wtvYc3oM8Pj1uCRZQPEEsvZ
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 03:43:24 GMT
strict-transport-security
max-age=300
x-amz-request-id
33YBT10PFQDKE050
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3302
x-amz-id-2
F/iivEdVcfTjYq8AJFOWGRk4GEFQq3Y9nQ2WJaA8DbfFJtDlso2/z2dRKKVQr/qXereUel72lF0=
x-served-by
cache-fra-eddf8230135-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684467804.234833,VS0,VE0
etag
"8658ef92a475808fc6ed23b10731217d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1611
page_action-aggregate.64dc4751-1.232.0.min.js
js-agent.newrelic.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_action-aggregate.64dc4751-1.232.0.min.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca72e8893a0cf88efb844d01e3629ad7751979f01026f6149de72285279b7968
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
K0wCLFJIIdjTzGgJZSujBvyTIxwFP3oQ
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 03:43:24 GMT
strict-transport-security
max-age=300
x-amz-request-id
33Y9SYP2S871NYYN
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
985
x-amz-id-2
wXfzGJOuvfsWptsVhCX8TS9ZOOpumIcusC5MtXYWezjm85aH+z+a4UhZtORNDBtZ1lQIvruadOE=
x-served-by
cache-fra-eddf8230135-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684467804.235135,VS0,VE0
etag
"19f8af5dbc48da5cec8a15e4e37572a2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1604
spa-aggregate.342172b1-1.232.0.min.js
js-agent.newrelic.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/spa-aggregate.342172b1-1.232.0.min.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7674813d4294e6367c27576ac6ee63106685165081325a67fc0b3582ed53182f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
GBrIcCPmmG.WN_66aFejQ6H_fNPpwe_q
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 03:43:24 GMT
strict-transport-security
max-age=300
x-amz-request-id
33YAJ6WYP1J8ME4A
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
6574
x-amz-id-2
VgAy+MrhxuFl5jVpUDdrAu+k2F0/keKUs9t2baLmPjDCGwinsdlSaDKFL2sbJxn1je0+kg2OvCU=
x-served-by
cache-fra-eddf8230135-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684467804.235478,VS0,VE0
etag
"cd8a824b2ab07e7b696cf7565028153b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1299
NRBR-70564e4017ab43d3811
bam.nr-data.net/1/ 		49 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRBR-70564e4017ab43d3811?a=1042096865&v=1.232.0&to=ZVVVbUcDW0JZWxYIV1wfdlpBC1pfF3wQFEhTXGtXWgZQbXtXDBVKXVxbXEc%2Be15cXTQIXUVzWFdBEFpdVF0QTAZEWVJO&rst=3791&ck=0&s=0&ref=https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&ap=339&be=220&fe=3493&dc=1512&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1684467800454,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:23,%22c%22:23,%22s%22:29,%22ce%22:44,%22rq%22:44,%22rp%22:220,%22rpe%22:230,%22di%22:1721,%22ds%22:1721,%22de%22:1732,%22dc%22:3707,%22l%22:3707,%22le%22:3712%7D,%22navigation%22:%7B%7D%7D&fp=1571&fcp=1655&at=SRJWGw8ZSEw%3D&jsonp=NREUM.setToken
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 03:43:24 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
7c9955e10bae198f-FRA
collect
e.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.straitstimes.com
Date
Fri, 19 May 2023 03:43:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
activeview
pagead2.googlesyndication.com/pcs/ Frame DF3C 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3359IRUU6OCe9PeR8gbBOA4DT1jnok3hV3jfqfJv9SSH6tOL662q61b3Vh-EdUwFw56pt2xT8eM0UrA3J2LEgVI4&sig=Cg0ArKJSzClku2Z6_Zq4EAE&id=lidar2&mcvt=1000&p=68,315,318,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3096957225&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684467802871&rpt=379&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 03:43:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame AF1A 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=gs5l08OhFMgAizHu5V5vPM1me-FCwMa89wlcJSyq08RwaJnJBqWZrAKOmO9Aqu2hFLIhB4dx23t88sahKDBJb2rn24ZOw2ip5Zf-ZqiKCg6EX-dNdpNgqCar2AnKLcp_nURgtAfbODNQeAazd-SADDoYKVhbCGxBqp_OPMFEXQ7fZb5-xO6sgzfAzPstmLgSNneEvAh23HRuGQx5UXP1D0oyfeCEJD4aUM6pguqu3ZzYXuExB85bH--1AvQNWCEzMsezmw&sds=2&rev=86437&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGbwWgAKQEAK4DeWAAERujJwC0ceHIEJPvBj7Q&u=%7Cj3e0nSif39JBK%2BwbNWYHU162yFS%2F5oFypXP%2BPN8A0pA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy1m8Dl5fsIQlTl93wzoIAXJHDIf_jrY6uunqMqJdZY7W4skEbYyi2ntA6iUE72UlgUsbDsZiJ3dXwSu5QVzQW4vmMnbZY19AaBAufdM3eJyPgOQoIqjWSRNxVvLRqCbJGjxryNfNhhLFXEBsCkqTb3bLqeEx0CRaedTTbZFn00IGq3DEEaoF0UJiKEO5kjaKNvEOS3neAPcBJVon9vMA6x_F_eV5nhb7Px966H_aIxuIFcXBMHPs5CtKN9EU9a9y1xjb2Vs1gQUpcn--EjHWFgAK_OTpxhQ_gsQokSDXgh8ZRJO0L0SznD2mjyFO39qs5snoCAeRN8bBnkKTemldVimMhuM8dWbvfbOxFYtCsxf84CuZJQ6uMK5u2QSUFRChvsS7WuI0Khw0G1cIP5ownukiYZ_6mkkzFyLRAv6mvtwh60m0bmQtHavJ63q9NrteWhG-rTm0aOrcxc_ssl67AprKGZIO2n1TFvemfP_VU2jG-GRQpMDbyK9I_k25QC_DJkYFs97orso_4iS4XRrtrzaTyb0wdZW4DQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP6GfWvBmZMCAKZbvgAe6o4SwDsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAyNDU1MTY2ODExNDAyMcgBCakCfx_fdvMSsj7gAgCoAwGqBNgCT9BMJGi8wYIq3v2J7IutlIC_-Ic1AQCfv2fJLCDE4hfzC7TDPeI4KeRvsPD_2aCHxEdVjvtJ0hhxpr05kfDQwB1-uZDMv57jqzdzi-a06x9O-NSJrUAEBqkEBvi1GGTUemngX8gCV7YVy-cSpcqimOcubSPYO1qUDuUrczcM3RpM7S5gjPOpyMgQdo78ZH5K5m9L_zyuHhFZunkhzNYYq-9RDSSlybNGTik2x7UukPZUW7xgLgsUu_-d0JGV6hg-b0raEIs0hqNcMwk6cVNlmA6urhT-RXsnzQ6tSYNBQDh1aE-29l5YtCkSgN9NA5VzZ8yfNbiAwU2vwj7OL1SQ0oUOh51V6PSw77BoreJPmjpFWOmo-baYd8epvSbcD8BvaWurUb3lZ8SPSXQDWGxLU-yy6k4DOn_CRnRbKW69_EbviaDrgAFdPurrNBeX7Rel39_oyGXkOxDgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ewIXyjLsbTH8MhAjeaWgWpnj6HQ%26client%3Dca-pub-7024551668114021%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 03:43:23 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 May 2023 03:43:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AAD5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
34680
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 May 2023 18:05:24 GMT
expires
Fri, 17 May 2024 18:05:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0B26 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e16a06ceba1b4d7f887ffec9ce17d20732423e97425e2cbe74f1ac8547256cef
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mECyTxrKYKil58vJLjNnVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-mECyTxrKYKil58vJLjNnVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 03:43:24 GMT
expires
Fri, 19 May 2023 03:43:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
pagead2.googlesyndication.com/bg/ Frame AAD5 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 13:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
138181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14627
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 May 2024 13:20:23 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0B26 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305150101&jk=314366816052922&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame AAD5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RCd1BQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
NRBR-70564e4017ab43d3811
bam.nr-data.net/events/1/ 		24 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRBR-70564e4017ab43d3811?a=1042096865&v=1.232.0&to=ZVVVbUcDW0JZWxYIV1wfdlpBC1pfF3wQFEhTXGtXWgZQbXtXDBVKXVxbXEc%2Be15cXTQIXUVzWFdBEFpdVF0QTAZEWVJO&rst=4202&ck=0&s=0&ref=https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 19 May 2023 03:43:24 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.straitstimes.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7c9955e31d79198f-FRA
Content-Length
24
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=ab403253-b305-47fa-a31b-3efb2473166f
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
c098007d436f9470867ef05cea335a664366529e1650d26ddbe4fac1de6616be

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 19 May 2023 03:43:25 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.straitstimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305150101&jk=314366816052922&bg=!8POl86fNAAYldGN0BXQ7ADkAdvg8WgVt-T7EmvT9VUFjpf88IVWmPIXyEZCxXO_3MGfs3aDPUkKe06GLblTqOASqGoScBLE9c5gCAAAAY1IAAAACaAEHCgAHumQiCvlQcJkCoJ92JPYP_WT84s2YOFiEjma1eWZJPw2tJrRMU1-mTvRiInu5R7HXus82kyJWaM3VCv6-3PntQmVA20yvckzhyb5sRFUPmM89m-jW0hVXfJpov4TGmSVyAoIf7wOfbez75N4pTzoO0UIym7ZPmxmv52Tx-ffQk5Jajcojspy0q9DWhXpwL009goDY7mOxn0A3blhBO7fM6uzNRLmhnJoTrykhYBTB20bi1jGAlBJhpK_h_ApHxu8QirkjjhBbgXNdGh9Yg7DJ5BXtbHewfpgU8ru6BTl8sV7IO5_DR2dvdjclKReXXyBKOgQIpCZlqNfRAEUqhDIhaSeX3zilKDeYGNiU5CV3ggeSa8MtUkIWZI7nUGYPnOu8jbYxOE53JW33rhCM4XE_rhDYro_SAH7Xu6Z37Wt-5UvRZDfGq5P-DIDA5JspU28nJweZMTdaM-TUU7ElU_FrEnq6Z3jkdvRBftgad97RRf5o58UBv_XHrEH3T3KNh92gr9xKo1Y6ZCIzL5kqddn0wuIMOhuFiGtKWerSs7eWTSk6A0-yOptSVLTl-S1qrCYf7-WsNhIgvWZfoN1CsA4uCpqhA6qVIncHANcq-d3wMJgQjZJiI0esb2nYQi47iRCI5S1D7OZZBgKQekC3aaFP1j-GlHE4k75WYxXHycA6Z2wtRhOPM-023usPyyKb3ZkG4i95Q4EZQR6i9E2Vt96kv9-HrmUnJH2DhJrnsq9WxVCe7mhI2FFSj7cRYzsBrPKoqjvcuh8cFiEkttJ-2utuUe7-j-G8-mT2hJ6aaRtt4qmqeLkjVwwlKw-B1J42mT7zK8ay5ywCRwJGnAjoHImPF6Dw5HbHOfVGsqHc0ePkwyli4CorW_r79i32ocOni6_UKTnlzza9SaDDTA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
unip
trc-events.taboola.com/1070961/log/3/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1070961/log/3/unip?en=pre_d_eng_tb&tos=1560&scd=0&ssd=1&est=1684467804214&ver=36&isls=true&src=i&invt=1500&msa=7854&rv=1&tim=1684467805774&vi=1684467804211&ri=a90fb3e270236be0e3420bf847acf8b6&ref=null&cv=20230511-7-RELEASE&item-url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
https://www.straitstimes.com
pragma
no-cache
date
Fri, 19 May 2023 03:43:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
tagweb.straitstimes.com/g/ 		65 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tagweb.straitstimes.com/g/collect?v=2&tid=G-MQEMTJBF6J&gtm=45je35h0&_p=1629550037&cid=1849208897.1684467802&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&sst.uc=DE&sst.gcsub=region1&_s=3&uid=&sid=1684467802&sct=1&seg=0&dl=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping&dt=Woman%20who%20scanned%20QR%20code%20with%20malware%20lost%20%2420k%20to%20bubble%20tea%20survey%20scam%20while%20she%20was%20sleeping%20%7C%20The%20Straits%20Times&richsstsse
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.219.231 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (sgb/C79B) /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 19 May 2023 03:43:28 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
via
1.1 google
server
ECD (sgb/C79B)
x-vmg-version
v10.5.33
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.straitstimes.com
cache-control
no-cache
access-control-allow-credentials
true
sync
eb2.3lift.com/ 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:43:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
unip
trc-events.taboola.com/1070961/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1070961/log/3/unip?en=pre_d_eng_tb&tos=4561&scd=0&ssd=1&est=1684467804214&ver=36&isls=true&src=i&invt=3000&msa=7854&rv=1&tim=1684467808775&vi=1684467804211&ri=a90fb3e270236be0e3420bf847acf8b6&ref=null&cv=20230511-7-RELEASE&item-url=https%3A%2F%2Fwww.straitstimes.com%2Fsingapore%2Fwoman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Requested by
Host: www.straitstimes.com
URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
https://www.straitstimes.com
pragma
no-cache
date
Fri, 19 May 2023 03:43:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

608 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 boolean| credentialless object| gs_channels function| getCookieByName object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing string| loaded_dfp_tags boolean| canRunAds number| outbrain_enable number| overlay_validity number| catfish_validity number| postitial_validity number| prestitial_enabled number| postitial_enabled number| catfish_enabled string| key object| keycode number| topOverlayImpressions number| topOverlayImpressionsServed object| dfp_preview_ids function| getCookieValue function| setCookieValue function| querystring object| dfpObj function| reloadScrollBars function| continueToSite function| unloadScrollBars function| parse_query_string function| kill_postitial function| closetopoverlay object| match function| get_sph_uid function| get_cookie function| set_cookie function| save_suid function| get_suid_from_local_storage function| get_suid_from_server object| _data undefined| visitorcat undefined| svc object| permutive_keys function| per_getcookie string| per_suid string| sph_seg string| per_userid number| c_start number| c_end object| permutive boolean| prebid_script_load number| prebid_sips object| pbjsChunk object| pbjs object| ADAGIO number| zbsg_megalb object| prestitial_domains object| postitial_domains object| catfish_domains number| is_sphm_site object| sphm_domainames function| getthedevicebids string| DeviceforBids function| parseQueryString object| URLParams function| straitsTimesOutstreamNotifcation string| val_test_adid string| val_test_plid boolean| val_prebiddebug function| isIE function| isInArray object| currenthost_temp number| PREBID_TIMEOUT boolean| lazyload_device number| megalb_active string| randImpression object| imu1_lazyload_sites boolean| lazyload_extended object| lazyload_adunits function| receiveMessage function| escapeRegExp function| replaceAll function| converysizearray string| currdomain number| Screen_width number| skin_safe_area object| sphl_domains string| skinver object| sphl_site_width number| domainIndex number| skin_space undefined| vwidth undefined| skin_space_v object| adUnits object| dfpadunits_temp string| ad_unit_loaded_across_page string| FVCOOKIE string| FVCOOKIEVAL function| fv_setcookie function| fv_getcookie function| getMetatag_fromsite number| article_page_is number| transadloaded number| catfish_req_on boolean| TOLStatus object| TOLSites undefined| sttags object| valid_anchor_sites object| invalid_anchor_urls object| valid_hb_units object| valid_lazyload_sites object| domainames object| teads_placementids object| teads_pageids object| teads_placementids_banner object| teads_pageids_banner object| teads_placementids_display object| teads_pageids_display number| intIndex string| teads_pageid string| teads_placementid string| teads_pageid_banner string| teads_placementid_banner string| teads_pageid_display string| teads_placementid_display object| playgroundxyz_placementids string| pxyz_placementid object| dfpadunits boolean| DYNAMIC_AD_DISABLED object| OBPlacementID object| valid_outbrain_sites boolean| restrictAdStatus string| key1 string| appnexusid string| tripleliftid object| temp_adsize string| temp_adunits object| outstreamsize object| split_adunit undefined| adRefreshAdUnits undefined| adRefreshAdUnitsLoaded undefined| adRefreshAdUnitsDetails undefined| adRefreshMaxStatus undefined| adRefreshAdUnitsRendered undefined| adRefreshAdUnitsActive undefined| adRefreshAdUnitsStatus undefined| div_desktopdyn_main undefined| tempAd_desktopdyn undefined| div_dyn object| desktop_prebid_size object| unitstoload object| unitsloaded object| adunitslotmap object| dynamic_ad_list function| lazyloadadunit number| adspacing_height function| onScrollEventHandler_lazy function| removeArrElement function| getlazyval function| elementInViewport function| EnableListener_rhsdyna boolean| dynamic_adslot_status boolean| shift_adslot_status number| rhs_space object| dynamic_adslot_list undefined| dynamic_adslot_cnt undefined| LHS_ID undefined| RHS_ID undefined| max_dynamic_adslot_cnt undefined| stickyEle undefined| stickyEleFlag undefined| imageTemplateEle undefined| imageTemplateEleFlag function| lhs_rhs_checkNLoad function| addNewSlotRHS object| disableadunitPrefix function| disableadunit function| customAdRefresh function| adunitCheckScroll function| removeStickyDiv function| removeStickyDivAnchor function| sendAdserverRequest boolean| rhs_preview_flag string| cname number| user_sub undefined| cval object| NREUM object| webpackChunkNRBA object| newrelic object| NRBA number| show_catfish number| show_overlay object| expiry object| mapping undefined| $ function| jQuery function| once object| drupalSettings object| Drupal object| Cookies function| ownKeys function| _objectSpread function| _defineProperty object| token_data function| loadSubscriberContent function| SPHWave_Wrap function| SPH_CDP function| SPHWave string| GoogleAnalyticsObject function| ga object| _sf_async_config object| dataLayer object| lotame_12374 undefined| postitial_redirecturl number| prestitial_timer function| bindPostitial object| _mySPHObj object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill undefined| element function| btnClick function| overFunc function| outFunc function| btnClick2 function| obApi undefined| outbrain_elements function| Popper object| _cb_shared function| lotameIsCompatible function| lt12374_ba function| lt12374_b undefined| lt12374_c undefined| lt12374_ca undefined| lt12374_da function| lt12374_ea object| lt12374_e function| lt12374_fa function| lt12374_g function| lt12374_ha object| lt12374_ object| lt12374_na object| lt12374_oa object| lt12374_Na object| lt12374_Xa object| lt12374_Ya object| lt12374_7 function| lt12374_aa function| lt12374_a function| lt12374_d function| lt12374_f function| lt12374_h function| lt12374_ga function| lt12374_ia function| lt12374_i function| lt12374_ja function| lt12374_j function| lt12374_k function| lt12374_l function| lt12374_m function| lt12374_n function| lt12374_la function| lt12374_ka function| lt12374_o function| lt12374_p function| lt12374_ma function| lt12374_q function| lt12374_r function| lt12374_s function| lt12374_t function| lt12374_u function| lt12374_sa function| lt12374_pa function| lt12374_qa function| lt12374_w function| lt12374_ra function| lt12374_x function| lt12374_y function| lt12374_z function| lt12374_A function| lt12374_v function| lt12374_B function| lt12374_C function| lt12374_ta function| lt12374_D function| lt12374_E function| lt12374_ua function| lt12374_F function| lt12374_G function| lt12374_va function| lt12374_H function| lt12374_I function| lt12374_J function| lt12374_L function| lt12374_M function| lt12374_N function| lt12374_K function| lt12374_wa function| lt12374_xa function| lt12374_O function| lt12374_ya function| lt12374_za function| lt12374_Aa function| lt12374_Ba function| lt12374_Ca function| lt12374_Da function| lt12374_Ea function| lt12374_Ia function| lt12374_Fa function| lt12374_Ga function| lt12374_Ha function| lt12374_Ja function| lt12374_La function| lt12374_Ka function| lt12374_Ma function| lt12374_P function| lt12374_Oa function| lt12374_Pa function| lt12374_Qa function| lt12374_Ra function| lt12374_Sa function| lt12374_Ta function| lt12374_Ua function| lt12374_Va function| lt12374_Wa function| lt12374_Q function| lt12374_Za function| lt12374__a function| lt12374_0a function| lt12374_R function| lt12374_S function| lt12374_1a function| lt12374_T function| lt12374_U function| lt12374_2a function| lt12374_3a function| lt12374_4a function| lt12374_V function| lt12374_W function| lt12374_X function| lt12374_Y function| lt12374_5a function| lt12374_8a function| lt12374_7a function| lt12374_6a function| lt12374_Z function| lt12374__ function| lt12374_0 function| lt12374_1 function| lt12374_4 function| lt12374_$a function| lt12374_bb function| lt12374_ab function| lt12374_db function| lt12374_cb function| lt12374_2 function| lt12374_fb function| lt12374_hb function| lt12374_gb function| lt12374_3 function| lt12374_9a function| lt12374_eb function| lt12374_ib function| lt12374_jb function| lt12374_kb function| lt12374_lb function| lt12374_5 function| lt12374_6 function| lt12374_mb function| lt12374_nb function| lt12374_ob function| lt12374_pb function| lt12374_qb function| lt12374_rb function| lt12374_sb function| lt12374_tb function| lt12374_ub function| lt12374_vb function| lt12374_8 function| lt12374_yb function| lt12374_zb function| lt12374_xb function| lt12374_wb function| lt12374_Bb function| lt12374_Ab function| lt12374_Db function| lt12374_Cb function| lt12374_Eb function| lt12374_Fb function| lt12374_Gb function| lt12374_Hb function| lt12374_Ib function| lt12374_Jb function| lt12374_Lb function| lt12374_Ob function| lt12374_Nb function| lt12374_Kb function| lt12374_Rb function| lt12374_Mb function| lt12374_Pb function| lt12374_Tb function| lt12374_Sb function| lt12374_Ub function| lt12374_Qb function| lt12374_Vb function| lt12374_Wb function| lt12374_Xb function| lt12374_9 function| lt12374_Yb function| lt12374_Zb function| lt12374__b function| lt12374_0b function| lt12374_1b function| lt12374_$ function| lt12374_2b function| lt12374_3b function| lt12374_4b function| lt12374_5b function| lt12374_6b function| lt12374_7b function| lt12374_8b function| lt12374_9b function| lt12374_ac function| lt12374_bc function| lt12374_cc function| lt12374_$b object| bootstrap object| tabbable function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray function| getUrlParameter boolean| isArticlePage number| emptyBICount function| iFrameResize object| queryly object| searchPage object| rewards_timer object| d number| n number| lbshown object| articleData object| sphwaveData boolean| isPropensityScoreReceived boolean| isLdapLoginDetailsReceived boolean| sphWavePaywallInitiated function| swClickedNewsletterSignup function| checkValidEmail object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_135 object| Criteo object| Criteo_identitytag_135 object| gaplugins object| gaGlobal object| gaData function| loadScript function| initNeuron function| initNeuronCallback function| ready object| a2a object| a2a_config function| a2a_init object| google_tag_manager object| ats function| OktaAuth object| _linkedin_data_partner_ids boolean| _already_called_lintrk object| _cbq object| dotq number| gtmPageLoadId object| GooglebQhCsO function| fbq function| _fbq object| _fbq_gtm_ids undefined| a object| gfkS2sConf object| agent object| gfkS2s function| s string| e string| aud_url object| post_json string| apiKey object| xhttp function| ga_event function| apiObj object| _cbm function| gtag boolean| ldapLoginDetailsReceived object| sas object| apntag object| _ADAGIO function| a2a_show_dropdown function| a2a_miniLeaveDelay number| a2apage_init object| google_optimize undefined| ProductFamily undefined| ProductFamilyUserType undefined| ProductFamilyAcctPackage undefined| ProductFamilyStartDate undefined| ProductFamilyPromotion string| userId undefined| ms function| onYouTubeIframeAPIReady function| lintrk function| UET function| UET_init function| UET_push object| pSUPERFLY_mab object| pSUPERFLY object| s2sSdkConfig object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater function| getLocalCookie function| setLocalCookie string| push_aid_cookie object| aid_valid_domainpath object| aid_valid_path object| aid_valid_domain object| aid_siteid string| selected_domain string| aid_siteid_selected number| aid_domina_pos string| local_aud_key string| suid object| ueto_ffed6c554c object| uetq object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| YAHOO object| temp1 object| temp2 number| campaign_id object| mpaValues boolean| articlesFullyConsumed function| clarity object| clarityuetq object| ONFOCUS object| Neuron string| Optin_field_ids_new string| Email_source_new function| clickedNewsletterSignupCampaign object| _smtObserver function| handleGoogleOneTapCallback function| handleGoogleOneTapNotification object| _tfa function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| GoogleGcLKhOms object| google_image_requests

61 Cookies

Domain/Path Name / Value
www.straitstimes.com/ Name: sph_user_country
Value: DE
.sphlabs.com/ Name: suid
Value: a4ac49ff02dd406cabff56062ba5d9ea
.straitstimes.com/ Name: suid
Value: a4ac49ff02dd406cabff56062ba5d9ea
.straitstimes.com/ Name: permutive-id
Value: 48c5b0bb-1ee3-4b69-90a0-a0acad390169
www.straitstimes.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.5f876161-9740-4cc8-9b64-4585990b2690.prmutv.co/ Name: pxid
Value: 5795f417-a193-4d0c-8f4d-d2a6f14a8da2
.straitstimes.com/ Name: lotame_domain_check
Value: straitstimes.com
.straitstimes.com/ Name: _gid
Value: GA1.2.1705824386.1684467802
.criteo.com/ Name: uid
Value: ba5d6fa4-1d71-4f15-a486-26a4f4c9ab48
.straitstimes.com/ Name: _gcl_au
Value: 1.1.800453107.1684467802
www.straitstimes.com/ Name: mySPHUserType
Value: y-anoy
www.straitstimes.com/ Name: visitorcat
Value: 1
.straitstimes.com/ Name: _dc_gtm_UA-11908285-1
Value: 1
.straitstimes.com/ Name: _cb
Value: DHlK30BgrYkiDoQoJO
.straitstimes.com/ Name: _chartbeat2
Value: .1684467802506.1684467802506.1.B5NogWCWAhxCDGpWdxBjKAlsBsmaqj.1
.straitstimes.com/ Name: _cb_svref
Value: null
.adnxs.com/ Name: icu
Value: ChgIprRIEAoYASABKAEw2uCbowY4AUABSAEQ2uCbowYYAA..
.adnxs.com/ Name: uuid2
Value: 3039682348066643209
www.straitstimes.com/ Name: AWSALB
Value: IH9SdSgeqkbVeJixcXkdLdSG+jRyri6Cdw4Qy+/tPcyPmKdC0kYlD5EeM7nDbd0G5UQm+ZlXolBedzn4RbsurdXrZVTXHjO+mch+x4m/pxv7r3Icl+MgyZjksF6k
www.straitstimes.com/ Name: spgwAMCookie
Value: 46bf24c91e5d89f7aa99a316189d2210
.bing.com/ Name: MUID
Value: 1AF02F0E251163E9138A3C18247A620B
.linkedin.com/ Name: li_sugr
Value: be96dbd3-3295-4ab3-81f8-281411f98314
.linkedin.com/ Name: bcookie
Value: "v=2&7e389ef2-04e6-4188-8ab1-21e045f9cc8b"
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2674:u=1:x=1:i=1684467802:t=1684554202:v=2:sig=AQEvEjkZRzrO6pmuCwzb46bObvAv4jyG"
www.straitstimes.com/ Name: ln_or
Value: eyI0NTA5NDQ5IjoiZCJ9
.straitstimes.com/ Name: cto_bundle
Value: -4p6w19xJTJGbWw2RGJrZlNoZHVFVzB5Sm4yJTJGR3FNSzdISXdqRVZ1JTJCUG1NUEpjTnRuSSUyRmlnWWZnckJFVlRnSVZ4UVExNlpZaXJYSnNkdG9DWjNRd01vRFA1ayUyQmN3Q1JSWXIyUUVCa0xsU25ScHo0QlJMQVNGWllGVVpIJTJGWkhCUHJ6JTJCU0Q0WXI2U2QlMkJ3S1FCU3Q5aWd2NUNCMU03UlMwV3dCZTBSc09jOUJzayUyRldKSFklM0Q
www.straitstimes.com/ Name: sui_1pc
Value: 1684467802657AD926366A5B74D5D0C1216E6497DDE3752FCC8E4512
.sensic.net/ Name: sui_3pc
Value: 168446780266631304E95468002E5E6CFDE40A1EDC5D8A49FC6CFA0E
.straitstimes.com/ Name: _fbp
Value: fb.1.1684467802671.572614388
www.straitstimes.com/ Name: outbrain_cid_fetch
Value: true
www.straitstimes.com/ Name: topOverlayImpressionsServed
Value: 0
.linkedin.com/ Name: UserMatchHistory
Value: AQITUrhYug-jSwAAAYgyGuJHW6OITaO_fBfWCYlnxzw626ByZD85k51Lo-X6aE22YtagH0ciR9htCw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKVJEv61ZBKvAAAAYgyGuJHZpVA2Zb_-6mdgW6aKVWCFmw6gu3LErfncrcetbYA6CfqyvE04mXZI6pQT5Zt6g
.yahoo.com/ Name: A3
Value: d=AQABBFrwZmQCEB5ORmwJ0q97aV7UVEiiCgoFEgEBAQFBaGRwZOANyiMA_eMAAA&S=AQAAAq4Hld9Fk4kYvXc5aShwROg
www.clarity.ms/ Name: CLID
Value: 3c95faaaa6ec4bc1b52c1cc8bbc8e377.20230519.20240518
.www.linkedin.com/ Name: bscookie
Value: "v=1&202305190343226653a4c5-4f6f-494c-8ec7-573bb14d8bd7AQEE5YwHnrt4dMC39Dsoo4YV7bLgjb_W"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODQ0Njc4MDI7MjswMjEMcfLkXd742z1h+SKgKukTiy8B/5wwLVnM1wn4t8HOIQ==
.doubleclick.net/ Name: IDE
Value: AHWqTUmeTeouYnGLZQRNxQR6Il-v3V7z58NCHVIJ3vMpGDdsksQ2VJjZqnTlusDcLfo
.straitstimes.com/ Name: __gads
Value: ID=2a70bffdf9529e79:T=1684467802:S=ALNI_MafCBLzTZfQCWEnWAxAXtXf7gWb2w
.straitstimes.com/ Name: __gpi
Value: UID=00000c1862cddc48:T=1684467802:RT=1684467802:S=ALNI_MYygOo6-IdpNTURFI7wpzoW0vFpuw
www.straitstimes.com/ Name: UserFirstVisit
Value: 1
.straitstimes.com/ Name: _ga_MQEMTJBF6J
Value: GS1.1.1684467802.1.0.1684467802.60.0.0
.straitstimes.com/ Name: _clck
Value: jdc18v|2|fbq|0|1234
www.straitstimes.com/ Name: neuronId
Value: fe4c899d-d412-46de-9e03-19e9fa88067f
idp.mysph.sph.com.sg/ Name: DT
Value: DI1XY_xfO20RPyAXv3c97H67g
.straitstimes.com/ Name: FPID
Value: FPID2.2.qHSpzUIJEQ14KQzuoWeTmMei8R%2F8%2Fkpciu6i%2ByDDLzU%3D.1684467802
.straitstimes.com/ Name: _clsk
Value: 5n22q2|1684467803450|1|0|e.clarity.ms/collect
.straitstimes.com/ Name: _gat
Value: 1
www.straitstimes.com/ Name: AWSALBCORS
Value: 5BxANXwsPYmz/+xYWfTpOvtCKJCU8b1czAj1xk7CzpkkF54pKjki8DmMYfJ8sV2oit6VUuMlPQIPeEReh8p+ED7ge0dxcwp9lSgyOLRQzSpHI6q6EqC1AI6fclS9
.straitstimes.com/ Name: _ga
Value: GA1.2.1849208897.1684467802
.straitstimes.com/ Name: _gat_UA-11908285-1
Value: 1
.straitstimes.com/ Name: _uetsid
Value: 4d936cd0f5f711ed97ae7501f6684a52
.straitstimes.com/ Name: _uetvid
Value: 4d937700f5f711ed9cad797c700f270a
.straitstimes.com/ Name: sessionStatusST
Value: 1
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1AF02F0E251163E9138A3C18247A620B
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1AF02F0E251163E9138A3C18247A620B
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.straitstimes.com/ Name: FPLC
Value: j419xnllzj7lD%2FH8Dlrw1%2FgyohzhVwgF4TAsrrDnJBKz6oIdXjjQN334TFguDr%2FBQVKFACPPNeUuyBe22v6Ofv580wgfaqcqJzfz5i9RlJnUPHDttxAbTETxx1n%2B5w%3D%3D

8 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
javascript warning URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/tag/js/gpt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.queryly.com/js/queryly.v4.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.queryly.com/js/straitstimes-advanced-search.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.straitstimes.com/singapore/woman-who-scanned-qr-code-with-malware-lost-20k-to-bubble-tea-survey-scam-while-she-was-sleeping(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/tag/js/gpt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1684467802528bdf94ceb08543450737941e2aa1e7646dac90ec9179.trk.sensic.net
308cfffc34b6c4909d9bf6ff17f0d460.safeframe.googlesyndication.com
5f876161-9740-4cc8-9b64-4585990b2690.edge.permutive.app
5f876161-9740-4cc8-9b64-4585990b2690.prmutv.co
a.teads.tv
ads.eu.criteo.com
adservice.google.com
adservice.google.de
adtag.sphdigital.com
amplify-imp.outbrain.com
amplify.outbrain.com
api.permutive.com
b1-nydc1.zemanta.com
b1t-nydc1.zemanta.com
bam.nr-data.net
bat.bing.com
bcp.crwdcntrl.net
c.bing.com
c.clarity.ms
cat.nl3.eu.criteo.com
cdn.linkedin.oribi.io
cdn.permutive.com
cdn.taboola.com
cdnjs.cloudflare.com
cdp.activation.sph.com.sg
cdp.sph.com.sg
code.jquery.com
connect.facebook.net
csm.eu.criteo.net
dsuwzj1tch87b.cloudfront.net
e.clarity.ms
eb2.3lift.com
fc-id.sensic.net
fonts.googleapis.com
global.oktacdn.com
googleads.g.doubleclick.net
graph.facebook.com
gum.criteo.com
highway.cablecar.sph.com.sg
ib.adnxs.com
idp.mysph.sph.com.sg
imageproxy.eu.criteo.net
js-agent.newrelic.com
mab.chartbeat.com
mcdp-nydc1.outbrain.com
mp.4dex.io
mug.criteo.com
mv.outbrain.com
neuron.platform.sphdigital.com.sg
pagead2.googlesyndication.com
ping.chartbeat.net
px.ads.linkedin.com
px4.ads.linkedin.com
rtb.nl3.eu.criteo.com
s.yimg.com
sb.scorecardresearch.com
script.4dex.io
securepubads.g.doubleclick.net
segment.api.sphdigital.com
sg-config.sensic.net
sg2-s2s.sensic.net
snap.licdn.com
sp.analytics.yahoo.com
static.addtoany.com
static.chartbeat.com
static.criteo.net
static.mysph.sph.com.sg
static1.straitstimes.com.sg
stats.g.doubleclick.net
streams.cablecar.sph.com.sg
suid.sphlabs.com
tags.crwdcntrl.net
tagweb.straitstimes.com
tlx.3lift.com
tpc.googlesyndication.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
widget-pixels.outbrain.com
widgetmonitor.outbrain.com
widgets.outbrain.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.queryly.com
www.straitstimes.com
zem.outbrainimg.com
104.19.150.54
13.107.42.14
13.225.78.116
13.225.78.89
13.248.245.213
13.32.99.105
141.226.228.48
143.204.215.113
143.204.215.13
146.75.122.132
151.101.129.44
151.101.194.244
151.101.66.137
152.195.53.10
152.195.53.15
162.247.241.14
178.250.1.6
178.250.7.13
18.138.40.123
18.156.109.169
18.198.157.165
18.66.147.116
20.62.48.180
2001:4de0:ac18::1:a:3b
212.82.100.181
23.32.185.60
2600:9000:2057:2c00:18:1fcd:353:c61
2600:9000:20eb:dc00:2:53b2:240:93a1
2600:9000:21f3:9600:1:d14c:f1c0:21
2606:4700:10::6816:46c5
2606:4700:20::681a:9a9
2606:4700:20::681a:d56
2606:4700::6811:190e
2606:4700::6812:1af
2606:4700::6812:272
2620:1ec:21::14
2620:1ec:4e:1::45
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:803::2002
2a00:1450:4001:803::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9d
2a02:2638:3::12
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:3::c
2a02:2638:d::11
2a02:2638:d::13
2a02:26f0:3500:16::215:148d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f083:10e:face:b00c:0:2
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:600::714
2a05:d014:5d3:cea0:34bd:20cd:7c62:c2d5
3.33.189.110
3.65.115.184
34.107.254.252
34.233.50.152
35.241.9.51
37.252.171.22
52.220.136.47
52.74.214.156
54.251.221.242
65.9.66.122
68.219.88.97
70.42.32.191
93.184.219.231
95.101.149.35
99.80.210.150
010b53f7b538cbef07714dcb22bc9d39885f256afe2aabf9d052ea176993f018
020a2896207f6fc0e3049c12d142bb90b7ac5714f67c359d5d2281b17a30a424
02360bb4eb2cb2037c092779b42eb4cbecb475c8804f7a68003e3155626fa932
0290fdc22f5cf8783b24efd2eb704403aaf2afc96a52d69e527d1b09cd0b0656
0307f3b9d8215b1581f25bdf8ba24881d8f7030f53ed17b33e3ca6a5e6c8582f
043047ec8694e32c6498cff8ea488d659470307a36817a96eb66c40e14b92245
04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06ae5cc5fb744927cc4bd0b2907cd069d4f1c90fef770f4aac917932d2ccc75a
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09c1fbd26a103bcde83f7a2d50005610cd877ab42f0b38238cf935fa11082564
0ac01ab832b811cdc2dfddaf28ba2f1ee3ef3bb6486cbaeb424226fde71ee625
0b61e01fa0fa02eba3c6a074427ddf2a6cf98c01727b2796309b2b5b005fac70
0b65371560c43733fcb5bb2a71614bfb047e7387f5411dc7ec3c1976b14e197c
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0dc405349b9e64616a3625673041771f2be733ebcb07688fcacd947401e40d34
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ee297397fc28cf7a50aa30a1003f55e2ea2bdd13780a84a2a756e7f56ded885
0f0b364913c2260d2a3eaeeaedf3626c4304fb05debb8ed5441078eb4bc72a1b
10b42a40f4bbaae2cf0cbe59014d93e28be7d44eb09dff0d7e293f80d1f57fa9
1410833a4b9958ff08508317d085a68078272672d349c301619a520cd3330c76
1443707e33c159f844861007792e296ae54e32cf3281a1ef42eadfad510cb8bd
144c2b996574a2f16003848858de86dc5ad3486fb4fe14a5d5a79d134086e763
14f2a4a0b36e2390fafa550f948c568362a2a7e16b40dc42d694eaf2c5cd9708
1512463f897701d87d766364949a223110d89965798bbce1e42e816a2dba3b47
16b720b7860abd7d0d26be91cf128a3b67c9093b0b733670dce0d39a40fefcd4
17250e15dc2edf6265d11aed3980478c3c22786dd9d86568bf3e8ddb0dce08b2
1799233cf6f93c43add84e5e88214de28ed99ced16b99808501cc8b8df86657c
199aab1f505ae0a7a87a10b59b877973cc25158d1876d3dc42b911d4e5397afa
19bc8d0d045b7cd7c17ea5c5419a01f6fc82c075cfd69ef3592938d3587b0236
19e85307eda433237eead6bc21bfcd50ec3a7c23f6bbeae846e7e8552b357552
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d137f9b816994ff3dd240ef04942ebf47c48131c32b0acc640db3065755d496
1d21c450cb3b0efa2abcbe6f5c7842072b1928dd316b7579d2aae29bf8ba6ce1
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d5ead345bf4e3731048f416d5239d5362d57cf00a9cfe8ba943ae1bf5503c94
1da79754ccda7c241f56d5a82ed377c3384b58db3c718d9c1fd38843c47d8df3
1ef82f679beb78304789826324d9929a71617e9532b954c2fc2815d02dc2a0ec
1f380910bbec59fdcb699957fc30da0f9d2cb0065ee0dbe2648b51b335dd159f
2214d60517cfeb885303081e243b0978c320aee263f034fca492af7dcbdacad5
2298e6d2bafbe82af2f8c1a4f963d9df7f04ecd5092a08bb06011f01ea9655c1
24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30
26397bfd8b42061dd946d0b7466e0e34a727cf96a549026d0d050b60f1bce4e3
26648cb12fd4409cda6ceaf6d58450b4b2688bd4c102020fbc3df2ac6107a113
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
272164e5b3fb96e072257a2b6439d17a64d72018196ea36e8a73024c380dc9cf
2805fd496c26669f5b66da8300bf980da921a577f84af927b8cba0a2c1c8997e
299064cf3027c5efab4ab6df345de1302dfa562db83eca51965371938480f56c
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812
2d12bccd7551a7089e549840142f6fb09aebe90a45475cc59fb5ec784e37fe77
2d836b48dc4468c61264e5937be0c1f6bc6916e3bba1e5d21fda5172a534f273
2e4d6d03030653fa0131987d9c74e37e6660152e7c98d39457a372ad2629d328
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
307a31b947870ad9ea319a34e93b56eba0d869708e0076270eadba020f0ec5ce
309c67bbdd28747201250a034b9306ee6f2df7cf5ffa3633acb75389f28db979
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
34169af71b02b45feb08dbe27772638c0b3bed26fe26d9f015b019be64e4389b
34290715b0d39c6330c9300bf299dd17ae80da8c6688025e29bc6c84e77792e4
34e0e8ab8d16b1f845707a7096cd89254799c692a4ee55e682359a2c4ce0b71b
35e82b6352906420583967f5c454ad18591a2706e635364ec162dc8e3d06eae0
376c5f84633bc49a8a825b7de7b5f182e26f7db1b01ed01ce89a09600287765b
37f82a178010cb9331e2c439ef565813de88acb2720976d527feb1736491fe73
387ac5624a9d22e342c4902c7a352a0f79352daa62e5459408971c778ad36aab
39c5031fa5e04352d50fff0f766f4c5f77f2e30a45fcf73d0470bd41cd041394
3a19ff3554a1e589f756a92be8263726674127c133feb1d333095668b77ba08c
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c1f1a014ec5788508816b9dd56daed240a8290e54e6d1ed5c451dd379ff84e7
3df1425dd2f62d5691f438779fe77fb918f267fa1c0f514de90a910a8b421031
3e5a605c4b8f71cf95ac4e56d649e4b3fc6f42ea974872a4fde33ecc3b6ee019
3ebbaf0128a5fee7c6aeeb33c8824dd3e292d4144f6706553403131d081336e3
3ec528caba65d3b52c1e68e36afad4498dd205848631c8949f0b786476611600
3f4130b699421ca1d61487160270d08ec3f4b0844b1f96deb7586d95a5b798ed
4337eb7f46ae1de9a83b1c8ab150ea218931cced5169fd2af1f0be998f93894f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44cf0c7aebe493ef98b42bd6f0af1892712b28fc0d3395b85817c78ebbe196f6
461acc1c7697f7679cee236146ca7488e86b05b367c88c3419a9df0cfa9d36ef
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
4814499c0a1669451297c93c6340da87dfb284aad67a38d8ace7e20536b172ba
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48e1986c2e70526aa41e862378b58244d2003db194554bd5a5bb1abf88495b7c
4a4fa2a793d87c88f1509f370dbc40b6deec2188b6a918f92365f873b7bc566d
4a7faa6dfcd1854a535efc4d1c1969ef3478f9a0e67bf974a5a78ef7e8ba7b9b
4aa81f02ca2ccd50cf0617825c6f8b117d7b4cd47a717a1856c6d16a99bfa822
4acb54f245d343ebffeabeff6316b38e8bad7c4dc8312e0423db4167e305caf3
4ad5f5e1be2bfad0b36f324d134a09956a3bb0c2c6b824b20a237a1f8c96cfd2
4b00b23eca5aad09eabe59388bb88adea48a637a6a6f23a57a879a7bc8700cab
4b498019c05e4e3d4295a1638a04e7ea5ed01dd82d10c0669fc1c28030576c39
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451
4cfabcfdbec9a5cd903190f150028743f38c3533b53ea21c6e4dd35a52a80383
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e683cc12b13d657d9bf03f67c84e09643e8ef6f905fe3b737be2fcd9a8e0ba8
4fd7e963e4dc11a40bc21898c96824c2a7ad62161e29f1401eb06e6999333bc9
5251ec9a6d7f9cc54b205363d70eb38bf67517f8e02b3ae04e85c9cf5f908228
5377962f3fe67b50de2cc173022779a3c1863023426456b4a6abd71636ba0434
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53ab1520402c2ade95cfbd4232430e936485c3f0deb70fda33c64d760d98a9a9
558be362efdb18c56469da6e6a698af5c87d85ba12bfe659e1dd04cfd25d9d2d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d
58e94da8dee50d29aa08f411befe5cba2a0fc9cf2bc8d5e01afcead7191f6688
595b1f54492aca5546cfd862e58a93a31b2f4f1e3b791a6b34ed8971823843b6
5a3dbbd4d8aebd72d7bcf95efa8bba9cff83dd18f76bf91c260242ddddcb1e15
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5a7d1688d4c50a4b94a581c3e2e9cfde9c21aac5d47cf613499a3695134fb84f
5b3afc2931a8446ae45f2fb4e16d471433fb6bc0054d52666698610bddce5bf6
5cef9e47f0c45bb5c1488793d4f330d9d3e2cb07bdf712f3d476f5aeca2fdd4e
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5f3dfa122623ea2d2ec051fabbee5208b6d82b7cda5e7c8102dcb6e22533e21b
5f4d7f3eafb4d9820dd9f359b637ee8df4136b8bdba6705b9dd0a15faf2bc025
6106cf2ccd968384938dc8bb68302de982659074730381aaa3a6d3397bfa452d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
65834585813a0db1a2adfd9d6f71705c84d3d99da121fa270cc1d3a4518a0b90
65a3e478c17a881b9a4605d2761546417aebe4889f168b12c26e04e5eb942d18
66fce1b637ab64b90f5f6c6f41685a3b527ddc9b4a3c02c479cebc6f9afa9ba0
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
67ab62acaf584fbf6402167628b9dd33eae08210ffe2f1df97f4c76f9250c156
685a679e1ff660ec3e109260b30f7271b8c14acf8d41aa6be7bf9926f366234b
68aeb838cc13eb951f3c1dd00a94429d787da2c82d17fd38d59bc5695dd186e5
6a32becd453c345fcad410422051ab51d7457549d4cda2d8880359210c16d7d9
6a637a4886bd4923397cef1a73ed2e00f43ce83b9c1f1454b3f18c9045dbc763
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b76bfda032399c16e9c0ff8109454981539e83d70b48a1c1fe58e8e4d03c8df
6c2b6d0208ffafae5afbf007859e6c4174aa9b08f5516259cb298e1042fa0e2b
6d0cfea83d1380b73b5dd7fe9f798c27ddc2d86ed9c3c92aab786b8c9d0eefdd
6d813f169d6fbae58c03cf11c8630c9aa9cb65ebbeb2644d26ea04820fc2ed94
6dd70e7d53f6d0193b1fe38a3f616306530b4948028d6525367d062d49e36598
6e2ac4e77e57c5ca7d3577763c71b207c4ede6b86fd964fe0d04e32982ad54f3
6e5aa4447cea28e4346c50082ee26cf6bb07dcbc840c633684c3694efd2d9cc5
6edd1305e3bac47dd228c138f40f08592b59456e87a3eb807f1d32411f5a3c63
71140bbdcb84a9c0e034d9146d0044bc7f80b7b940c262e391a263a13acbffc4
7203a86775409711dddc8df5a54869481e5d352def7c920e31ccda5976a19973
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226
73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd
740518add6d4c2f45138d463d092a7ebc231cef093c6bbda093b375b13b82dad
745336b6e87e607e59a03715eaf90a08492ef0ceef09b8c17cb49babfcda9b21
746a00022e9a7b0e2e456af3fde5cef49eebadaffb6245772b90b49de1795a9a
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
7570adb68a7fc245911e5f05879bdf49c228270d658ede5537f00fbe5834f473
7674813d4294e6367c27576ac6ee63106685165081325a67fc0b3582ed53182f
779b0a096123ccfc9abcaeefd9e1cdcac7df4e81c8e21cc57b09d796d8249479
77a43710be29e3de77e03649591622f8254b140cc4fdb13af89e68113ec4aa6b
78848656869a408788c3e8a14793a32d1d260056d1e4757c9ad5d1d6e141dd54
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7d749f48081229550b1757e869190b30789f4e1320907121b29345293b9a5794
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835b971b0367d87a44e8d6c919b9cc8d858887b9327e8573fd4852941876a37b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8575c35a14a220fa6aa1b955dfaa718873565fbdea1a11b1d83a3498e9651151
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30
85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c
867bc5f109b3fae719e45ff52884dafcc4219764fe4cebeab82ab858b654a188
86af9cce24e84b8f68cb81e4590a47e5622a219c37279bb11ff63184e18e8621
86dbfc31fa1e1a75ce7d6595f33f53b7eb7f917084061fc2bf87bcb6fc20439b
88cdfbf212280a347ee341cf8e2536429a6b05fa14283b96662d5a5405854f68
89b409b82a82e4159afd9a7d4240426f723e28ea599002c9b7ab7f82f7122c6e
8ad8a4d550515be8818f5e29b35ae848061f2084d584771f0232c38d04923e37
8b7f0fbfbfac0e45aed6208c282b7701b93715cf4e99651b96990a121f2e573d
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
918f37e0a3d838b34a1003f2dc3de23752d6042b376f0e5c817f35bcbaaa10b0
91c1c7f91d03f1b495f66967f5153516b41152958371ec0f6cec749834c22264
92931ceb6a0ad1c9b3e8fc6f335b9dfd6f0c7c8ee36f089bb10241c142a78faa
944142a5964e5c30c3eff355286f22cd47403aaa5e5e7d3b1018b8fad9a8f889
9446f1f8e996d3cf056d2cf65abda52344948c0210dd85d25f6e3d10d7f4a98f
95e8950072783caa5535f98034b0ee9247278b136f8d10c4da68a5c1f3d4cafb
96840bd7cc7d8edd1d1ffaff60d7f335fd866cd9a6132c8524d620482f4df64a
9763e233a2086a90b3f9f20fe2d0c254b77015b4aa7f0c25bf9d0b766dbf375c
97fe5992208187911c3daff7fe8556ee254ca0a340ab9af0e3ba04ce7e40e2e3
984c46aa2e2bc3a4a14b9ddaa0049d0e71f82e2def62a5237ae045bf4db37c91
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b7abc16a862370026a130f06418f6b37f9abda7353f925b0385bec5c6bb6d93
9ba471155394698e870cc9c9d0c8ec744d014fa45341610f179222f59f8a01bf
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9c3017ca3433380e7fc45f74c7c1227e40af303c5749aa5547c888816d3042ec
9ce0a8ccf71a4162136c54067533bacba710fc49a1fa028b61f5c686f1f510de
9dae68837251c1692ade6e57bd146378d3158aabd92706c8e3522b09a6b2b84a
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
9f9086a430d6bcd38bc67ddc6f2becb23d058d0969512f742054fa5920fb3b8c
a003f34c6b7b35ea664eaac943cdbebeb8c057f2463279ee7ca4180fc357c3c5
a01583bb1046d42e54d2ddf18e6659d54025b7db0a792464dba2a2572e23c696
a0645960ade152760a6cefc0b03736a9565c09a46c94b2dd39e54da585bde30d
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a12108fd552e85ce752da1238b1a3306b963abb47147d7109779cfd2711f8090
a127d44fb93dbc60e25e65c04d7416949c0e1a5254e19aa5630bf8d3e698cb9c
a25d00b46e872006af98081d9df23c014f8b56c77751c717434656a3201e4fd0
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5803ddaa8803d2ebad80b4242dea531e65882423af375267e474ffb8048ca60
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7d7b229e3c7677135f10d5f081bd0f428622b925b547ae804f011bc47716aee
a9d006e53659f8ac11b179372ebf534151d5869944ac364707875d9cd996c964
aa105e08cb1ff8e6d1801bc299b1859837b9a6225ba01b17757e4d18a1f8303e
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885
af3a86737a312c5236a97aa8685daf3b2aa322ab02d4efc11c1ef941cfd734a6
af912b6d5bba00042aea54553765d150ebd592ead5ef2bf4e8f9827b7a7f2d95
b0f142e8f3015a755a51e3f3511ffb0faa1b6c2dd82b15769c5405541c2d9453
b17c7751208a304bcfbf6ceaf4351aa18e412e0a3f9ce0b1c48dc980d61eb336
b3d7c135b84ab2bba0ecc037d942cceb65c50ff95a5e95c6cc80e88d029c4115
b4a44daa29915816c58afb132a1ffdf5f3cc6c6b74122cd1696d7f3000076376
b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124
b7e119e7a0845b9f4b6144123e602fbed16f9fa1243cd0028f87f9aaed076c39
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3
be09178102a8d4a6a61ffad3e47beb74ebcea16902c8b753f5cd15aade212291
be222ebe8d76ed95e6241fd6e80b43e87cee11ee97871ba3e0e6dcf439ad66b9
c098007d436f9470867ef05cea335a664366529e1650d26ddbe4fac1de6616be
c179a41ac0c21aa3874646e8ae054c9b4aa5887cb5530e2b3af291ce82834b7d
c44cd741ad10eaabdf8c70d26491a96d2d6d03be027e92be4b574bea1d4f6bc0
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c67b06702138ccb47705262c27f8b4af1cbae273591233386e8f05012e294c0a
c799ec87fb8a6e52bd93a883abdc71eef0dec77d2365ce4c2f46178a3e0909fd
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c93ba303e30e12617659360ef2a845c6555eb63869437a7e8abd5b4da66cc2fa
ca72e8893a0cf88efb844d01e3629ad7751979f01026f6149de72285279b7968
cee8450343f567b9beb938d8394b96e3486c3735b9d4336f7a3f682da1f6e198
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d101e914d8fcd87f404ae6564209f041d4f04a3f60b14f959e62aba3c9ce75fd
d106f9ce97021e6ce9a05e593a70ec7e4956667eab83726c9eb1b473b709fb8e
d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4
d2454f9f15233d34020e89d4cfb1c7b63fd635dc0dc313145fee1b87bd27ad65
d33838dcfafe36cc79ffdd31c8a29760d68cc83b37aa94a131810f3872ad47e5
d362bca686d216ef99f75a0290e15176be50b63b37574f64cb5d5e5a2cfc6765
d3d60c04410381530a4a9c7c1c066bc17ebf12761df8b6dd6a520ce08329e503
d56c8213162d2acbbb5331abbec4e79915b9e91cd2d0f740f0ad0fc18576329a
d73a0b31e08ed90e9746b1723ca266064b7f4f113370842bc347a893e217abf7
d7afc09dfd831ce7a020464b9a6d493ceba99b9808deae5dde80355f91df0894
d7c35dcef07dfdec07ccb9a9b4cff18efe0ce7b291fb30fcbd757f11400fbfab
da3b89eeaa4afb39a943212250d2fce3143afa5f07b10da16ce0bd782912b153
da6360a75aac69be7076b4a5a4a2d0bfbd3bc4a674bba2e7a9cb698035719159
da8ba9e320e2be043c7b31e5aca94faa39d3ca18b625cfb314b1abbe8ef81081
da908cca532049ebbea9690363f45fcd4cca10b49fc596c448604418402bcf1f
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dad6e54abb88acf845729b6527bebc5141f14891b4c34c96507ddd314baaba4c
db08f99821e82d1c9c20f2a70b1a2707cb3bd9967fcf503da29295d99d132833
db6a3fdf38dab07e0ccee2a304d9c643d3c0cac0ff9389ff655a062471c575b5
dbcef22d5e1f6f1e1c4a07fc1d6c5c8548ba086279d77d4b4d9c14d8eb245f0a
ddb9c86b7030bea52fb8beafcc9efc078c1a8384b00034b39b2519a943215932
ddbf719aebcee3cecb379b4e4a7459e38486f19679a2f48f14b8fccef80155e2
ddd0fcab5d5dd9faad9da1cb1e845b158d7f9a5cb8784732c980a6d91b5248e6
de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994
dfaac31fd3d8d6beeafd331d817a3563ab96e24849e7957af7c366ab079974c7
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e127811a1d27e2186da7a3442dcbab38fa07f6c5b4de27c459224cd34b370080
e165addafd6b8882ceb6a8e8959764e71986d3de6b7aa22c41ffa60588be2e2b
e16a06ceba1b4d7f887ffec9ce17d20732423e97425e2cbe74f1ac8547256cef
e2513083a8c05bcf4f319c9b1e93e0bf5283fcd5a0a6233b48c4339c8567872a
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e93839bca6637583b1c01173894b8aa4d5015690140aea2e520cfb0d5986ab
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e6d25bbcd1b217114710c61d49e1a020e585e977640d04a836cc016c134458bc
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257
eb50b24effed4f45a917beb65822fdc3a52f03b97e83faf18f7d7c308f6d5d9b
ebb72f67e51e428953d1881f78ab0c0117b8d5ec95ad3fd897420ee1507986bc
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8a5c2f34a39be4b56b666e23f88dc404bf5ec902abeea6aebeab3661a6b277
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f1eea94c1d7f9c6747515e1d7af60618498e8197905f290bc3851da41fbd5588
f2d1c56ea05a603338af2ac4c0038bfdf14e1ed57024ad86c48c1868b4dfb9bf
f31746cbb75773acc9358471805e24d2f80184a9686f2e4dfbf57530c3a583c0
f4cff2a345300085e749e83fdd2d293cd11ffbbdf676bb85e138562086a06802
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5ec1f8423e96926bd494c0f74390353594b7bc02dcfbdab3175fe0bdbd4ed76
f706375a2bdae5df357ee5d08be926e742974559ced5574552c44b4465547a60
f7551f6ee74246c6e0d682e5c07d7fd9614bce86478ed66bdf54c163cd4bb8f6
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f877667492742685fcd6308b52ac5d24d784385f05947e4c25cc04b12ac3b649
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
fe596f02df4d439b669462e19c03060e675c1ba95f4152faf5088b63e63aadd2