www.todayonline.com Open in urlscan Pro
23.75.234.137 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHcz...
Submission: On July 19 via api (July 19th 2022, 8:59:24 am UTC) from US — Scanned from DE

Summary HTTP 197 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 75 IPs in 6 countries across 47 domains to perform 197 HTTP transactions. The main IP is 23.75.234.137, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.todayonline.com. The Cisco Umbrella rank of the primary domain is 193485.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 10th 2021. Valid for: a year.

This is the only time www.todayonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	23.75.234.137 23.75.234.137	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14d5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	108.138.7.127 108.138.7.127	16509 (AMAZON-02) (AMAZON-02)
8	2a04:4e42::393 2a04:4e42::393	54113 (FASTLY) (FASTLY)
4	45.60.34.205 45.60.34.205	19551 (INCAPSULA) (INCAPSULA)
3	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.89.50 104.16.89.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.16.111.17 52.16.111.17	16509 (AMAZON-02) (AMAZON-02)
4	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
5	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:79b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:249... 2600:9000:2491:9000:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	45.60.34.167 45.60.34.167	19551 (INCAPSULA) (INCAPSULA)
3	2a02:26f0:6c0... 2a02:26f0:6c00:2bf::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:224... 2600:9000:2240:7800:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2 4	52.214.227.32 52.214.227.32	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:231... 2600:9000:2315:d200:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:223... 2600:9000:223c:ac00:16:a1f8:76c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.212.211.89 52.212.211.89	16509 (AMAZON-02) (AMAZON-02)
1 1	99.80.65.197 99.80.65.197	16509 (AMAZON-02) (AMAZON-02)
2	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223f:2000:b:3c99:a880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.7.79 108.138.7.79	16509 (AMAZON-02) (AMAZON-02)
2	52.17.229.209 52.17.229.209	16509 (AMAZON-02) (AMAZON-02)
5	95.101.201.170 95.101.201.170	16625 (AKAMAI-AS) (AKAMAI-AS)
3	147.75.83.64 147.75.83.64	54825 (PACKET) (PACKET)
1	2a04:4e42::714 2a04:4e42::714	54113 (FASTLY) (FASTLY)
1	18.66.112.82 18.66.112.82	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
1	18.66.139.84 18.66.139.84	16509 (AMAZON-02) (AMAZON-02)
1	132.145.232.67 132.145.232.67	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
6	35.158.200.114 35.158.200.114	16509 (AMAZON-02) (AMAZON-02)
8	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1	108.138.7.56 108.138.7.56	16509 (AMAZON-02) (AMAZON-02)
1 6	34.241.137.254 34.241.137.254	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
2	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
2	213.19.147.43 213.19.147.43	3356 (LEVEL3) (LEVEL3)
2	23.35.229.56 23.35.229.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	143.204.89.123 143.204.89.123	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	65.9.86.94 65.9.86.94	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:5800:1f:612c:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.127.130.1 3.127.130.1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	18.195.84.169 18.195.84.169	16509 (AMAZON-02) (AMAZON-02)
2	50.17.194.216 50.17.194.216	14618 (AMAZON-AES) (AMAZON-AES)
1	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1	20.50.2.28 20.50.2.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	52.28.131.180 52.28.131.180	16509 (AMAZON-02) (AMAZON-02)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
11	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	34.207.38.202 34.207.38.202	14618 (AMAZON-AES) (AMAZON-AES)
1	3.214.236.239 3.214.236.239	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
197	75

26 23.75.234.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-234-137.deploy.static.akamaitechnologies.com

www.todayonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14d5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.7.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-127.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42::393 (United States)

ASN54113 (FASTLY, US)

onecms-res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.60.34.205 (United States)

ASN19551 (INCAPSULA, US)

recommend-zoom.mediacorp.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt.mediacorp.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.89.50 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.embed.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.111.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-111-17.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:79b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2491:9000:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.60.34.167 (United States)

ASN19551 (INCAPSULA, US)

uid.mediacorp.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:2bf::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2240:7800:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.214.227.32 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-227-32.eu-west-1.compute.amazonaws.com

secure-sg.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:d200:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:223c:ac00:16:a1f8:76c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sg-config.sensic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.211.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-211-89.eu-west-1.compute.amazonaws.com

mediacorp.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.65.197 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-65-197.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:2000:b:3c99:a880:93a1 (United States)

ASN16509 (AMAZON-02, US)

sg-ssl.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-79.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.229.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-229-209.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.101.201.170 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-201-170.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.83.64 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-82.fra56.r.cloudfront.net

t.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-84.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 132.145.232.67 (Frankfurt am Main, Germany)

ASN31898 (ORACLE-BMC-31898, US)

mediacorp.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.158.200.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-200-114.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-56.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.241.137.254 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-137-254.eu-west-1.compute.amazonaws.com

collector.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.43 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.31 (Harrodsburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-123.fra50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.86.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-94.ams1.r.cloudfront.net

d89e089a522bc70dcd41f83fb75b135f0c2bbd3c184b8e789228b022.trk.sensic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:5800:1f:612c:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

detect-survey.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.130.1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-130-1.eu-central-1.compute.amazonaws.com

1658221157557eeb6cb95f35bd3d01dc633148bc66305157392122f8.tmptrk.sensic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.84.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-84-169.eu-central-1.compute.amazonaws.com

fc-id.sensic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.17.194.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-194-216.compute-1.amazonaws.com

survey.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

mediacorp.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d2adcf6220ab52475f2bdd485c23788e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.131.180 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-131-180.eu-central-1.compute.amazonaws.com

sg2-s2s.sensic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.207.38.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-38-202.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.236.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-236-239.compute-1.amazonaws.com

gw.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	todayonline.com www.todayonline.com — Cisco Umbrella Rank: 193485	552 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 128 d2adcf6220ab52475f2bdd485c23788e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 166	67 KB
11	effectivemeasure.net 1 redirects sg-ssl.effectivemeasure.net — Cisco Umbrella Rank: 118877 t.effectivemeasure.net — Cisco Umbrella Rank: 56561 collector.effectivemeasure.net — Cisco Umbrella Rank: 36662 detect-survey.effectivemeasure.net — Cisco Umbrella Rank: 168232 survey.effectivemeasure.net — Cisco Umbrella Rank: 67382	12 KB
11	sensic.net sg-config.sensic.net — Cisco Umbrella Rank: 94729 d89e089a522bc70dcd41f83fb75b135f0c2bbd3c184b8e789228b022.trk.sensic.net 1658221157557eeb6cb95f35bd3d01dc633148bc66305157392122f8.tmptrk.sensic.net fc-id.sensic.net — Cisco Umbrella Rank: 52950 sg2-s2s.sensic.net — Cisco Umbrella Rank: 107353	85 KB
11	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 432	204 KB
9	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 231 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 ad.doubleclick.net — Cisco Umbrella Rank: 217	172 KB
8	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 257	6 KB
8	cloudinary.com onecms-res.cloudinary.com — Cisco Umbrella Rank: 118935	1 MB
7	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 699 eb2.3lift.com — Cisco Umbrella Rank: 448	3 KB
7	mediacorp.sg recommend-zoom.mediacorp.sg — Cisco Umbrella Rank: 147974 uid.mediacorp.sg — Cisco Umbrella Rank: 101459 rt.mediacorp.sg — Cisco Umbrella Rank: 152338	18 KB
6	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 4771 p1cluster.cxense.com — Cisco Umbrella Rank: 7172 comcluster.cxense.com — Cisco Umbrella Rank: 4482 id.cxense.com — Cisco Umbrella Rank: 8952	55 KB
6	moatads.com z.moatads.com — Cisco Umbrella Rank: 470 mb.moatads.com — Cisco Umbrella Rank: 697 geo.moatads.com — Cisco Umbrella Rank: 640 px.moatads.com — Cisco Umbrella Rank: 481	94 KB
6	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1207 widget-pixels.outbrain.com — Cisco Umbrella Rank: 2902 odb.outbrain.com — Cisco Umbrella Rank: 1341 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5480	88 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 376	109 KB
5	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 17 adservice.google.com — Cisco Umbrella Rank: 103	2 KB
5	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 3961 images.outbrainimg.com — Cisco Umbrella Rank: 2202	67 KB
5	imrworldwide.com 2 redirects secure-sg.imrworldwide.com — Cisco Umbrella Rank: 157574 cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2876	12 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 485 www.linkedin.com — Cisco Umbrella Rank: 534 px4.ads.linkedin.com — Cisco Umbrella Rank: 5743	4 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1049 trc.taboola.com — Cisco Umbrella Rank: 702 trc-events.taboola.com — Cisco Umbrella Rank: 1612	19 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 698 script.hotjar.com — Cisco Umbrella Rank: 1004 vars.hotjar.com — Cisco Umbrella Rank: 1019	70 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69	20 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1247 mab.chartbeat.com — Cisco Umbrella Rank: 2114	25 KB
3	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 1448 gw.geoedge.be — Cisco Umbrella Rank: 1641	98 KB
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3326 collector.brandmetrics.com — Cisco Umbrella Rank: 3650	18 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 213 mediacorp.demdex.net — Cisco Umbrella Rank: 170927	5 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4440	60 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 4915 adservice.google.de — Cisco Umbrella Rank: 6937	1 KB
2	teads.tv a.teads.tv — Cisco Umbrella Rank: 1267	502 B
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 975	333 B
2	spotxchange.com search.spotxchange.com — Cisco Umbrella Rank: 458	3 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 134	17 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1460 bcp.crwdcntrl.net — Cisco Umbrella Rank: 990	15 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 151	2 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1124	201 B
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 305	725 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 477	14 KB
1	omtrdc.net mediacorp.sc.omtrdc.net — Cisco Umbrella Rank: 141606	441 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2514	258 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	3 KB
1	gscontxt.net mediacorp.gscontxt.net — Cisco Umbrella Rank: 138819	485 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	68 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 971	517 B
1	embed.ly cdn.embed.ly — Cisco Umbrella Rank: 14982	4 KB
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 6658	12 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 819	7 KB
197	47

	Domain	Requested by
26	www.todayonline.com	www.todayonline.com
11	assets.adobedtm.com	www.todayonline.com assets.adobedtm.com rumcdn.geoedge.be
8	ib.adnxs.com	www.todayonline.com
8	onecms-res.cloudinary.com	www.todayonline.com
7	sg-config.sensic.net	www.todayonline.com sg-config.sensic.net
6	tpc.googlesyndication.com	rumcdn.geoedge.be www.todayonline.com
6	collector.effectivemeasure.net	1 redirects www.todayonline.com t.effectivemeasure.net
6	tlx.3lift.com	www.todayonline.com
5	cdn.ampproject.org	rumcdn.geoedge.be
5	securepubads.g.doubleclick.net	www.todayonline.com securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	www.todayonline.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.google.com	2 redirects rumcdn.geoedge.be www.todayonline.com
4	images.outbrainimg.com	www.todayonline.com
4	secure-sg.imrworldwide.com	2 redirects secure-sg.imrworldwide.com www.todayonline.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.todayonline.com
3	cdn.cxense.com	assets.adobedtm.com cdn.cxense.com
3	uid.mediacorp.sg	assets.adobedtm.com uid.mediacorp.sg
3	widgets.outbrain.com	www.todayonline.com
3	static.addtoany.com	www.todayonline.com static.addtoany.com
3	recommend-zoom.mediacorp.sg	www.todayonline.com rumcdn.geoedge.be
2	trc-events.taboola.com	cdn.taboola.com
2	fonts.gstatic.com	fonts.googleapis.com
2	ad.doubleclick.net	1 redirects www.todayonline.com
2	fonts.googleapis.com	rumcdn.geoedge.be
2	px.moatads.com	www.todayonline.com
2	survey.effectivemeasure.net	t.effectivemeasure.net
2	googleads.g.doubleclick.net	1 redirects www.todayonline.com
2	px.ads.linkedin.com	2 redirects
2	a.teads.tv	www.todayonline.com
2	targeting.unrulymedia.com	www.todayonline.com
2	search.spotxchange.com	www.todayonline.com
2	www.googleadservices.com	www.googletagmanager.com rumcdn.geoedge.be
2	sb.scorecardresearch.com	www.todayonline.com
2	static.chartbeat.com	assets.adobedtm.com rumcdn.geoedge.be
2	rumcdn.geoedge.be	www.todayonline.com rumcdn.geoedge.be
2	cdn.brandmetrics.com	www.todayonline.com cdn.brandmetrics.com
2	z.moatads.com	www.todayonline.com z.moatads.com
2	dpm.demdex.net	assets.adobedtm.com www.todayonline.com
2	static.hotjar.com	www.todayonline.com www.googletagmanager.com
1	eb2.3lift.com
1	gw.geoedge.be	rumcdn.geoedge.be
1	ping.chartbeat.net
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.todayonline.com
1	sg2-s2s.sensic.net	sg-config.sensic.net
1	d2adcf6220ab52475f2bdd485c23788e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	rumcdn.geoedge.be
1	adservice.google.de	rumcdn.geoedge.be
1	collector.brandmetrics.com	cdn.brandmetrics.com
1	mediacorp.sc.omtrdc.net	assets.adobedtm.com
1	fc-id.sensic.net	sg-config.sensic.net
1	www.google.de	www.todayonline.com
1	1658221157557eeb6cb95f35bd3d01dc633148bc66305157392122f8.tmptrk.sensic.net	sg-config.sensic.net
1	detect-survey.effectivemeasure.net	t.effectivemeasure.net
1	d89e089a522bc70dcd41f83fb75b135f0c2bbd3c184b8e789228b022.trk.sensic.net	sg-config.sensic.net
1	trc.taboola.com	cdn.taboola.com
1	px4.ads.linkedin.com	www.todayonline.com
1	www.linkedin.com	1 redirects
1	vc.hotjar.io	script.hotjar.com
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.taboola.com	www.todayonline.com
1	snap.licdn.com	www.googletagmanager.com
1	tags.crwdcntrl.net	assets.adobedtm.com
1	mediacorp.gscontxt.net	www.todayonline.com
1	vars.hotjar.com	rumcdn.geoedge.be
1	id.cxense.com	cdn.cxense.com
1	odb.outbrain.com	rumcdn.geoedge.be
1	comcluster.cxense.com	cdn.cxense.com
1	www.googletagmanager.com	www.todayonline.com
1	rt.mediacorp.sg	www.todayonline.com
1	t.effectivemeasure.net	sg-ssl.effectivemeasure.net
1	mab.chartbeat.com	static.chartbeat.com
1	p1cluster.cxense.com	cdn.cxense.com
1	widget-pixels.outbrain.com	www.todayonline.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	geo.moatads.com	z.moatads.com
1	mb.moatads.com	z.moatads.com
1	script.hotjar.com	static.hotjar.com
1	sg-ssl.effectivemeasure.net	www.todayonline.com
1	cm.everesttech.net	1 redirects
1	mediacorp.demdex.net	assets.adobedtm.com
1	cdn-gl.imrworldwide.com	www.todayonline.com
1	cdn.embed.ly	www.todayonline.com
1	websdk.appsflyer.com	www.todayonline.com
1	maxcdn.bootstrapcdn.com	www.todayonline.com
197	86

This site contains links to these domains. Also see Links.

Domain
adssettings.google.com
googleads.g.doubleclick.net

Subject Issuer	Validity	Valid
www.toggle.sg DigiCert SHA2 Secure Server CA	`2021-09-10` - `2022-09-10`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.appsflyer.com DigiCert SHA2 Secure Server CA	`2021-10-09` - `2022-10-11`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2022-05-30` - `2023-07-01`	a year	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-07-18` - `2023-01-14`	6 months	crt.sh
*.embed.ly Sectigo RSA Domain Validation Secure Server CA	`2022-02-15` - `2023-02-22`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
gw.geoedge.be Amazon	`2021-10-13` - `2022-11-10`	a year	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-17` - `2023-04-17`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.sensic.net Amazon	`2021-10-30` - `2022-11-27`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.effectivemeasure.net Amazon	`2022-04-06` - `2023-05-06`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-08` - `2022-12-08`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2022-03-11` - `2023-03-29`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-05-09`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.trk.sensic.net Amazon	`2021-12-10` - `2023-01-07`	a year	crt.sh
*.tmptrk.sensic.net Amazon	`2022-03-07` - `2023-04-05`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
*.brandmetrics.com Go Daddy Secure Certificate Authority - G2	`2022-06-11` - `2023-06-11`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
protect.geoedge.be Sectigo ECC Domain Validation Secure Server CA	`2022-01-02` - `2023-02-02`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Frame ID: 43E8C2F58D7C546AE885D9B0FC0E695D
Requests: 179 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 94E8E2F5C6B7EE954A44323077A6A773
Requests: 4 HTTP requests in this frame

Frame: https://mediacorp.demdex.net/dest5.html?d_nsid=0
Frame ID: 05CA4DBBD44077A95542005891086EA4
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 0DC8DF7249F315DE7D8F4B0562B7911A
Requests: 1 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: C4F021C70C64918F32944F1AD3B7644C
Requests: 1 HTTP requests in this frame

Frame: https://sg-config.sensic.net/sui.html?optin=true&m=1&ai=&o=&dt=&t=s2s-w&m=TdyWeb&r=www.todayonline.com&optin=true
Frame ID: 97A84B86597407D7C9C857B193A5D94C
Requests: 4 HTTP requests in this frame

Frame: https://secure-sg.imrworldwide.com/storageframe.html
Frame ID: 337CC8058B546C32A575F7103E506D2D
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html
Frame ID: ED44167C3FAB855786DE32A01756D7D8
Requests: 1 HTTP requests in this frame

Frame: https://sg-config.sensic.net/3pc.html
Frame ID: F089D1E098380FE8AA2083869D6BD86E
Requests: 1 HTTP requests in this frame

Frame: https://d2adcf6220ab52475f2bdd485c23788e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CE3338B0719D17C6525A5F5039154B9E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 35BCED201942FA9F0E0FFE75F00C8685
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA368A3AC5195BEDF3B7006F2C57A37F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

197
Requests

95 %
HTTPS

37 %
IPv6

47
Domains

86
Subdomains

75
IPs

6
Countries

3115 kB
Transfer

7268 kB
Size

72
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://adssettings.google.com/whythisad?source=display&reasons=Aa2KcEalLZZXtonigjMA-duDjcXu17_LZJbjGTW0lOP7w06fwbCqbu9d9shLleYT8ZQMM_yy_mhsuCP1sTP016NxoRlzIolu7n2YUWbRvcfAvsBtG1zlLgvr-Pl_fjP_wGagEPbe9yC_rd9M8zmasYIvmu--fVy-KvJbHOxmCd8v2MIcmAnyWdUWnWxdAPMRBl6_aWiBFFFMfxULJKB8-JT4fB_I1six74w-6DpvP2n8zth64iSSlOfIiuYvLPxQIEb8NfZuWPodIhdLSeyPkCyEavfJ_q6UQfP-GU2euoA6xSMi3DqtLodmqyc_olDZQXqEXctKA2SAa5MINsm7zHRoSQEvMKgvbVcdVBJRLXG-ayhp05qR7x4v5TmTYX59uh688GHmJ0vDJW_tuc4KjkMJpp3DLZ8DW15SQcDbgYLIqUe_jp_UHR3HOOyWfQStbdHLchDS3uh7gB1Fkt_FuqekQQkzTwu4BTn2oZrCzlwNvHvVCIyEMZFqsSvpq_0R-HV9o606Gj_1ftW3i7UVR2Kj8j2I8-0VNh3cR4q132eH1NjS4MS8PetKSbj79zf5XMAB7CiFBZy4kEZqIUWpsof02Mw-05vTzp17phHjxHv69JPzWzLWyksyvGBqThtn8gd9nPiNAaUNSRyv0yNyjnEKtMwgGyWwT3Kivc3ioZ7PEDvvOsOrp0Ul5efiaDup9WR2agvGPODZsn_N6pYpEZprjfpJfJKkuNCUnwUZS5tAmkHQVrehjwOe2t7Ds3lhBDa7_Zti-fjfwkYWfck9RwE1ScCEoE8LLrziOshcKqEslzMFmAwCrqYr9HY2-azJOsiCth_9fEzyMdmNHK5-UrQqVelKRXneop2v03JvOVXGCWfycSi5-6kPTOYZEK5bDRUaucxe4CgeqsaUuc5Dwa0-LS37-ROA1aL5krglYG_zscW0e_riJo2xuA2saUpIDfwPha-6HHT6-UwWCvNmGjK3OWKzoUFv3fQ2eqH9HxlwpgoPLRu-vt6DE4P4fat3p_5_aqeBLcIIBL0BJmkX1BHcvvpaRWwOZ343hW8Xm9gbu9WE-50DIk2NjdjB80d7kudQf9pHpTKV0QCKFis82eU1VqxmwTKy2Ar25Ykd3adLHCQrPt6e29741a6GblHbSveVQofBoJhLrMUT4c7Fj6u6ibYa5HxF2ede4gIYf3HAwjVBH3cg1nS5WQS9f2ukRJXNUSnjRrKqi5QzFQX0d4oe1r7lC8xR51X92t2X8rI3OLQIsuDIz5gCvd0ukjmKwgNFC4a2HgwpZsZWsxFq50sauxXSISsRMms5WzuggotnpKyD02pymS4Gaz5a7KyJ0tr_MdbTaOjzhHejECGJEMnGg6OxVL8LkqUYwUcql5at7m4EIuIGxvq0RSHKusSAAMY_U_E_4rfmbBnK-wJW-urrZda6Wl8zC3K1hPb2FhWhAeUjRs6Xn9J4sM2uzjIlkDvhtYkoXBfK4QuRBSkrQJR7PW9EKDDiL82RW-JwyWrBnLfGSj6qnXBX6TWJc_Vq6UFnzfKoDCUdna4c8wNAaxFmjEZy8SW5iRtAtk2lXZ1ZpckRYoyICJflvbtCECj611fFqQ3TXSneyb_nl8LbNfQjYvczE4WYFjgc-gc4Qg4BBsFKoVOzaz3cuQGh8kxZeAo5osAyAEWhXLz28UeeKP6Lg549Q7SQG3A1rpPEcTb8ie41ln1hOYx2CfkqpXFwil3K5ChrGFTlxczoh00kpwo5UoXZnCX64Lj2C6TFP-ZR6LguAeXfIdK7XzX7aUFM85P5cfOR6tMujvM-7kalYiq3lPbTqMx4bD-NPeoD-K3lGnjO3Ba5yyIUftOYDXk48Xds-zfNNRVlt51bT5EpZUEgZeiiNtwsT62ig-8rFrP5gSmjTs3cNmRYHUSOVUS9mWCUUTy5sJAqNGn5YSWC_o0cVHh08WvWk-KHvrt6wbwYkAPpd3YCuV711Qv-wmVDXMSMXsaezu6xs65T2DdsWFxOMA

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=CdYZMZnLWYvnZPKih9u8PgdSpiAXb7LKSa_ndpJbYDLSfo6L3HhABINXvmx5glYKQgqAHoAGU1u7VA8gBBuACAKgDAcgDCqoEtAJP0AvgfPvvnt2f2RZKe3ByWfryMfk25LanGEcM5fzKJC85aI8kTWEHAsAvO3a6FAjdPRTEiGm-iOaZftxA1HAK8X5oQ5JUksFFL0eytpC1fFg4rf3AzYcfITs9lY_RKhQmHoN5ViVUW9REj1-LzYmpk1S8lcBLuEQaz3lHbPvJ7cBYmjekuWnTvaKXZsa-VZAjuH4pQgtzqgaAGpNE0lUQ8OvC8EIYJl-ZHesdfoOBPndkzFjIZk5xkqBcmqPz6C5Ibkn1Xw1jI_o1p9tWZ_3RE8IovhNQU4V-qlEeU2dAzpNoXtBLj-GcguAkxtLgQ6ORAd-0yUNrZ8iGSGYcjwtl511CnVbWl-FzcGLsTcT9TkBwvsXK7y29hQ8S7QZvv6EQGrYjGNrVgCrvc-fx-B_KsQ1h6MAEk5-347UD4AQBoAY3gAfUqZEqqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAdIIEQiA4YBwEAEYHTIC6wI6AoBAsQl-XvP222QQw4AKA5gLAcgLAbgMAaITVAo3CANAAVIICgYSBAgBEAFonv7PyDByIRIfIAIoATgCQNDcqLorWAFo_v__________AYABAZgBAxoZChdjYS1wdWItOTI4Njg1MTM0ODkwNDU4M9gTDIgUA9AVAZgWAfgWAYAXAQ&ae=1&num=1&cid=CAASUORoBpNbVWbjwYgfwkyLEK50mLYPP5KTi7X582YJsNBeq8t-Bln1u1wXNeIFq3OTHCWWFWLGB-dOL0jgKUUDDZqT_V6_sX81_QQzq0wk76J4&sig=AOD64_2laa1n2XFcsCLi_PDfefUpBUpepA&client=ca-pub-9286851348904583&nx=CLICK_X&ny=CLICK_Y&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)&uaw=UACH(wow64)&uafvl=UACH(fullVersionList)&nb=9&adurl=https://explore.velocityglobal.com/ebook-fpgge-gd.html%3Futm_source%3Dgoogle%26utm_medium%3Ddisplay%26utm_campaign%3Dfinance-professionals-guide-to-global-expansion%26utm_campaign%3Ddisplay_g_ipeoawareness_germany_alldevices_combinedaudience%26utm_source%3Dgoogle%26utm_medium%3Ddisplay%26Custom-Finance%2BProfessionals:content%3D490694701591:placement%3Dwww.todayonline.com:dev%3Dc%26gclid%3DEAIaIQobChMI-aSQmcuE-QIVqJD9Bx0BagpREAEYASAAEgJH8fD_BwE

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=CdYZMZnLWYvnZPKih9u8PgdSpiAXb7LKSa_ndpJbYDLSfo6L3HhABINXvmx5glYKQgqAHoAGU1u7VA8gBBuACAKgDAcgDCqoEtAJP0AvgfPvvnt2f2RZKe3ByWfryMfk25LanGEcM5fzKJC85aI8kTWEHAsAvO3a6FAjdPRTEiGm-iOaZftxA1HAK8X5oQ5JUksFFL0eytpC1fFg4rf3AzYcfITs9lY_RKhQmHoN5ViVUW9REj1-LzYmpk1S8lcBLuEQaz3lHbPvJ7cBYmjekuWnTvaKXZsa-VZAjuH4pQgtzqgaAGpNE0lUQ8OvC8EIYJl-ZHesdfoOBPndkzFjIZk5xkqBcmqPz6C5Ibkn1Xw1jI_o1p9tWZ_3RE8IovhNQU4V-qlEeU2dAzpNoXtBLj-GcguAkxtLgQ6ORAd-0yUNrZ8iGSGYcjwtl511CnVbWl-FzcGLsTcT9TkBwvsXK7y29hQ8S7QZvv6EQGrYjGNrVgCrvc-fx-B_KsQ1h6MAEk5-347UD4AQBoAY3gAfUqZEqqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAdIIEQiA4YBwEAEYHTIC6wI6AoBAsQl-XvP222QQw4AKA5gLAcgLAbgMAaITVAo3CANAAVIICgYSBAgBEAFonv7PyDByIRIfIAIoATgCQNDcqLorWAFo_v__________AYABAZgBAxoZChdjYS1wdWItOTI4Njg1MTM0ODkwNDU4M9gTDIgUA9AVAZgWAfgWAYAXAQ&ae=1&num=1&cid=CAASUORoBpNbVWbjwYgfwkyLEK50mLYPP5KTi7X582YJsNBeq8t-Bln1u1wXNeIFq3OTHCWWFWLGB-dOL0jgKUUDDZqT_V6_sX81_QQzq0wk76J4&sig=AOD64_2laa1n2XFcsCLi_PDfefUpBUpepA&client=ca-pub-9286851348904583&nx=CLICK_X&ny=CLICK_Y&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)&uaw=UACH(wow64)&uafvl=UACH(fullVersionList)&nb=19&adurl=https://explore.velocityglobal.com/ebook-fpgge-gd.html%3Futm_source%3Dgoogle%26utm_medium%3Ddisplay%26utm_campaign%3Dfinance-professionals-guide-to-global-expansion%26utm_campaign%3Ddisplay_g_ipeoawareness_germany_alldevices_combinedaudience%26utm_source%3Dgoogle%26utm_medium%3Ddisplay%26Custom-Finance%2BProfessionals:content%3D490694701591:placement%3Dwww.todayonline.com:dev%3Dc%26gclid%3DEAIaIQobChMI-aSQmcuE-QIVqJD9Bx0BagpREAEYASAAEgJH8fD_BwE

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=CdYZMZnLWYvnZPKih9u8PgdSpiAXb7LKSa_ndpJbYDLSfo6L3HhABINXvmx5glYKQgqAHoAGU1u7VA8gBBuACAKgDAcgDCqoEtAJP0AvgfPvvnt2f2RZKe3ByWfryMfk25LanGEcM5fzKJC85aI8kTWEHAsAvO3a6FAjdPRTEiGm-iOaZftxA1HAK8X5oQ5JUksFFL0eytpC1fFg4rf3AzYcfITs9lY_RKhQmHoN5ViVUW9REj1-LzYmpk1S8lcBLuEQaz3lHbPvJ7cBYmjekuWnTvaKXZsa-VZAjuH4pQgtzqgaAGpNE0lUQ8OvC8EIYJl-ZHesdfoOBPndkzFjIZk5xkqBcmqPz6C5Ibkn1Xw1jI_o1p9tWZ_3RE8IovhNQU4V-qlEeU2dAzpNoXtBLj-GcguAkxtLgQ6ORAd-0yUNrZ8iGSGYcjwtl511CnVbWl-FzcGLsTcT9TkBwvsXK7y29hQ8S7QZvv6EQGrYjGNrVgCrvc-fx-B_KsQ1h6MAEk5-347UD4AQBoAY3gAfUqZEqqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAdIIEQiA4YBwEAEYHTIC6wI6AoBAsQl-XvP222QQw4AKA5gLAcgLAbgMAaITVAo3CANAAVIICgYSBAgBEAFonv7PyDByIRIfIAIoATgCQNDcqLorWAFo_v__________AYABAZgBAxoZChdjYS1wdWItOTI4Njg1MTM0ODkwNDU4M9gTDIgUA9AVAZgWAfgWAYAXAQ&ae=1&num=1&cid=CAASUORoBpNbVWbjwYgfwkyLEK50mLYPP5KTi7X582YJsNBeq8t-Bln1u1wXNeIFq3OTHCWWFWLGB-dOL0jgKUUDDZqT_V6_sX81_QQzq0wk76J4&sig=AOD64_2laa1n2XFcsCLi_PDfefUpBUpepA&client=ca-pub-9286851348904583&nx=CLICK_X&ny=CLICK_Y&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)&uaw=UACH(wow64)&uafvl=UACH(fullVersionList)&nb=0&adurl=https://explore.velocityglobal.com/ebook-fpgge-gd.html%3Futm_source%3Dgoogle%26utm_medium%3Ddisplay%26utm_campaign%3Dfinance-professionals-guide-to-global-expansion%26utm_campaign%3Ddisplay_g_ipeoawareness_germany_alldevices_combinedaudience%26utm_source%3Dgoogle%26utm_medium%3Ddisplay%26Custom-Finance%2BProfessionals:content%3D490694701591:placement%3Dwww.todayonline.com:dev%3Dc%26gclid%3DEAIaIQobChMI-aSQmcuE-QIVqJD9Bx0BagpREAEYASAAEgJH8fD_BwE
Title: Guide to International PEO

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=CdYZMZnLWYvnZPKih9u8PgdSpiAXb7LKSa_ndpJbYDLSfo6L3HhABINXvmx5glYKQgqAHoAGU1u7VA8gBBuACAKgDAcgDCqoEtAJP0AvgfPvvnt2f2RZKe3ByWfryMfk25LanGEcM5fzKJC85aI8kTWEHAsAvO3a6FAjdPRTEiGm-iOaZftxA1HAK8X5oQ5JUksFFL0eytpC1fFg4rf3AzYcfITs9lY_RKhQmHoN5ViVUW9REj1-LzYmpk1S8lcBLuEQaz3lHbPvJ7cBYmjekuWnTvaKXZsa-VZAjuH4pQgtzqgaAGpNE0lUQ8OvC8EIYJl-ZHesdfoOBPndkzFjIZk5xkqBcmqPz6C5Ibkn1Xw1jI_o1p9tWZ_3RE8IovhNQU4V-qlEeU2dAzpNoXtBLj-GcguAkxtLgQ6ORAd-0yUNrZ8iGSGYcjwtl511CnVbWl-FzcGLsTcT9TkBwvsXK7y29hQ8S7QZvv6EQGrYjGNrVgCrvc-fx-B_KsQ1h6MAEk5-347UD4AQBoAY3gAfUqZEqqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAdIIEQiA4YBwEAEYHTIC6wI6AoBAsQl-XvP222QQw4AKA5gLAcgLAbgMAaITVAo3CANAAVIICgYSBAgBEAFonv7PyDByIRIfIAIoATgCQNDcqLorWAFo_v__________AYABAZgBAxoZChdjYS1wdWItOTI4Njg1MTM0ODkwNDU4M9gTDIgUA9AVAZgWAfgWAYAXAQ&ae=1&num=1&cid=CAASUORoBpNbVWbjwYgfwkyLEK50mLYPP5KTi7X582YJsNBeq8t-Bln1u1wXNeIFq3OTHCWWFWLGB-dOL0jgKUUDDZqT_V6_sX81_QQzq0wk76J4&sig=AOD64_2laa1n2XFcsCLi_PDfefUpBUpepA&client=ca-pub-9286851348904583&nx=CLICK_X&ny=CLICK_Y&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)&uaw=UACH(wow64)&uafvl=UACH(fullVersionList)&nb=1&adurl=https://explore.velocityglobal.com/ebook-fpgge-gd.html%3Futm_source%3Dgoogle%26utm_medium%3Ddisplay%26utm_campaign%3Dfinance-professionals-guide-to-global-expansion%26utm_campaign%3Ddisplay_g_ipeoawareness_germany_alldevices_combinedaudience%26utm_source%3Dgoogle%26utm_medium%3Ddisplay%26Custom-Finance%2BProfessionals:content%3D490694701591:placement%3Dwww.todayonline.com:dev%3Dc%26gclid%3DEAIaIQobChMI-aSQmcuE-QIVqJD9Bx0BagpREAEYASAAEgJH8fD_BwE
Title: Velocity Global

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=CdYZMZnLWYvnZPKih9u8PgdSpiAXb7LKSa_ndpJbYDLSfo6L3HhABINXvmx5glYKQgqAHoAGU1u7VA8gBBuACAKgDAcgDCqoEtAJP0AvgfPvvnt2f2RZKe3ByWfryMfk25LanGEcM5fzKJC85aI8kTWEHAsAvO3a6FAjdPRTEiGm-iOaZftxA1HAK8X5oQ5JUksFFL0eytpC1fFg4rf3AzYcfITs9lY_RKhQmHoN5ViVUW9REj1-LzYmpk1S8lcBLuEQaz3lHbPvJ7cBYmjekuWnTvaKXZsa-VZAjuH4pQgtzqgaAGpNE0lUQ8OvC8EIYJl-ZHesdfoOBPndkzFjIZk5xkqBcmqPz6C5Ibkn1Xw1jI_o1p9tWZ_3RE8IovhNQU4V-qlEeU2dAzpNoXtBLj-GcguAkxtLgQ6ORAd-0yUNrZ8iGSGYcjwtl511CnVbWl-FzcGLsTcT9TkBwvsXK7y29hQ8S7QZvv6EQGrYjGNrVgCrvc-fx-B_KsQ1h6MAEk5-347UD4AQBoAY3gAfUqZEqqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAdIIEQiA4YBwEAEYHTIC6wI6AoBAsQl-XvP222QQw4AKA5gLAcgLAbgMAaITVAo3CANAAVIICgYSBAgBEAFonv7PyDByIRIfIAIoATgCQNDcqLorWAFo_v__________AYABAZgBAxoZChdjYS1wdWItOTI4Njg1MTM0ODkwNDU4M9gTDIgUA9AVAZgWAfgWAYAXAQ&ae=1&num=1&cid=CAASUORoBpNbVWbjwYgfwkyLEK50mLYPP5KTi7X582YJsNBeq8t-Bln1u1wXNeIFq3OTHCWWFWLGB-dOL0jgKUUDDZqT_V6_sX81_QQzq0wk76J4&sig=AOD64_2laa1n2XFcsCLi_PDfefUpBUpepA&client=ca-pub-9286851348904583&nx=CLICK_X&ny=CLICK_Y&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)&uaw=UACH(wow64)&uafvl=UACH(fullVersionList)&nb=8&adurl=https://explore.velocityglobal.com/ebook-fpgge-gd.html%3Futm_source%3Dgoogle%26utm_medium%3Ddisplay%26utm_campaign%3Dfinance-professionals-guide-to-global-expansion%26utm_campaign%3Ddisplay_g_ipeoawareness_germany_alldevices_combinedaudience%26utm_source%3Dgoogle%26utm_medium%3Ddisplay%26Custom-Finance%2BProfessionals:content%3D490694701591:placement%3Dwww.todayonline.com:dev%3Dc%26gclid%3DEAIaIQobChMI-aSQmcuE-QIVqJD9Bx0BagpREAEYASAAEgJH8fD_BwE
Title: Download

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://secure-sg.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 50

https://cm.everesttech.net/cm/dd?d_uuid=85262433638588269670537047042138685826 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YtZyZQAAAJGahwMx

Request Chain 94

https://secure-sg.imrworldwide.com/cgi-bin/m?rnd=1658221158047&ci=sg-mediacorp&js=1&cg=today&ts=v60.js&vn=6.0.107&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&sr=1600x1200&id=lstrg-ca3e944ad89d12588667aea2637c2871 HTTP 302
https://secure-sg.imrworldwide.com/cgi-bin/m?rnd=1658221158047&ci=sg-mediacorp&js=1&cg=today&ts=v60.js&vn=6.0.107&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&sr=1600x1200&id=lstrg-ca3e944ad89d12588667aea2637c2871&ja=1

Request Chain 105

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1658221158100_1 HTTP 302
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1658221158100_1

Request Chain 132

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2878700&time=1658221158381&url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2878700%26time%3D1658221158381%26url%3Dhttps%253A%252F%252Fwww.todayonline.com%252Fsingapore%252Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%253Ffbclid%253DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2878700&time=1658221158381&url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2878700&time=1658221158381&url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&liSync=true&e_ipv6=AQKuzvNmx7zxCwAAAYIVruFVQAXj9bY2jYuBxiqiE1HfxP2NogrxnD7MTAO2OiMI45MDvbP9NIHVdBHA2tZFkAK7_5Hd8A

Request Chain 142

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/989858422/?random=1764769008&cv=9&fst=1658221158472&num=1&value=0&label=jHlbCJLT3IcCEPaUgNgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&tiba=Man%20exploited%20EZ-Link%20card%20auto%20top-up%20function%20to%20buy%20at%20least%20S%24109%2C990%20worth%20of%20cigarettes%20with%20friends%20-%20TODAY&auid=752422796.1658221158&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ZnLWYr-3IO6gmLAP47GR6Ag&sscte=1&crd=&eitems=ChAI8KzZlgYQ0Zir-YSd5axpEh0AAdZ5-H5nhvD9hz1kuOjHdHl83tgSJX6NwnJVxQ HTTP 302
https://www.google.com/pagead/1p-conversion/989858422/?random=1764769008&cv=9&fst=1658221158472&num=1&value=0&label=jHlbCJLT3IcCEPaUgNgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&tiba=Man%20exploited%20EZ-Link%20card%20auto%20top-up%20function%20to%20buy%20at%20least%20S%24109%2C990%20worth%20of%20cigarettes%20with%20friends%20-%20TODAY&auid=752422796.1658221158&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ZnLWYr-3IO6gmLAP47GR6Ag&eitems=ChAI8KzZlgYQ0Zir-YSd5axpEh0AAdZ5-JxpYySmc-pJIQiIqr1WmBK0L6kGMX3DhA&random=80164779&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/989858422/?random=1764769008&cv=9&fst=1658221158472&num=1&value=0&label=jHlbCJLT3IcCEPaUgNgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&tiba=Man%20exploited%20EZ-Link%20card%20auto%20top-up%20function%20to%20buy%20at%20least%20S%24109%2C990%20worth%20of%20cigarettes%20with%20friends%20-%20TODAY&auid=752422796.1658221158&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ZnLWYr-3IO6gmLAP47GR6Ag&eitems=ChAI8KzZlgYQ0Zir-YSd5axpEh0AAdZ5-JxpYySmc-pJIQiIqr1WmBK0L6kGMX3DhA&random=80164779&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 187

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005038;dc_trk_aid=486096674;dc_trk_cid=142447246;ord=3775430951;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005038;dc_pre=CLf5tZnLhPkCFXEp4AodpYAGjg;dc_trk_aid=486096674;dc_trk_cid=142447246;ord=3775430951;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=

Request Chain 193

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

197 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request exploit-ez-link-card-auto-top-buy-cigarettes-1946976 Show response
www.todayonline.com/singapore/ 168 KB
26 KB 786ms
717ms Document
text/html 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ca6da40c879f18b1b2d4ad41ab8198794ee591c34b1fd5ec111a02e7efc15c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: public, max-age=288
content-encoding: gzip
content-language: en
content-length: 25473
content-type: text/html; charset=UTF-8
date: Tue, 19 Jul 2022 08:59:16 GMT
etag: "1658220878"
expires: Tue, 19 Jul 2022 09:04:04 GMT
last-modified: Tue, 19 Jul 2022 08:54:38 GMT
link: <https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976>; rel="canonical"; content="" <https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976>; rel="revision"
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-age: 276
x-ah-environment: prod
x-cache-hits: 6
x-cdn: Imperva
x-content-type-options: nosniff
x-drupal-dynamic-cache: UNCACHEABLE
x-frame-options: SAMEORIGIN
x-generator: Drupal 8 (https://www.drupal.org)
x-iinfo: 13-1766728-1766729 NNNN CT(167 168 0) RT(1658221155315 1) q(0 0 3 0) r(5 6) U5
x-request-id: v-6ba5dd6c-0740-11ed-a359-6b4b924d94ab
x-ua-compatible: IE=edge

GET
H2 200 launch-d80aafbf8ff2.min.js Show response
assets.adobedtm.com/2926360f3839/5e924aba9162/ 725 KB
183 KB 80ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/launch-d80aafbf8ff2.min.js
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 134c41b3aacfa1a4af73a78978f4d7946542b3e50e538d07fdc9d2905e8cd56f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 09:52:41 GMT
server: AkamaiNetStorage
etag: "68511eda131fc3ee05777f2d3da4e171:1656582761.897102"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.todayonline.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 187118
expires: Tue, 19 Jul 2022 09:59:16 GMT

GET
H2 200 google_tag.script.js Show response
www.todayonline.com/sites/default/files/google_tag/primary/ 348 B
649 B 26ms
24ms Script
application/javascript 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/sites/default/files/google_tag/primary/google_tag.script.js?rf8z32

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

4d97d2be62c82acc075fd713971aac9d9118850ebc616930f1ebcda8aa315ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 7-591045-608634 SNNN RT(1658199241969 504702) q(0 0 0 -1) r(2 2) U5
x-age: 23
x-ah-environment: prod
content-length: 281
x-request-id: v-2ae5005e-070f-11ed-b265-ff34607779fb
last-modified: Tue, 19 Jul 2022 03:01:59 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: application/javascript
expires: Tue, 19 Jul 2022 09:29:16 GMT
cache-control: max-age=1800
accept-ranges: bytes
x-cache-hits: 4

GET
H2 200 css_TUyy2Lav5VaMmU4fIr3DTlrFztpmY9fAGnW2HNnKR00.css
www.todayonline.com/sites/default/files/css/ 20 KB
5 KB 20ms
18ms Stylesheet
text/css 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/sites/default/files/css/css_TUyy2Lav5VaMmU4fIr3DTlrFztpmY9fAGnW2HNnKR00.css

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

4d4cb2d8b6afe5568c994e1f22bdc34e5ac5ceda6663d7c01a75b61cd9ca474d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-49223180-49223181 SNNN RT(1656390384102 24812) q(0 0 0 0) r(1 1) U5
x-age: 355774
x-ah-environment: prod
content-length: 4642
x-request-id: v-2d176d36-f35e-11ec-8fac-6fc1249ebefc
last-modified: Wed, 01 Jun 2022 16:16:38 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/css
expires: Tue, 19 Jul 2022 09:29:16 GMT
cache-control: max-age=1800
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 34ms
15ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 12161961
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8b677d48aa464c28c0815c97adbbe174
cf-ray: 72d242928bc09bec-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css_FYsYs_WVpbvJ6Ook1XpvSWVFWf7ZJQpsokeY4qmpsVA.css
www.todayonline.com/sites/default/files/css/ 24 KB
5 KB 27ms
25ms Stylesheet
text/css 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/sites/default/files/css/css_FYsYs_WVpbvJ6Ook1XpvSWVFWf7ZJQpsokeY4qmpsVA.css

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

158b18b3f595a5bbc9e8ea24d57a6f49654559fed9250a6ca24798e2a9a9b150

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-38903321-38903322 PNNN RT(1656271346721 60265) q(0 0 0 0) r(2 2) U5
x-age: 188407
x-ah-environment: prod
content-length: 4712
x-request-id: v-c8ac91ca-f3ce-11ec-954e-8ba1b949196a
last-modified: Wed, 01 Jun 2022 16:16:38 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/css
expires: Tue, 19 Jul 2022 09:29:16 GMT
cache-control: max-age=1800
accept-ranges: bytes
x-cache-hits: 7

GET
H2 200 css_v2I6rObFXkoT8cA8t4RnmOleukQcU_63RmbmcOh2OWw.css
www.todayonline.com/sites/default/files/css/ 815 KB
106 KB 28ms
27ms Stylesheet
text/css 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/sites/default/files/css/css_v2I6rObFXkoT8cA8t4RnmOleukQcU_63RmbmcOh2OWw.css

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

bf623aace6c55e4a13f1c03cb7846798e95eba441c53feb74666e670e876396c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 7-31636067-31636068 NNNN CT(158 316 0) RT(1657175825884 0) q(0 0 5 0) r(7 8) U5
x-age: 285
x-ah-environment: prod
content-length: 107537
x-request-id: v-8e3f550a-fdbe-11ec-bfae-0f46db8717b7
last-modified: Thu, 07 Jul 2022 06:32:08 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/css
expires: Tue, 19 Jul 2022 09:29:16 GMT
cache-control: max-age=1800
accept-ranges: bytes
x-cache-hits: 14

GET
H2 200 fonts.css
www.todayonline.com/themes/custom/mc_todayonline_theme/dist/ 3 KB
1 KB 37ms
35ms Stylesheet
text/css 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/fonts.css

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ae8f1018f77b768854b8f57809073f1ab770184aeddfc44370db3a95da928a53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 5-106234610-106241576 NNNN CT(162 326 0) RT(1656293016705 139967) q(0 0 5 0) r(7 7) U5
x-age: 258521
x-ah-environment: prod
content-length: 923
x-request-id: v-2d5dc380-f35e-11ec-ac0b-8717ed3a3d56
last-modified: Sat, 14 May 2022 19:47:21 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/css
expires: Tue, 19 Jul 2022 09:29:16 GMT
cache-control: max-age=1800
accept-ranges: bytes
x-cache-hits: 5

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 38 KB
12 KB 68ms
9ms Script
application/javascript 2a02:26f0:3500:11::215:14d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f44c4c0006c2239db8defec6537b0306ed3981369008fc4711bad69fbaf15e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Tue, 19 Jul 2022 08:59:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Apr 2022 08:41:42 GMT
Server: AmazonS3
x-amz-request-id: QBCZFTPJZQS2RA4D
ETag: "08179f9adc55b98cc307cd6770e123ad"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1204
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11541
x-amz-id-2: k439erDrxRlBvl+9nyRArbeTMb0ltPoYKyytjhOOcSqARr8XKoelk/SPJveoUhLmqSV6DlUUVY4=
Expires: Tue, 19 Jul 2022 09:19:21 GMT

GET
H2 200 hotjar-2822227.js Show response
static.hotjar.com/c/ 5 KB
3 KB 50ms
10ms Script
application/javascript 108.138.7.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2822227.js?sv=6

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-127.fra56.r.cloudfront.net

Software

Resource Hash

655f4b3f263bef7104a61027baee673ec2c0fd13a6a39626c52e96a0bc7759c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
age: 44
x-cache: Hit from cloudfront
date: Tue, 19 Jul 2022 08:59:17 GMT
cross-origin-resource-policy: cross-origin
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
cache-control: max-age=60
etag: W/8ae1d4e624fb8a4480ba66acaf36e600
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: Og0_UiGWWBxtM8OT9VEwfbcDYfG9vUKQHR5Azmqfucu0iGfrrpqzBA==

GET
H2 200 illustrated_byline_youjin.jpg
onecms-res.cloudinary.com/image/upload/s--rrNyiWbu--/c_fill%2Cg_faces:auto%2Ch_140%2Cw_140/f_auto%2Cq_auto/v1/tdy-migration/ 3 KB
3 KB 111ms
32ms Image
image/png 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onecms-res.cloudinary.com/image/upload/s--rrNyiWbu--/c_fill%2Cg_faces:auto%2Ch_140%2Cw_140/f_auto%2Cq_auto/v1/tdy-migration/illustrated_byline_youjin.jpg?itok=etRDW84J

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

24a517a0eb692e34e7b968f3cd77e37793b208d0118248334e449991b1f7c804

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Nov 2021 07:14:10 GMT
server: Cloudinary
etag: "a2daa889043485275e4f4a4ba8afa1a0"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=17;cpu=1;start=2022-07-19T08:59:17.047Z;desc=hit,rtt;dur=6
accept-ranges: bytes
timing-allow-origin: *
content-length: 2772

GET
H/1.1 200
OK tag.js Show response
recommend-zoom.mediacorp.sg/ 11 KB
5 KB 533ms
490ms Script
text/javascript 45.60.34.205
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://recommend-zoom.mediacorp.sg/tag.js?network=mediacorp

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.205 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.22.0 / Express

Resource Hash

d4127c5a17711e40b25d5aab358df83a3be14c7d43cb4cb4589f47b059867aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 08:59:17 GMT
Content-Encoding: gzip
Server: nginx/1.22.0
X-Powered-By: Express
ETag: W/"2bf5-QwLk79Ivk4h5MY9KnRXDL+kNNiI"
Vary: Origin, Accept-Encoding
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
X-Iinfo: 3-238389951-238389953 NNNN CT(153 152 0) RT(1658221156420 10) q(0 0 3 0) r(5 5) U2
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-CDN: Imperva
request-context: appId=cid-v1:96d7c721-495d-4e1e-8dc5-2c8f092f6ac2

GET
H2 200 newsletter-sub-new-image.png
onecms-res.cloudinary.com/image/upload/s--lYq_b8f1--/f_auto%2Cq_auto/v1/mediacorp/tdy/image/2021/12/03/ 36 KB
36 KB 90ms
12ms Image
image/png 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onecms-res.cloudinary.com/image/upload/s--lYq_b8f1--/f_auto%2Cq_auto/v1/mediacorp/tdy/image/2021/12/03/newsletter-sub-new-image.png?itok=w0VFwLss

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6ddb6136a28672c71f25498d8c3520831eebefdca7066c8285a9ecddbdb76b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Dec 2021 09:03:09 GMT
server: Cloudinary
etag: "cffbbb32acdb7ab5a9b4c7c1755668c5"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=2;cpu=1;start=2022-07-19T08:59:17.047Z;desc=hit,rtt;dur=6
accept-ranges: bytes
timing-allow-origin: *
content-length: 36561

GET
H2 200 js_LLHSjMCVzQZsuafHeHlYNi95f-T5y_yOyRBs6giG97U.js Show response
www.todayonline.com/sites/default/files/js/ 116 KB
38 KB 27ms
5ms Script
text/javascript 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/sites/default/files/js/js_LLHSjMCVzQZsuafHeHlYNi95f-T5y_yOyRBs6giG97U.js

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2cb1d28cc095cd066cb9a7c7787958362f797fe4f9cbfc8ec9106cea0886f7b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-275829471-275829472 NNNN CT(184 316 0) RT(1654100234686 4) q(0 0 5 -1) r(7 9) U5
x-age: 35
x-ah-environment: prod
content-length: 38756
x-request-id: v-38173a9e-e1c6-11ec-9ebd-7326bad98c17
last-modified: Wed, 01 Jun 2022 16:16:38 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/javascript
expires: Tue, 19 Jul 2022 09:29:16 GMT
cache-control: max-age=1800
accept-ranges: bytes
x-cache-hits: 6

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 72 KB
26 KB 59ms
20ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1216
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 01 Dec 2021 08:23:25 GMT
server: cloudflare
etag: W/"11ee2-5d2116348919c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 72d2429749886903-FRA
cf-bgj: minify

GET
H2 200 js_JHEB-iZSj9TAzWiRh0KPD55L5GRPdbvg066FjjPHP24.js Show response
www.todayonline.com/sites/default/files/js/ 162 KB
41 KB 8ms
8ms Script
text/javascript 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/sites/default/files/js/js_JHEB-iZSj9TAzWiRh0KPD55L5GRPdbvg066FjjPHP24.js

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

247101fa26528fd4c0cd689187428f0f9e4be4644f75bbe0d3ae858e33c73f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 0-8258819-8258820 NNNN CT(154 322 0) RT(1654677803394 4) q(0 1 5 0) r(7 9) U5
x-age: 0
x-ah-environment: prod
content-length: 41346
x-request-id: v-0efec1d6-e707-11ec-b29d-fff9a349fcc1
last-modified: Wed, 01 Jun 2022 16:16:38 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/javascript
cache-control: max-age=1800
accept-ranges: bytes
expires: Tue, 19 Jul 2022 09:29:16 GMT

GET
H2 200 player-0.1.0.min.js Show response
cdn.embed.ly/ 14 KB
4 KB 57ms
16ms Script
application/javascript 104.16.89.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.embed.ly/player-0.1.0.min.js
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaf266c920ef8297bf135324d4c6232d117d1eb849a082850b8d0520c1966c2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22
x-amz-request-id: 248Q25D918836NP6
x-amz-id-2: t+/Lb0HSpKueMA5/X4CZazmySv9DhZF3Xyq9jTGeEfaHMKbFBCyNUa1OriUs/btLdDHu1PEYB5g=
last-modified: Tue, 24 Oct 2017 18:33:09 GMT
server: cloudflare
etag: W/"19b624e7fe7a86b4c7851ed61e250626"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
x-amz-version-id: null
cf-ray: 72d242934ad7bbec-FRA
expires: Tue, 19 Jul 2022 12:59:16 GMT

GET
H2 200 js_cuAkMXFonv4CGA9B2L2BO7nWT1nLHfFEOKN-mC3dbE8.js Show response
www.todayonline.com/sites/default/files/js/ 14 KB
5 KB 8ms
8ms Script
text/javascript 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/sites/default/files/js/js_cuAkMXFonv4CGA9B2L2BO7nWT1nLHfFEOKN-mC3dbE8.js

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

72e0243171689efe02180f41d8bd813bb9d64f59cb1df14438a37e982ddd6c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 14-152150790-152150793 NNNN CT(175 172 0) RT(1654677802914 1) q(0 0 3 0) r(5 5) U5
x-age: 0
x-ah-environment: prod
content-length: 4259
x-request-id: v-0eee16f6-e707-11ec-8a54-6b3846c16fb3
last-modified: Wed, 01 Jun 2022 16:16:39 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/javascript
cache-control: max-age=1800
accept-ranges: bytes
expires: Tue, 19 Jul 2022 09:29:16 GMT

GET
H2 200 svgxuse.min.js Show response
www.todayonline.com/profiles/custom/mediacorp/themes/mc_core_theme/components/01-atoms/images/icons/ 3 KB
2 KB 15ms
10ms Script
application/javascript 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/profiles/custom/mediacorp/themes/mc_core_theme/components/01-atoms/images/icons/svgxuse.min.js?rf8z32

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 7-1197894-1253863 NNNN CT(230 466 0) RT(1658198510465 1236849) q(0 0 7 -1) r(9 9) U5
x-age: 22
x-ah-environment: prod
content-length: 1266
x-request-id: v-2b8f7c64-070f-11ed-a596-afb140d8c983
last-modified: Sat, 19 Mar 2022 19:25:45 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: application/javascript
expires: Tue, 19 Jul 2022 09:29:16 GMT
cache-control: max-age=1800
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 clipboard.min.js Show response
www.todayonline.com/profiles/custom/mediacorp/themes/mc_core_theme/js/clipboard/ 10 KB
4 KB 15ms
11ms Script
application/javascript 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/profiles/custom/mediacorp/themes/mc_core_theme/js/clipboard/clipboard.min.js?rf8z32

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 5-1874996-1892251 SNNN RT(1658199606427 169596) q(0 0 0 -1) r(1 1) U5
x-age: 55
x-ah-environment: prod
content-length: 3354
x-request-id: v-28ad413e-070f-11ed-aaed-8f9365d911dd
last-modified: Sat, 14 May 2022 19:47:21 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: application/javascript
expires: Tue, 19 Jul 2022 09:29:16 GMT
cache-control: max-age=1800
accept-ranges: bytes
x-cache-hits: 8

GET
H2 200 js_r-rcagv-lRXOsDzjtWATrAiWqC7iQKPV6DLENx3RPpI.js Show response
www.todayonline.com/sites/default/files/js/ 78 KB
20 KB 8ms
8ms Script
text/javascript 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/sites/default/files/js/js_r-rcagv-lRXOsDzjtWATrAiWqC7iQKPV6DLENx3RPpI.js

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

afeadc6a0bfe9515ceb03ce3b56013ac0896a82ee240a3d5e832c4371dd13e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 3-25617890-25621171 SNNN RT(1657525009405 34625) q(0 0 0 -1) r(1 3) U5
x-age: 260780
x-ah-environment: prod
content-length: 20477
x-request-id: v-21418da4-fe8d-11ec-97f0-6bc3abe71673
last-modified: Thu, 07 Jul 2022 06:32:23 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/javascript
expires: Tue, 19 Jul 2022 09:29:16 GMT
cache-control: max-age=1800
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 203 KB
70 KB 83ms
7ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 717465b056200a9b0317e6f7b8803ed1dc674f35f7aeeba603b6578d917616cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
content-encoding: gzip
last-modified: Sun, 17 Jul 2022 07:32:41 GMT
etag: "15-Fh43In27nYcmJKntBheuySBeY4w"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: fcd0b5ea5b4aae72f6d5de3105ec393a
timing-allow-origin: *, *
content-length: 71590

GET
H2 200 js_X5H0pygZ9CimW7DDBKAPvpGyVkYeTnY3HndcyuI_tG8.js Show response
www.todayonline.com/sites/default/files/js/ 266 B
595 B 13ms
7ms Script
text/javascript 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/sites/default/files/js/js_X5H0pygZ9CimW7DDBKAPvpGyVkYeTnY3HndcyuI_tG8.js

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5f91f4a72819f428a65bb0c304a00fbe91b256461e4e76371e775ccae23fb46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 10-37065588-37065589 NNNN CT(152 306 0) RT(1654677803072 4) q(0 0 5 0) r(6 6) U5
x-age: 55718
x-ah-environment: prod
content-length: 218
x-request-id: v-53eaacf6-e685-11ec-b9df-1b8f538f3be5
last-modified: Wed, 01 Jun 2022 16:16:39 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/javascript
expires: Tue, 19 Jul 2022 09:29:16 GMT
cache-control: max-age=1800
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 js_le3Wx1hp3uXw-y51buZACu6OYDaTEN-W027T_8HJ1dU.js Show response
www.todayonline.com/sites/default/files/js/ 108 KB
28 KB 15ms
8ms Script
text/javascript 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/sites/default/files/js/js_le3Wx1hp3uXw-y51buZACu6OYDaTEN-W027T_8HJ1dU.js

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

95edd6c75869dee5f0fb2e756ee6400aee8e60369310df96d36ed3ffc1c9d5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 5-225978938-225978939 NNNN CT(160 159 0) RT(1654100234666 1) q(0 0 3 0) r(5 7) U5
x-age: 34
x-ah-environment: prod
content-length: 28432
x-request-id: v-386c1c3a-e1c6-11ec-9032-d79db4d02d68
last-modified: Wed, 01 Jun 2022 16:16:39 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/javascript
expires: Tue, 19 Jul 2022 09:29:16 GMT
cache-control: max-age=1800
accept-ranges: bytes
x-cache-hits: 6

GET
H2 200 _Incapsula_Resource Show response
www.todayonline.com/ 144 KB
21 KB 34ms
29ms Script
application/javascript 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1015021650

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

Resource Hash

9f852190a2a23546002fe6c40588d4266e54daa99eb78838b0c8674309d2fe7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=31536000
x-robots-tag: noindex
content-length: 20791
expires: Tue, 19 Jul 2022 08:59:16 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 368 B
1 KB 708ms
178ms XHR
application/json 52.16.111.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=B464317853A9C8390A490D4E%40AdobeOrg&d_nsid=0&ts=1658221156351

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/launch-d80aafbf8ff2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.111.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-111-17.eu-west-1.compute.amazonaws.com

Software

Resource Hash

8dc96803cb0fafdcf62a1c4d7c2d3b15f30fd4347efa538baf71d3a8fa81cf7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v036-03890a1c8.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 1IRNtf9PQD8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.todayonline.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 309
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP6326e4d6b32f4a71ad5204459cc57d66/ 33 KB
12 KB 12ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP6326e4d6b32f4a71ad5204459cc57d66/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/launch-d80aafbf8ff2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 02e1c4508320ee6bc6b884c4de9a0d73e541b6735fa139cbd957a27f42c72140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 19:44:20 GMT
server: AkamaiNetStorage
etag: "b135e36e0ffbaaaebca4ed5a17a3a5c5:1631821460.47263"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.todayonline.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12201
expires: Tue, 19 Jul 2022 09:59:16 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP6326e4d6b32f4a71ad5204459cc57d66/ 3 KB
2 KB 13ms
9ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP6326e4d6b32f4a71ad5204459cc57d66/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/launch-d80aafbf8ff2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a176b44662d7eb55562527b7df840e6eb620d9f326989674a16f0765dc94f360

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 19:44:20 GMT
server: AkamaiNetStorage
etag: "92ba45f9116eed843514845165336fae:1631821460.690196"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.todayonline.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Tue, 19 Jul 2022 09:59:16 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/mediacorpheader458604908711/ 260 KB
91 KB 48ms
7ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/mediacorpheader458604908711/moatheader.js
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 095d001362b6b1f182d1c2a185989cd2ec93a1db97e6f0eae0d7c2fecccd6cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 06:44:07 GMT
server: AmazonS3
x-amz-request-id: V86P9Z7A7135RGXC
etag: "8854ae30491766f595b5350ae90f36de"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=8640
accept-ranges: bytes
content-length: 92836
x-amz-id-2: uaGhJDdq9pGgo98lNlKdQFRJvK5eRRdZ09BPZ6Fj7SadZuEoS9WUdK9e/hvNEOQIkLf7tjOgiAU=

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 55ms
16ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

c1450f6a0cf9a955960ff9d3dcec301c0da3d62e11cb35ec405a01c82e0e8d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28465
x-xss-protection: 0
server: sffe
etag: "1277 / 174 of 1000 / last-modified: 1658220033"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 19 Jul 2022 08:59:17 GMT

GET
H2 200 a1d93f31448d45bbae6913019c16c5a1.js Show response
cdn.brandmetrics.com/survey/script/ 6 KB
3 KB 69ms
25ms Script
text/javascript 2606:4700:20::681a:79b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/survey/script/a1d93f31448d45bbae6913019c16c5a1.js
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:79b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d6fa3e68803024fe600df245c6013b53c563fb9ab62e6da5c7222d58f356b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Jul 2022 08:44:27 GMT
server: cloudflare
age: 890
cf-polished: origSize=5915
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzYw1l5Ng7Y4tR6avfVrBF4UQe%2FRJyhr0aQ%2FBnAI0PQv%2FQjvcDIqqXTYEwi%2BGaTOa77L0BxAeGxdUmUg0ddzYiPoI9%2FsPYzJ%2Bahou9RU%2BQOcQzFaOyJDEoAj9vzyzWUqtpWaKWuz67iU1LTWWN83cxUZ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72d242975fbb694c-FRA
cf-bgj: minify

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/ 12 KB
5 KB 50ms
8ms Script
application/javascript 2600:9000:2491:9000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi-ip.js
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 280bbf781a90f30d7be755c745f0767af579a8e994f68410e78f234600332480

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:33:51 GMT
content-encoding: br
last-modified: Mon, 09 May 2022 13:26:34 GMT
server: AmazonS3
age: 5127
etag: W/"58a2a81ef788a6bb641f7dc0f75e3196"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: qXU7JlFQ5OwlY9yKjEDL1XmahvFHiTAY
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cache-control: public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-pop: FRA56-P7
content-type: application/javascript
x-amz-cf-id: NbX1YIMjG1eoPdQ3I9_WxdQuO0NJfJuVR50--FOfIWw-dOEYyrJKiA==

GET
H2 200 meid.js Show response
uid.mediacorp.sg/api/scripts/ 8 KB
3 KB 529ms
475ms Script
text/javascript 45.60.34.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://uid.mediacorp.sg/api/scripts/meid.js?network=mediacorp

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/launch-d80aafbf8ff2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.20.2 / Express

Resource Hash

8db34f1434895d416ea5e7d15da496246297f5703c697725ea7b2326aaf66b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
etag: W/"2046-K3wqOqE1XEqd7SHH077HKERaWg4"
server: nginx/1.20.2
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-iinfo: 11-56657358-56657364 NNNN CT(151 157 0) RT(1658221155861 19) q(0 0 3 0) r(5 5) U5
cache-control: public, max-age=0
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cdn: Imperva
request-context: appId=cid-v1:62ee76e9-6088-4876-9abf-cdb95945e737

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 80 KB
26 KB 48ms
17ms Script
application/x-javascript 2a02:26f0:6c00:2bf::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/launch-d80aafbf8ff2.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 63c6f48702c1f320e0e7057da1e5b1b784d7acc77f9b7cc0dc5438c3c5dee11b

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 19 Jul 2022 08:59:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Jul 2022 13:23:23 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26490
Expires: Tue, 19 Jul 2022 09:59:16 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 79ms
14ms Script
application/x-javascript 2600:9000:2240:7800:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/launch-d80aafbf8ff2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:7800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e35796493f977523161a6a88ad31128de3d1268aa0d0c55b202c50f5e95f043b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:08:49 GMT
content-encoding: gzip
last-modified: Fri, 24 Jun 2022 01:43:59 GMT
server: nginx
age: 6628
etag: W/"62b516df-5c0e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Vz3cVgqu3OiSOjNpwzxyhOHHL7kSPmaJ6zdnGXvquQqmAyF1uJK_1Q==
expires: Tue, 19 Jul 2022 09:08:49 GMT

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-sg.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

281ms
10ms

Script
application/javascript

2600:9000:2315:d200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Server: 2600:9000:2315:d200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63793d0dda6a57cfdf005435a1cbda2052aa34df8fbc277806d2449a5e69908c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: HQt8XLE5nRbGo0DeooyU3tu0mXB8SOSL
content-encoding: gzip
etag: W/"065495f1bf20afdc4c798bb0c22a52b9"
last-modified: Tue, 31 May 2022 17:05:49 GMT
server: AmazonS3
age: 51027
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 18 Jul 2022 20:47:42 GMT
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: dUKJTGgJUGDJeN7PnjWeSwKCADiwuHX6AaZS5jShHMTcxHqCTu6wPQ==

Redirect headers

location: https://cdn-gl.imrworldwide.com:443/v60.js
date: Tue, 19 Jul 2022 08:59:16 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 meid_seg.js Show response
uid.mediacorp.sg/api/scripts/ 55 B
400 B 167ms
164ms Script
text/javascript 45.60.34.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://uid.mediacorp.sg/api/scripts/meid_seg.js?MeID=8581d8ce-9b27-45f2-b020-f7940da27686&meid_callback=SuccessMeIDSeg_callback_1658221156929

Requested by

Host: uid.mediacorp.sg
URL: https://uid.mediacorp.sg/api/scripts/meid.js?network=mediacorp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.20.2 / Express

Resource Hash

1b2a4bc108f8c7a970ed09503c8ed59598ac96538f975ff629d8d7cec609a0e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
content-encoding: gzip
etag: W/"37-3LX9ihXhqVPaY9sBTtPWUumEiVE"
server: nginx/1.20.2
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-iinfo: 11-56657358-56657364 PNYN RT(1658221155861 538) q(0 1 1 -1) r(2 2) U5
cache-control: public, max-age=0
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cdn: Imperva
request-context: appId=cid-v1:62ee76e9-6088-4876-9abf-cdb95945e737

GET
H2 200 meid_sync.js Show response
uid.mediacorp.sg/api/scripts/ 81 B
647 B 485ms
482ms Script
text/javascript 45.60.34.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://uid.mediacorp.sg/api/scripts/meid_sync.js?SSOID=&MeID=8581d8ce-9b27-45f2-b020-f7940da27686&meid_callback=SuccessUID_callback_1658221156929

Requested by

Host: uid.mediacorp.sg
URL: https://uid.mediacorp.sg/api/scripts/meid.js?network=mediacorp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.20.2 / Express

Resource Hash

f2ac2a9da89e49d0b5bb4e13ffb57275d3b384eb9795e0ab9eabe84ab1b091bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
content-encoding: gzip
etag: W/"51-U1Rq6qHAKHcY12DnALT6+FShv7U"
server: nginx/1.20.2
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-iinfo: 11-56657358-56657474 NNYN CT(154 159 0) RT(1658221155861 540) q(0 0 3 -1) r(4 4) U5
cache-control: public, max-age=0
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cdn: Imperva
request-context: appId=cid-v1:62ee76e9-6088-4876-9abf-cdb95945e737

GET
H2 200 sg1-ssa-w.js Show response
sg-config.sensic.net/ 15 KB
5 KB 60ms
9ms Script
application/javascript 2600:9000:223c:ac00:16:a1f8:76c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-config.sensic.net/sg1-ssa-w.js
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ac00:16:a1f8:76c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f51f0289293baeaee45416a7f1041c8478131ed7ec5a5f0ca1aae380eae80a15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: MwIdl_H5ER_wzbmx_XR7_z7ef9hEsV25
content-encoding: gzip
last-modified: Fri, 12 Jul 2019 18:24:38 GMT
server: AmazonS3
age: 67
etag: "e457fdcd174d15c5193d9a8151b992c1"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
cache-control: max-age=120
date: Tue, 19 Jul 2022 08:58:11 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 4483
x-amz-cf-id: fyC1QDbzuBAAxr2_aVlFUbksq1q02kVyb_S7e9SkYuYjZ6XH4Gpv_w==

GET
H2 200 s2s-web.js Show response
sg-config.sensic.net/ 142 KB
42 KB 60ms
9ms Script
text/javascript 2600:9000:223c:ac00:16:a1f8:76c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-config.sensic.net/s2s-web.js
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ac00:16:a1f8:76c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8acbfa7a9755166293bb6a0d575934b48b63d2c47d884eed384a1feef0e23fb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: Zypk1YqrCmc0mtqaLz.y.wNKY2g36phL
content-encoding: gzip
last-modified: Mon, 20 Jun 2022 16:08:02 GMT
server: AmazonS3
age: 36
etag: "36c9ce6c58a006907bd4e50abc2fe5a2"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
cache-control: max-age=60
date: Tue, 19 Jul 2022 08:58:42 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 42061
x-amz-cf-id: TZypBXeWXYOQFVReq45Yp0d8ylgb8jMuOuxkVyqZGKkcrup4QHhfOg==

GET
H2 200 logo.svg
www.todayonline.com/themes/custom/mc_todayonline_theme/images/ 2 KB
1 KB 8ms
8ms Image
image/svg+xml 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.todayonline.com/themes/custom/mc_todayonline_theme/images/logo.svg

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5ffbfed98f361c1cd8962b5535ec923624cb1d4af74fe41862ecf78c9bff878a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 8-65638621-65641318 NNYN CT(149 150 0) RT(1653938383631 34873) q(0 0 3 1) r(4 4) U5
x-age: 323195
x-ah-environment: prod
content-length: 935
x-request-id: v-0b61c2f2-dd5d-11ec-a237-f768ac030b73
last-modified: Sat, 19 Mar 2022 19:25:45 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: image/svg+xml
expires: Thu, 21 Jul 2022 14:34:09 GMT
cache-control: max-age=192893
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 icons.svg
www.todayonline.com/themes/custom/mc_todayonline_theme/dist/ 40 KB
12 KB 8ms
7ms Other
image/svg+xml 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/icons.svg

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7f2545c233289dd2cbb8564a2269d9f486ef0466608c137f8b5a81cb1bae7fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 14-239237985-239255996 NNYY CT(332 460 0) RT(1655027046820 98099) q(0 0 0 -1) r(2 4) U5
x-age: 416730
x-ah-environment: prod
content-length: 12162
x-request-id: v-2805d702-e66a-11ec-bf75-3ff306a3b820
last-modified: Sat, 16 Apr 2022 12:03:06 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: image/svg+xml
expires: Thu, 21 Jul 2022 14:34:16 GMT
cache-control: max-age=192900
accept-ranges: bytes
x-cache-hits: 4

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 94E8 684 B
749 B 16ms
12ms Document
text/html 2a02:26f0:6c00:2bf::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer: https://www.todayonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 379
Content-Type: text/html
Date: Tue, 19 Jul 2022 08:59:17 GMT
Expires: Fri, 29 Jul 2022 08:59:17 GMT
Last-Modified: Tue, 11 Jan 2022 07:21:04 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 584b23049d06130c13eb26d4402f021e.woff
www.todayonline.com/themes/custom/mc_todayonline_theme/dist/ 52 KB
53 KB 10ms
7ms Font
text/plain 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/584b23049d06130c13eb26d4402f021e.woff

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/fonts.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

53379e894b0f363126474a31bbcaece9b21ccc92995ea57b63e0767a72271971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/fonts.css
Origin: https://www.todayonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 May 2022 19:47:21 GMT
server: nginx
strict-transport-security: max-age=31536000
x-iinfo: 10-231449051-231465414 NNNN CT(156 313 0) RT(1654057724950 99019) q(0 0 5 0) r(6 8) U5
x-ah-environment: prod
cache-control: max-age=1800
x-cache-hits: 10
x-age: 413367
accept-ranges: bytes
content-length: 53523
x-cdn: Imperva
x-request-id: v-1c0a3fa0-dda1-11ec-a00b-a7396e362870
expires: Tue, 19 Jul 2022 09:29:17 GMT

GET
H2 200 38485eb8cce7d5df20961147c6dd9177.woff
www.todayonline.com/themes/custom/mc_todayonline_theme/dist/ 46 KB
47 KB 11ms
9ms Font
text/plain 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/38485eb8cce7d5df20961147c6dd9177.woff

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/fonts.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7b415c864006c59b5c2db54ecc2ceb6b06a06820801f05ad7560f55d14ad6674

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/fonts.css
Origin: https://www.todayonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 May 2022 19:47:21 GMT
server: nginx
strict-transport-security: max-age=31536000
x-iinfo: 5-32886492-32895647 SNNN RT(1654056148260 392532) q(0 0 0 1) r(2 4) U5
x-ah-environment: prod
cache-control: max-age=1800
x-cache-hits: 9
x-age: 498678
accept-ranges: bytes
content-length: 47214
x-cdn: Imperva
x-request-id: v-7dba5f84-dcd7-11ec-9e43-c79441c063b9
expires: Tue, 19 Jul 2022 09:29:17 GMT

GET
H2 200 942d3edb2d3c85a55e931c63f448d0da.woff
www.todayonline.com/themes/custom/mc_todayonline_theme/dist/ 27 KB
27 KB 9ms
9ms Font
text/plain 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/942d3edb2d3c85a55e931c63f448d0da.woff

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/fonts.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a0c5bac5cf275b84834e3c69fb63d20aa9595d23ae47c53ac3ab96b7d5271ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/fonts.css
Origin: https://www.todayonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
x-content-type-options: nosniff
last-modified: Sat, 16 Apr 2022 12:03:06 GMT
server: nginx
strict-transport-security: max-age=31536000
x-iinfo: 10-71781886-71781887 NNNN CT(288 576 0) RT(1653333250555 29) q(0 0 9 0) r(12 15) U5
x-ah-environment: prod
cache-control: max-age=1800
x-cache-hits: 14
x-age: 965472
accept-ranges: bytes
content-length: 27316
x-cdn: Imperva
x-request-id: v-9d043082-d204-11ec-913d-afdf0fcacaae
expires: Tue, 19 Jul 2022 09:29:17 GMT

GET
H2 200 20220718_facebook_ez-link_card.jpeg
onecms-res.cloudinary.com/image/upload/s--7EgpIIHA--/f_auto%2Cq_auto/c_fill%2Cg_auto%2Ch_622%2Cw_830/v1/mediacorp/tdy/image/2022/07/18/ 76 KB
76 KB 10ms
10ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onecms-res.cloudinary.com/image/upload/s--7EgpIIHA--/f_auto%2Cq_auto/c_fill%2Cg_auto%2Ch_622%2Cw_830/v1/mediacorp/tdy/image/2022/07/18/20220718_facebook_ez-link_card.jpeg?itok=mlmZMUiG

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

eca5abffe67effc75ac2afa5671d0336c1311a9e019a29bc6ebc77760ed0e070

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 18 Jul 2022 13:01:32 GMT
server: Cloudinary
etag: "1d1dd2e86e9e27f56bb417c1619479bb"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=1;start=2022-07-19T08:59:17.061Z;desc=hit,rtt;dur=6
accept-ranges: bytes
timing-allow-origin: *
content-length: 78090

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 94E8 80 KB
26 KB 13ms
12ms Script
application/x-javascript 2a02:26f0:6c00:2bf::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 63c6f48702c1f320e0e7057da1e5b1b784d7acc77f9b7cc0dc5438c3c5dee11b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 08:59:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Jul 2022 13:23:23 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26490
Expires: Tue, 19 Jul 2022 09:59:17 GMT

GET
H2 200 a0a29d99242b0cb54020aac8a7f7c658.woff
www.todayonline.com/themes/custom/mc_todayonline_theme/dist/ 27 KB
27 KB 9ms
8ms Font
text/plain 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/a0a29d99242b0cb54020aac8a7f7c658.woff

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/fonts.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

6f225156d4b0bb9d797db670ed5117d03c930e7bc999bac0857ada000d1f8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/fonts.css
Origin: https://www.todayonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 May 2022 19:47:21 GMT
x-cdn: Imperva
accept-ranges: bytes
strict-transport-security: max-age=31536000
x-request-id: v-b9f2c17a-f191-11ec-84a0-97500f5779a6
x-iinfo: 5-96738995-96738996 SNNN RT(1655836864719 8032) q(0 0 0 2) r(2 3) U5
cache-control: max-age=1800
x-age: 0
x-ah-environment: prod
content-length: 27720
server: nginx
expires: Tue, 19 Jul 2022 09:29:17 GMT

GET
H2 200 f92cb73ad1815641e4ea71e81c6a84e0.woff
www.todayonline.com/themes/custom/mc_todayonline_theme/dist/ 27 KB
27 KB 9ms
9ms Font
text/plain 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/f92cb73ad1815641e4ea71e81c6a84e0.woff

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/fonts.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1df704bcc33c12209d2a228e3b930c80cf60691055b3c8e6991813485e75d0d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/fonts.css
Origin: https://www.todayonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
x-content-type-options: nosniff
last-modified: Sat, 16 Apr 2022 12:03:06 GMT
server: nginx
strict-transport-security: max-age=31536000
x-iinfo: 12-48049796-48062188 SNNN RT(1650596645038 125272) q(0 0 0 0) r(1 3) U5
x-ah-environment: prod
cache-control: max-age=1800
x-cache-hits: 6
x-age: 397206
accept-ranges: bytes
content-length: 27460
x-cdn: Imperva
x-request-id: v-57d39280-be4c-11ec-afea-834703238b71
expires: Tue, 19 Jul 2022 09:29:17 GMT

GET
H/1.1 200
OK dest5.html Show response
mediacorp.demdex.net/ Frame 05CA 7 KB
3 KB 588ms
156ms Document
text/html 52.212.211.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mediacorp.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/launch-d80aafbf8ff2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.211.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-211-89.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.todayonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v036-0f31a1724.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: emKlIuXYQKA=
content-encoding: gzip
date: Tue, 19 Jul 2022 08:59:17 GMT
last-modified: Thu, 30 Jun 2022 15:43:27 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YtZyZQAAAJGahwMx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=85262433638588269670537047042138685826
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YtZyZQAAAJGahwMx

42 B
942 B

194ms
190ms

Image
image/gif

52.16.111.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YtZyZQAAAJGahwMx

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

HTTP/1.1

Server

52.16.111.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-111-17.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v036-0edf12844.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 5dplOB7PTIg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YtZyZQAAAJGahwMx
Date: Tue, 19 Jul 2022 08:59:17 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 pubads_impl_2022071401.js Show response
securepubads.g.doubleclick.net/gpt/ 377 KB
129 KB 9ms
8ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

fe7bd8cacf9680625b7da9649a92bee8ab705909190040bad2396b2d6ca9436e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131659
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 08:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 19 Jul 2023 07:35:48 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 96 B
113 B 43ms
18ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.todayonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

660e00972be81adf871fae54ab5b5e76e45ca79de8c8c3ff8b456153bcca38af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Jul 2022 08:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88
x-xss-protection: 0
expires: Tue, 19 Jul 2022 08:59:17 GMT

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 47 KB
15 KB 35ms
34ms Script
text/javascript 2606:4700:20::681a:79b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=a1d93f31-448d-45bb-ae69-13019c16c5a1&toploc=www.todayonline.com
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/survey/script/a1d93f31448d45bbae6913019c16c5a1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:79b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2df3d0eaa75250573a25ec8944a6c51ef13f211ce4e9599821944603d6aaad4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Jul 2022 08:44:27 GMT
server: cloudflare
age: 890
cf-polished: origSize=49201
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOGd4LSNy5weypCDC4U2u2nASzRhDy3p0XpVl8jLU6MncnY%2Bof0S6U5DBq26H19h5OFHc4do01F0U1k9%2BpxPSilzaxUbUrg89Uqllo2ZlVeYIck7pmW8qLihfgnwta6ivKiIPbbKVzQYNIXKvnDrdwdP"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72d242985905694c-FRA
cf-bgj: minify

GET
H2 200 0b1323198167cf96a104e5e012677281.woff
www.todayonline.com/themes/custom/mc_todayonline_theme/dist/ 27 KB
27 KB 10ms
8ms Font
text/plain 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/0b1323198167cf96a104e5e012677281.woff

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/fonts.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1969db37a232a574e060746d7ff39501417f1ec0c29741cbd09990c35210acc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/fonts.css
Origin: https://www.todayonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
x-content-type-options: nosniff
last-modified: Sat, 16 Apr 2022 12:03:06 GMT
server: nginx
strict-transport-security: max-age=31536000
x-iinfo: 9-23410062-23410063 NNNN CT(287 591 0) RT(1652985978697 28) q(0 0 9 -1) r(11 14) U5
x-ah-environment: prod
cache-control: max-age=1800
x-cache-hits: 10
x-age: 623615
accept-ranges: bytes
content-length: 27200
x-cdn: Imperva
x-request-id: v-01e2b74c-d1f8-11ec-b60b-c3e1cdbf2ec9
expires: Tue, 19 Jul 2022 09:29:17 GMT

GET
H2 200 telegram_0.png
onecms-res.cloudinary.com/image/upload/v1635773396/mediacorp/tdy/image/2021/11/01/ 48 KB
48 KB 14ms
11ms Image
image/png 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onecms-res.cloudinary.com/image/upload/v1635773396/mediacorp/tdy/image/2021/11/01/telegram_0.png

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

8883f88fe90241bc3578f84ca69c37286eb15f6b1526dd704907566b5f4bc72d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Nov 2021 13:29:59 GMT
server: Cloudinary
etag: "0f8f9eeb3c87cb82a5778c80bda8450a"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=2;cpu=1;start=2022-07-19T08:59:17.193Z;desc=hit,rtt;dur=6
accept-ranges: bytes
timing-allow-origin: *
content-length: 49282

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 62ms
14ms Script
application/javascript 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 05:48:51 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 11427
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 6EneyW-RjyGXLDO9IRX0_L5CBS9BGaRQkxLYIMNH5oCSrIoRuhnn9g==

GET
H2 200 em.js Show response
sg-ssl.effectivemeasure.net/ 378 B
774 B 62ms
13ms Script
application/javascript 2600:9000:223f:2000:b:3c99:a880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-ssl.effectivemeasure.net/em.js
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2000:b:3c99:a880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b646e7ffbc66071e42f1027eadcc593772e9728738516f4bb79d1b3c9c137eb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: t7PdnOqmxGUTf0a_jPpkk1ZsC1D98ALI
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jun 2020 01:00:17 GMT
server: AmazonS3
age: 296407
etag: "4101041d9fe2bb2666de1f78999a027a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=604800
date: Fri, 15 Jul 2022 22:39:11 GMT
x-amz-cf-pop: FRA56-P5
content-length: 378
x-amz-cf-id: SscfqfzQra6HTia5tuMfM2_1O7FuniUwMVbleoXR_pW2hWDLhlYmVg==

GET
H2 200 ec58f0558bab031d7575cb628f78beb1.woff
www.todayonline.com/themes/custom/mc_todayonline_theme/dist/ 27 KB
27 KB 11ms
11ms Font
text/plain 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/ec58f0558bab031d7575cb628f78beb1.woff

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/fonts.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

dac27ac536b21718eee94700729c6bfe7a409302a54984670adde9f360d29737

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.todayonline.com/themes/custom/mc_todayonline_theme/dist/fonts.css
Origin: https://www.todayonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 May 2022 19:47:21 GMT
server: nginx
strict-transport-security: max-age=31536000
x-iinfo: 3-146810713-146810714 SNNN RT(1654056523212 16903) q(0 0 0 0) r(1 3) U5
x-ah-environment: prod
cache-control: max-age=1800
x-cache-hits: 8
x-age: 388780
accept-ranges: bytes
content-length: 27396
x-cdn: Imperva
x-request-id: v-5dd6cf30-ddd7-11ec-b059-c3db4f57fc17
expires: Tue, 19 Jul 2022 09:29:17 GMT

GET
H2 200 RCbfb08bdb42e74b06b7137db0f598cc0b-source.min.js Show response
assets.adobedtm.com/2926360f3839/5e924aba9162/67ebbf171926/ 344 B
495 B 17ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/67ebbf171926/RCbfb08bdb42e74b06b7137db0f598cc0b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/launch-d80aafbf8ff2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78c7121a3c3b47ae25e0655fc129ce475d61ba2d455098598f07b766bb86ee77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 09:52:43 GMT
server: AkamaiNetStorage
etag: "c8c4a86ff5045202218f1f675822468b:1656582763.175785"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.todayonline.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 227
expires: Tue, 19 Jul 2022 09:59:17 GMT

GET
H2 200 RC3a39dc79c2aa49e18f88288c44611cd1-source.min.js Show response
assets.adobedtm.com/2926360f3839/5e924aba9162/67ebbf171926/ 390 B
520 B 18ms
10ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/67ebbf171926/RC3a39dc79c2aa49e18f88288c44611cd1-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/launch-d80aafbf8ff2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 81cd505b2518b20084e6078c23b007f6ad8901962e571745d2ef5009fb931f9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 09:52:43 GMT
server: AkamaiNetStorage
etag: "c8c4a86ff5045202218f1f675822468b:1656582763.175785"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.todayonline.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 252
expires: Tue, 19 Jul 2022 09:59:17 GMT

GET
H2 200 RC13155b56acee417ebfe792e4b962b80c-source.min.js Show response
assets.adobedtm.com/2926360f3839/5e924aba9162/67ebbf171926/ 4 KB
2 KB 20ms
11ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/67ebbf171926/RC13155b56acee417ebfe792e4b962b80c-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/launch-d80aafbf8ff2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ac78f9999d81c54ef439fa5284220e879992f9e068c6c5becf3c91e10dc25562

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 09:52:43 GMT
server: AkamaiNetStorage
etag: "c8c4a86ff5045202218f1f675822468b:1656582763.175785"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.todayonline.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1568
expires: Tue, 19 Jul 2022 09:59:17 GMT

GET
H2 200 RC39ea7730e93b45f487083ea2adb6719d-source.min.js Show response
assets.adobedtm.com/2926360f3839/5e924aba9162/67ebbf171926/ 500 B
584 B 19ms
13ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/67ebbf171926/RC39ea7730e93b45f487083ea2adb6719d-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/launch-d80aafbf8ff2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6cd077bfe3fc8ee797564a79eb7f424225f767bd8f1f2b219554c9a50e3d3f6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 09:52:43 GMT
server: AkamaiNetStorage
etag: "c8c4a86ff5045202218f1f675822468b:1656582763.175785"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.todayonline.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 315
expires: Tue, 19 Jul 2022 09:59:17 GMT

GET
H2 200 modules.19a1bc5ec8df84a3470e.js Show response
script.hotjar.com/ 246 KB
64 KB 79ms
28ms Script
application/javascript 108.138.7.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.19a1bc5ec8df84a3470e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2822227.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-79.fra56.r.cloudfront.net

Software

Resource Hash

1d44c70e9b719bf6984e7cbaaf6027d12d05ada6ffdebd0bea9ce018b28b10e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 10:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81251
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64601
access-control-allow-origin: *
last-modified: Mon, 18 Jul 2022 10:24:19 GMT
etag: "818397aba2bb3d5a64e919a30e128d23"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: wxrZmxa9UE0XHN_-avJ3HHh011uMF2tEHT6agT07cczyRs-t0ywdnQ==

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 334 B
508 B 186ms
58ms Script
text/html 52.17.229.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CM%24%3D!!tTm7jgBufxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-wD%2FqAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-X1mOVythgEwLgg%3D%3D&sc=1&os=1-AQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&pcode=mediacorpheader458604908711&rx=396171225113&callback=MoatNadoAllJsonpRequest_94979231
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/mediacorpheader458604908711/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.229.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-229-209.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 4ca9e818583972924dee3d29186df8359d3f06f087b9a557cf5dbdb906bdc1f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "179cf4cef6984e94ff29a47fa71fac4fa4d2b279"
content-length: 334
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 100 B
274 B 157ms
33ms Script
text/html 52.17.229.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CM%24%3D!!tTm7jgBufxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-wD%2FqAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-X1mOVythgEwLgg%3D%3D&sc=1&os=1-AQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=MEDIACORP_HEADER1&hp=1&wf=1&sgs=3&vb=-1&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1658221157264&de=524838746536&rx=396171225113&m=0&ar=1cb0373166b-clean&iw=8c08eb9&q=1&cb=0&cu=1658221157264&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&cm=1&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=mediacorpheader458604908711&fd=1&ac=1&it=500&pe=1%3A1557%3A1594%3A0%3A0&fs=199410&na=1213286909&cs=0&callback=MoatDataJsonpRequest_94979231
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/mediacorpheader458604908711/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.229.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-229-209.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 93b62139f9bf264126797cc02d20bc33ce83b8a4c1007273f942af25154c2c79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "00c93ffb51906fff2465e64ba819950da2c5c62e"
content-length: 100
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame 0DC8 1 KB
2 KB 14ms
7ms Document
text/html 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/mediacorpheader458604908711/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer: https://www.todayonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2806
content-length: 1374
content-type: text/html
date: Tue, 19 Jul 2022 08:59:17 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
server: AmazonS3
x-amz-id-2: bLl72GtpcxM8rSKIodQlKgK0BRPdEbxIV8PPGYh9PcLqpR363i0Z1TjhY7+mRyWYYTxnhPRiG5Y=
x-amz-request-id: A3423FE5772816F0

GET
H3 200 sm.23.html Show response
static.addtoany.com/menu/ Frame C4F0 741 B
819 B 43ms
26ms Document
text/html 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.todayonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60234
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 72d2429a6dd09189-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 19 Jul 2022 08:59:17 GMT
etag: W/"2e5-5cc9e128a4c38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK d3d3LnRvZGF5b25saW5lLmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
463 B 61ms
7ms XHR
application/json 95.101.201.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnRvZGF5b25saW5lLmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-201-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 08:59:17 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=10968
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: b74d611af4a0ab66e634639c05f7a48
Content-Length: 16
Expires: Tue, 19 Jul 2022 12:02:05 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 28ms
6ms Image
image/gif 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Thu, 18 Aug 2022 08:59:17 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/ 303 KB
93 KB 11ms
10ms Script
text/javascript 2600:9000:2491:9000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53dcf59d6b28bbaa214a2e3833ded4560a55f1753c95a84f940e57da87c771ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:33:53 GMT
content-encoding: br
last-modified: Tue, 19 Jul 2022 07:26:47 GMT
server: AmazonS3
age: 1525
etag: W/"7669e209ca72827be16bbbe5e94609d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: DtF0LpFnSy6qPteJp8MAUsPc6ZmznuXd
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop: FRA56-P7
content-type: text/javascript
x-amz-cf-id: o9sC-uGF3wUX5klY3bkhmMBeysfnAMapM_bxwDIynYbJtlmSRdXlKw==

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 94E8 47 B
638 B 97ms
14ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 2c6a714ea36f4ef0e86abf3c4401be564cff0cfca89893422f6441a377d8f8b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
last-modified: Wed, 19 Jan 2022 08:59:17 GMT
server: Jetty(9.4.28.v20200408)
etag: 1ry2fgz7lckrl2axnh3x0p8v6f
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: private, proxy-revalidate
content-type: text/javascript;charset=utf-8
content-length: 47
expires: Wed, 19 Jul 2023 08:59:17 GMT

HEAD
H2 200 ts.json Show response
sg-config.sensic.net/ 0
566 B 48ms
29ms XHR
application/json 2600:9000:223c:ac00:16:a1f8:76c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-config.sensic.net/ts.json
Requested by: Host: sg-config.sensic.net
URL: https://sg-config.sensic.net/s2s-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ac00:16:a1f8:76c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:18 GMT
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-length: 2
last-modified: Mon, 20 Jun 2022 16:08:02 GMT
server: AmazonS3
etag: "99914b932bd37a50b983c5e7c90ae93b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: _MxcHwrm_tHjH95NGdvam8FE954Rbs.k
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-type: application/json
x-amz-cf-id: sPZ92XDE1SEs-QFKl9lcqcd0K04j4M3AtqQwtlG8HvgjBsvMIrR6dQ==
expires: Wed, 21 Oct 2015 07:28:00 GMT

GET
H2 200 sui.html Show response
sg-config.sensic.net/ Frame 97A8 201 B
563 B 10ms
9ms Document
text/html 2600:9000:223c:ac00:16:a1f8:76c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-config.sensic.net/sui.html?optin=true&m=1&ai=&o=&dt=&t=s2s-w&m=TdyWeb&r=www.todayonline.com&optin=true
Requested by: Host: sg-config.sensic.net
URL: https://sg-config.sensic.net/s2s-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ac00:16:a1f8:76c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8bc402f0b0bd629a68cfe0318d54d195a08f189ed97e823bec7ade045717a68

Request headers

Referer: https://www.todayonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 32
cache-control: max-age=60
content-encoding: gzip
content-length: 163
content-type: text/html
date: Tue, 19 Jul 2022 08:58:46 GMT
etag: "e165f8c6919526b6c3338a4b4eeb9acc"
last-modified: Mon, 20 Jun 2022 16:08:02 GMT
server: AmazonS3
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-id: iHMnHIUVhie9oz_D46DU2LyOeMBacVOWalxD3VytSD78oHRkkeG_-g==
x-amz-cf-pop: FRA56-P2
x-amz-version-id: 98YuBks_0m82kUg1D3F8oX0VgNR2ASo2
x-cache: Hit from cloudfront

GET
H3 200 icons.30.svg.js Show response
static.addtoany.com/menu/svg/ 77 KB
33 KB 24ms
23ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.30.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15125439
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 01:49:04 GMT
server: cloudflare
etag: W/"132a9-5d0656e4a26b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 72d2429aeea99189-FRA
cf-bgj: minify

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 293 B
593 B 153ms
101ms XHR
application/json 2a04:4e42::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=todayonline.com&domain=todayonline.com&path=%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a46edca35b4a1ecdb0eb5f7d788c1d0a86422e6bf4c05e48797c4c3e5b0bb22b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
content-encoding: gzip
x-cache-hits: 0
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 240
x-served-by: cache-hhn4067-HHN
access-control-allow-origin: *
x-timer: S1658221158.655432,VS0,VE93
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sun, 17 Jul 2022 08:59:17 GMT

GET
H2 200 sui.js Show response
sg-config.sensic.net/ Frame 97A8 77 KB
27 KB 10ms
9ms Script
text/javascript 2600:9000:223c:ac00:16:a1f8:76c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-config.sensic.net/sui.js
Requested by: Host: sg-config.sensic.net
URL: https://sg-config.sensic.net/sui.html?optin=true&m=1&ai=&o=&dt=&t=s2s-w&m=TdyWeb&r=www.todayonline.com&optin=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ac00:16:a1f8:76c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1209384982b6fc977216d1620663a168854f6f518aa13e3d5af698f0839d0d78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sg-config.sensic.net/sui.html?optin=true&m=1&ai=&o=&dt=&t=s2s-w&m=TdyWeb&r=www.todayonline.com&optin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: HmtyAjNK3uN2Q6IdWu0w1ioN6ZDL0Dcy
content-encoding: gzip
last-modified: Mon, 20 Jun 2022 16:08:02 GMT
server: AmazonS3
age: 35
etag: "05228b61ccb3bcd82fbc82fab07c5437"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
cache-control: max-age=60
date: Tue, 19 Jul 2022 08:58:43 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 26859
x-amz-cf-id: d9icoctSsKqf8oVro-DH70w9ekbX61i6yziKDf_mDZMgeMZ4AqaHNw==

GET
H2 204 b
sb.scorecardresearch.com/ 0
189 B 10ms
5ms Image
text/plain 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6154803&cs_it=b3&cv=3.8.0.210223&ns__t=1658221157659&ns_c=UTF-8&c7=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&c8=Man%20exploited%20EZ-Link%20card%20auto%20top-up%20function%20to%20buy%20at%20least%20S%24109%2C990%20worth%20of%20cigarettes%20with%20friends%20-%20TODAY&c9=
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 79b16DYE6v6-lpyGdac7Qfad7mkuRGn5PFMouwQhseAU-9_hZWndLQ==
x-cache: Miss from cloudfront

GET
H2 200 tag.js Show response
t.effectivemeasure.net/ 22 KB
7 KB 339ms
294ms Script
application/javascript 18.66.112.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.effectivemeasure.net/tag.js?1658
Requested by: Host: sg-ssl.effectivemeasure.net
URL: https://sg-ssl.effectivemeasure.net/em.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-82.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be1c4031c965bdf06827008cc018d79cbed689468cd9be0e6810a56a5f6617d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: O3a7WZEATOQUEXh0NtsTxnF269jGh9BQ
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 01:00:17 GMT
server: AmazonS3
age: 129107
etag: W/"93cb9d1cb96864d82a396bd64bd41630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: public, max-age=604800
date: Sun, 17 Jul 2022 21:07:31 GMT
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: iGvauvxNjrnGyB2sxIFPReMP0eK4QuDy__Ezog7fGWV82wBa-ZNPgw==

GET
H2 200 storageframe.html Show response
secure-sg.imrworldwide.com/ Frame 337C 11 KB
4 KB 32ms
29ms Document
text/html 52.214.227.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-sg.imrworldwide.com/storageframe.html
Requested by: Host: secure-sg.imrworldwide.com
URL: https://secure-sg.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.227.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-227-32.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc

Request headers

Referer: https://www.todayonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-length: 3489
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 08:59:17 GMT
etag: "62c71a7d-da1"
last-modified: Thu, 07 Jul 2022 17:40:13 GMT
server: nginx

GET
H/1.1 200
OK analytics Show response
rt.mediacorp.sg/today-article/ 3 KB
2 KB 970ms
698ms XHR
application/json 45.60.34.205
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.mediacorp.sg/today-article/analytics?id=1946976&platform=online&site=today&sitelang=en&path=/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.34.205 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 7f85cfefb331522c43705c0899c3664e4f8c6e7c54878a9bd5ee8521ca79133d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 08:59:18 GMT
Content-Encoding: gzip
X-CDN: Imperva
x-amzn-RequestId: cda7c871-15a4-444a-8fed-30831014102b
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Iinfo: 3-238390072-238390077 NNYN CT(165 333 0) RT(1658221157356 32) q(0 0 5 1) r(7 7) U12
X-Amzn-Trace-Id: Root=1-62d67266-298db5f728ac3a362c3bd64f
Connection: keep-alive
x-amz-apigw-id: VgbQDGIPSQ0FVCQ=

GET
H2 200 _Incapsula_Resource
www.todayonline.com/ 1 B
234 B 19ms
18ms Image
text/plain 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.todayonline.com/_Incapsula_Resource?SWKMTFSR=1&e=0.46955004981037374

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:17 GMT
strict-transport-security: max-age=31536000
content-type: text/plain
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex
content-length: 1
expires: Tue, 19 Jul 2022 08:59:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 185 KB
68 KB 53ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MNRC5V

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/sites/default/files/google_tag/primary/google_tag.script.js?rf8z32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

625493faffb5d44848c42066a1d349f14937feeb11cc0a4fd189a9d13fec23e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69480
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Jul 2022 08:59:17 GMT

GET
H2 200 RC308059a3328741c99e0cf0a12c165380-source.min.js Show response
assets.adobedtm.com/2926360f3839/5e924aba9162/67ebbf171926/ 1 KB
800 B 9ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/67ebbf171926/RC308059a3328741c99e0cf0a12c165380-source.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 51e28882b6a8817aaff06015a33a6847ed36ca672998495cd8f6f5af17308c76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 09:52:43 GMT
server: AkamaiNetStorage
etag: "c8c4a86ff5045202218f1f675822468b:1656582763.175785"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.todayonline.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 531
expires: Tue, 19 Jul 2022 09:59:17 GMT

GET
H2 200 RC5dcf8a9e619e4c74a3871ae2d06a8f65-source.min.js Show response
assets.adobedtm.com/2926360f3839/5e924aba9162/67ebbf171926/ 2 KB
901 B 10ms
9ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/67ebbf171926/RC5dcf8a9e619e4c74a3871ae2d06a8f65-source.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5a6262b78afcd9bc5910c80a2f41c8694688d81832ec558c868551266b485697

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 09:52:43 GMT
server: AkamaiNetStorage
etag: "c8c4a86ff5045202218f1f675822468b:1656582763.175785"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.todayonline.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 632
expires: Tue, 19 Jul 2022 09:59:17 GMT

GET
H2 200 1946976 Show response
www.todayonline.com/read-also/related/article/ 5 KB
1 KB 505ms
504ms XHR
application/json 23.75.234.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.todayonline.com/read-also/related/article/1946976

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/sites/default/files/js/js_LLHSjMCVzQZsuafHeHlYNi95f-T5y_yOyRBs6giG97U.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.234.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-234-137.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3ac1ad349d13ce5671690154d9b171de3f75b376e88fc1c1ced32ae18766ad27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 8-14912308-14912309 NNNN CT(159 161 0) RT(1658221157772 1) q(0 0 4 -1) r(5 5) U5
x-drupal-dynamic-cache: HIT
x-cache-hits: 3
x-age: 240
x-ah-environment: prod
content-length: 767
x-request-id: v-833ef008-0740-11ed-bdc9-b3185a365786
x-ua-compatible: IE=edge
last-modified: Tue, 19 Jul 2022 08:55:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1658220917"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: public, max-age=300
accept-ranges: bytes
content-type: application/json
expires: Tue, 19 Jul 2022 09:04:18 GMT

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 94E8 43 B
467 B 45ms
15ms Image
image/gif 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.4.3&typ=pgv&rnd=l5ry29fogsfec5lz&sid=9222302702321341888&loc=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&new=1&arf=0&ltm=1658221156932&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=l5ry29h5yzhtsq20&ckp=l5ry29h757t6wyk2&glb=&eid0=8581d8ce-9b27-45f2-b020-f7940da27686&eit0=mdc&cst=1ry2fgz7lckrl2axnh3x0p8v6f
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:17 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H2 200 get Show response
odb.outbrain.com/utils/ 31 KB
11 KB 278ms
237ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976&idx=0&rand=25362&key=NANOWDGT01&widgetJSId=SB_1&va=true&et=true&format=html&adblck=false&abwl=false&px=1076&py=1642&vpd=442&cw=303&activeTab=true&darkMode=falsefalse&settings=true&recs=true&version=2000817&sig=RUvVIuuw&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a5c5fcbd491e7805187e12fa8c501fa18d9bb082adca93d845e392bd27b50870

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:18 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1658221158.000130,VS0,VE226
accept-ranges: bytes
x-served-by: cache-lga21977-LGA, cache-fra19134-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 469671ceed91e831ae26ab813645c0e4
content-encoding: gzip
content-length: 11215
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 suigenerator Show response
sg-config.sensic.net/ Frame 97A8 109 B
630 B 472ms
472ms XHR
application/json 2600:9000:223c:ac00:16:a1f8:76c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sg-config.sensic.net/suigenerator?optin=true&m=1&ai=&o=&dt=&t=s2s-w&m=TdyWeb&r=www.todayonline.com&optin=true&f=json

Requested by

Host: sg-config.sensic.net
URL: https://sg-config.sensic.net/sui.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:ac00:16:a1f8:76c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

1f61e52ba5983e0eac376d1282eac092b85a0d1360701c633f45dd008730bb11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sg-config.sensic.net/sui.html?optin=true&m=1&ai=&o=&dt=&t=s2s-w&m=TdyWeb&r=www.todayonline.com&optin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-length: 111
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Fri, 02 Jan 1970 00:00:00 GMT
server: Apache
etag: "e06e2ca8b21bb4ca67d0cc0fbeb2bbe45a4ca9f2"
vary: Accept-Encoding,Origin
content-type: application/json; charset=UTF-8
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
access-control-expose-headers: date
cache-control: public, max-age=126144000
timing-allow-origin: *
x-v-api: 2.5.4
x-amz-cf-id: QGKu1j3jGk4sAtb1le2R5vWmYLUc32do6RqQaylr3hj0vvqfgQyLYw==

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 116 B
704 B 53ms
16ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22l5ry29h757t6wyk2%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%221ry2fgz7lckrl2axnh3x0p8v6f%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%221ry2fgz7lckrl2axnh3x0p8v6f%22%7D%5D%2C%22siteId%22%3A%229222302702321341888%22%2C%22location%22%3A%22https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU%22%7D&callback=cXJsonpCBl5ry2a9hs9jll4jy

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

11bff36661fcd1685c78ac5096a8b0fa68190a2b87e25db973e7b717dfb3807c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 116
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 box-0004cb77850b00d4aa7e1e08ff61e8f0.html Show response
vars.hotjar.com/ Frame ED44 2 KB
1 KB 73ms
7ms Document
text/html 18.66.139.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-84.fra60.r.cloudfront.net

Software

Resource Hash

cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.todayonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 326831
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 14:12:07 GMT
etag: "d2caf2e569940c65a88268a169f3facf"
last-modified: Fri, 15 Jul 2022 14:11:55 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-cf-id: qvomPWORGLEqPRPyvRjv37AONtl_I0pRFTPwgxMa8gk8u50yQNH5yA==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H/1.1 200
OK loader Show response
recommend-zoom.mediacorp.sg/universal/1658221158010/ 19 KB
7 KB 1121ms
1121ms Script
text/javascript 45.60.34.205
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://recommend-zoom.mediacorp.sg/universal/1658221158010/loader?id=gyw7t1oLIA&context=%7B%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36%22%2C%22page_session_id%22%3A%220acf356d-7ac4-4dde-93fc-ed2cfe777d20-1658221157623%22%2C%22meid%22%3A%228581d8ce-9b27-45f2-b020-f7940da27686%22%2C%22cxense_id%22%3A%22l5ry29h757t6wyk2%22%2C%22url%22%3A%22https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU%22%2C%22content_id%22%3A%221946976%22%2C%22date%22%3A1658221157885%2C%22loadid%22%3A1%2C%22exclude%22%3A%5B%22%22%5D%7D

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi-ip.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.205 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.22.0 / Express

Resource Hash

fa99a8be2193125b48a77b68354d7664174c04c3986b7374dbaad667ad3c9cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 08:59:19 GMT
Content-Encoding: gzip
Server: nginx/1.22.0
X-Powered-By: Express
ETag: W/"4cef-nhmWh8nFk4XdAXUU/9ZAyTUsfxI"
Vary: Origin, Accept-Encoding
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
X-Iinfo: 3-238389951-238389953 SNNN RT(1658221156420 1015) q(0 0 0 -1) r(11 11) U2
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-CDN: Imperva
request-context: appId=cid-v1:96d7c721-495d-4e1e-8dc5-2c8f092f6ac2

GET
H2 200 RCcb338a8c9a3f45ceb5490aeab35b01f2-source.min.js Show response
assets.adobedtm.com/2926360f3839/5e924aba9162/67ebbf171926/ 1 KB
838 B 8ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/67ebbf171926/RCcb338a8c9a3f45ceb5490aeab35b01f2-source.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 531fe840c062df3e041b9e1f83af4c4f8f4cfa0f8aee3fa5863140701ae570cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:18 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 09:52:43 GMT
server: AkamaiNetStorage
etag: "c8c4a86ff5045202218f1f675822468b:1656582763.175785"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.todayonline.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 569
expires: Tue, 19 Jul 2022 09:59:18 GMT

GET
H2

200

m
secure-sg.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-sg.imrworldwide.com/cgi-bin/m?rnd=1658221158047&ci=sg-mediacorp&js=1&cg=today&ts=v60.js&vn=6.0.107&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fex...
https://secure-sg.imrworldwide.com/cgi-bin/m?rnd=1658221158047&ci=sg-mediacorp&js=1&cg=today&ts=v60.js&vn=6.0.107&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fex...

44 B
596 B

32ms
31ms

Image
image/gif

52.214.227.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-sg.imrworldwide.com/cgi-bin/m?rnd=1658221158047&ci=sg-mediacorp&js=1&cg=today&ts=v60.js&vn=6.0.107&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&sr=1600x1200&id=lstrg-ca3e944ad89d12588667aea2637c2871&ja=1
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Server: 52.214.227.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-227-32.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-sg.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
server: nginx
location: https://secure-sg.imrworldwide.com/cgi-bin/m?rnd=1658221158047&ci=sg-mediacorp&js=1&cg=today&ts=v60.js&vn=6.0.107&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&sr=1600x1200&id=lstrg-ca3e944ad89d12588667aea2637c2871&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-sg.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK channels-json.cgi Show response
mediacorp.gscontxt.net/main/ 392 B
485 B 426ms
8ms Fetch
application/json 132.145.232.67
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mediacorp.gscontxt.net/main/channels-json.cgi?url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 132.145.232.67 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 6a360fdf5b5a2044df05234ea747f94c48ec95ab33c45c9248dfe8de0cff71ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
AMP-Access-Control-Allow-Source-Origin: *
Transfer-Encoding: chunked
Content-Type: application/json

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
509 B 104ms
72ms XHR
application/json 35.158.200.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.33.0&referrer=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&tmax=3000

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.200.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-200-114.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
accept-ch: sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.todayonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
715 B 57ms
9ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 08:59:18 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c8d53bbd-05db-4648-b66c-944491d0b170
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.todayonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
509 B 138ms
112ms XHR
application/json 35.158.200.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.200.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-200-114.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
accept-ch: sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.todayonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
715 B 121ms
79ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 08:59:18 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: fbf4dc68-1798-44b4-bf03-51cc79eef01e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.todayonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
715 B 49ms
9ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 08:59:18 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1ef5573d-0604-44f5-8e11-1be4f6e5fdcd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.todayonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
510 B 87ms
70ms XHR
application/json 35.158.200.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.200.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-200-114.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.todayonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 48 B
744 B 43ms
7ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 08:59:18 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 347e7a0c-4b12-4f8e-8eed-e4c3d47a86af
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.todayonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 48
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
509 B 99ms
85ms XHR
application/json 35.158.200.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.200.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-200-114.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
accept-ch: sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.todayonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/5800/ 46 KB
15 KB 42ms
8ms Script
text/javascript 108.138.7.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/5800/lt.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/launch-d80aafbf8ff2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-56.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f1d96872360daacc0a24f615db9fe3eb040631c63614d91ed0db1bfecd583b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 04:10:07 GMT
content-encoding: gzip
etag: W/"131386dd2a25f0ddf61e7b2552ac7d60"
last-modified: Thu, 14 Apr 2022 19:45:20 GMT
server: AmazonS3
age: 22299
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: L0ML90adcplIXjbyX39P5jiSxx2n8rfhvPUqvUfmnW6OF8h8NnKoqw==

GET
H/1.1

200
OK

get Show response
collector.effectivemeasure.net/beacon/
Redirect Chain

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1658221158100_1
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1658221158100_1

143 B
741 B

35ms
34ms

Script
text/javascript

34.241.137.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1658221158100_1

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

HTTP/1.1

Server

34.241.137.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-137-254.eu-west-1.compute.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

5051e0eba5218b6f445a1aa1fd666aee2aa78ffdb615700f2384ea9c17dffeb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 08:59:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 135
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 08:59:18 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Vary: Accept
Content-Type: text/plain; charset=utf-8
Location: https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1658221158100_1
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 160
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
715 B 48ms
47ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 08:59:18 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5c59644e-bd6f-4746-a901-c4f8ddcab5d3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.todayonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
509 B 138ms
137ms XHR
application/json 35.158.200.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.200.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-200-114.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
accept-ch: sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.todayonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
715 B 11ms
11ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 08:59:18 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 89ec69d7-2048-43ec-888d-4548036950c5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.todayonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
509 B 106ms
105ms XHR
application/json 35.158.200.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.200.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-200-114.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
accept-ch: sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.todayonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 hotjar-2238439.js Show response
static.hotjar.com/c/ 5 KB
2 KB 10ms
9ms Script
application/javascript 108.138.7.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2238439.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MNRC5V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-127.fra56.r.cloudfront.net

Software

Resource Hash

1da3d09f20fce15112587b50a3cbeb49b536a41dbf3853f4b5e3500bd804c7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
age: 36
x-cache: Hit from cloudfront
date: Tue, 19 Jul 2022 08:59:18 GMT
cross-origin-resource-policy: cross-origin
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
cache-control: max-age=60
etag: W/8985e2bb089b87598d11b65de0619cf9
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: Gs2qfg-BY7Zo_clyxrfC7bnJElZMUiwwn3UchR5G0Z87-xLJtua6Qg==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 52ms
9ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MNRC5V
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 08:59:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=46987
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 72ms
32ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MNRC5V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 08:59:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 43ms
7ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MNRC5V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6801
date: Tue, 19 Jul 2022 07:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 19 Jul 2022 09:05:57 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1382494/ 55 KB
17 KB 41ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1382494/tfa.js
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 172af02b64c148c57c958208e9b33402aac5bb424d29e8648cd76f044dbfdd67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: FH1KrpcVbZGkrPQkvvbSl9wGGSqwqEUt
content-encoding: gzip
etag: "cf410de68701277ad1154d7dc5c4d9d2"
age: 16
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17416
x-amz-id-2: 6i8h6FNvJvfCCTVux5WNYSRjlLUMvGuPm8jyyqeRDP9IeiPn3Os6OOSDygpkAJl4bIfnzR2Q/DM=
x-served-by: cache-hhn4083-HHN
last-modified: Sun, 17 Jul 2022 11:04:46 GMT
server: AmazonS3
x-timer: S1658221158.270979,VS0,VE1
date: Tue, 19 Jul 2022 08:59:18 GMT
vary: Accept-Encoding
x-amz-request-id: CVWZM703XCWP8WK6
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 85
x-cache-hits: 1

POST
H/1.1 204
No Content 316695 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 145ms
24ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/316695
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

X-spotx-Exception-RESULT: exception
Date: Tue, 19 Jul 2022 08:59:18 GMT
X-SpotX-Timing-Transform: 0.000374
X-spotx-Exception-Message: SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux: 0.000940
X-spotx-Exception-0-RESULT: failure
X-SpotX-Timing-Page-Require: 0.000370
X-spotx-Exception-0-ID: MARKET_HALTED
Connection: keep-alive
X-spotx-Exception-0-Message: Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie: 0.000004
X-SpotX-Timing-Page: 0.006447
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000298
X-fe: 142
Last-Modified: Tue, 19 Jul 2022 08:59:18 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.002605
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.todayonline.com
X-SpotX-Timing-Page-Misc: 0.001819
X-SpotX-Timing-Page-Exception: 0.000027
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000010
X-spotx-Exception-ID: SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket: 0.002605
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 prebid Show response
targeting.unrulymedia.com/ 0
167 B 79ms
18ms XHR
text/plain 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/prebid
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.todayonline.com
pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
251 B 129ms
43ms XHR
application/json 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.todayonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Tue, 19 Jul 2022 08:59:18 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 250 B
947 B 99ms
95ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

bc55ea549cdabf29bceef5a88e7e54f21557c2787f4fd7e84329e7a37f430f2b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 08:59:18 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e4042b53-b430-4ba5-95c3-f54d77a7548a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.todayonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 250
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
715 B 15ms
12ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 08:59:18 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3186060c-3164-406c-a88c-ab935f787f5a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.todayonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content 316695 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 136ms
26ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/316695
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

X-spotx-Exception-RESULT: exception
Date: Tue, 19 Jul 2022 08:59:18 GMT
X-SpotX-Timing-Transform: 0.000334
X-spotx-Exception-Message: SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux: 0.000897
X-spotx-Exception-0-RESULT: failure
X-SpotX-Timing-Page-Require: 0.000314
X-spotx-Exception-0-ID: MARKET_HALTED
Connection: keep-alive
X-spotx-Exception-0-Message: Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie: 0.000006
X-SpotX-Timing-Page: 0.006676
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000263
X-fe: 074
Last-Modified: Tue, 19 Jul 2022 08:59:18 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.002901
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.todayonline.com
X-SpotX-Timing-Page-Misc: 0.001927
X-SpotX-Timing-Page-Exception: 0.000021
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
X-spotx-Exception-ID: SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket: 0.002901
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
251 B 120ms
44ms XHR
application/json 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.todayonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Tue, 19 Jul 2022 08:59:18 GMT

POST
H2 204 prebid Show response
targeting.unrulymedia.com/ 0
166 B 68ms
19ms XHR
text/plain 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/prebid
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.todayonline.com
pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 24 B
316 B 128ms
37ms XHR
application/json 52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/5800/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 3499c2bfdc525e4672c8a2d78d7fb89e7cadd4b4c84a58daf8c30f3a2c7cee59

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.todayonline.com
expires: 0
cache-control: no-cache
x-server: 10.45.22.123
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 24
x-consent: absent

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 19ms
7ms Image
image/png 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:18 GMT
last-modified: Sun, 03 Jul 2022 06:49:40 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1656855974.293667"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Thu, 18 Aug 2022 08:59:18 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 17ms
9ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:18 GMT
last-modified: Sun, 03 Jul 2022 06:49:40 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1656855957.074767"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Thu, 18 Aug 2022 08:59:18 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 409ms
91ms Fetch
text/plain 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=18ba775f172cc0a3ffae070c720c50ea_3624_1658221158173&tm=807&eT=0&widgetWidth=303&widgetHeight=487&widgetX=1076&widgetY=1651&wRV=2000817&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=342&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 Harrodsburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 19 Jul 2022 08:59:18 GMT
content-encoding: gzip
X-TraceId: b669702eeaaa5e2ce9b84569e0473c6f
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 204 2822227 Show response
vc.hotjar.io/sessions/ 0
258 B 123ms
42ms XHR
text/plain 143.204.89.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2822227?s=0.25&r=0.02805166185898078
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.19a1bc5ec8df84a3470e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-123.fra50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:18 GMT
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: RlL3ts7JmzLAVDjXplN-NwAJoQLvMJlpVcAOazPDpdSHi2zv_uq4XA==

GET
H2 200 eyJpdSI6ImFkZWQzODY0MTkwNDE1YzM4ZmJmMzI1ODM5OTRmMzAwNTYzYjhjMjBjZjg4MzIzMzlkYzAxMzJiZmY2YjI3OTgiLCJ3IjozMDAsImgiOjIyNywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 26 KB
26 KB 74ms
10ms Image
image/webp 95.101.201.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImFkZWQzODY0MTkwNDE1YzM4ZmJmMzI1ODM5OTRmMzAwNTYzYjhjMjBjZjg4MzIzMzlkYzAxMzJiZmY2YjI3OTgiLCJ3IjozMDAsImgiOjIyNywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-201-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7a0da58f01d2998a2a6424b1450af44176ea7a8f87f29ef62bb17b0eb4eea017

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:18 GMT
last-modified: Thu, 14 Jul 2022 11:19:40 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2386025
access-control-allow-credentials: false
x-traceid: 4409ea7185801cb156bf2ee0c9551a67
timing-allow-origin: *, *
content-length: 26116

GET
H2 200 eyJpdSI6IjhkNjAxNmE4ZTM4MmI3YTQ0ZjNhMGM1Njc1MDg5OTIzMDQyZDYxM2YyY2EyMjEzYjIzYTQyNTQ4OTdjMDMyZDciLCJ3IjozMDAsImgiOjIyNywiZCI6MS41LCJjaCI6LTY2OTM3NTQxNSwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 8 KB
8 KB 72ms
9ms Image
image/webp 95.101.201.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhkNjAxNmE4ZTM4MmI3YTQ0ZjNhMGM1Njc1MDg5OTIzMDQyZDYxM2YyY2EyMjEzYjIzYTQyNTQ4OTdjMDMyZDciLCJ3IjozMDAsImgiOjIyNywiZCI6MS41LCJjaCI6LTY2OTM3NTQxNSwiY3MiOjAsImYiOjR9.webp
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-201-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 89924184310a24e8dbf280e33abb84306b86beb5f55e4dcf9d4ce71f0cf3ed67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:18 GMT
last-modified: Mon, 11 Jul 2022 20:52:36 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2140379
access-control-allow-credentials: false
x-traceid: 4903635014ff7ae6799ddc36807d8bf8
timing-allow-origin: *, *
content-length: 8070

GET
H2 200 eyJpdSI6IjlmZGE2MDc2MzlkMDAzNjEzOWQ5NjI2MDBkZTliZmMwM2M1YzA5MzMxY2UxNTNjY2NiMjc1YWZhMDA3NTJhODEiLCJ3IjozMDAsImgiOjIyNywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 21 KB
21 KB 79ms
16ms Image
image/webp 95.101.201.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjlmZGE2MDc2MzlkMDAzNjEzOWQ5NjI2MDBkZTliZmMwM2M1YzA5MzMxY2UxNTNjY2NiMjc1YWZhMDA3NTJhODEiLCJ3IjozMDAsImgiOjIyNywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-201-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cb0e3a3834516f58d9dfb32eeaf9cbc1c22f404e13a17fa87a857e99c88fce61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:18 GMT
last-modified: Fri, 08 Jul 2022 12:26:13 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1888895
access-control-allow-credentials: false
x-traceid: ce16ae94b1384e9bfcf36c66dea754f0
timing-allow-origin: *, *
content-length: 21528

GET
H2 200 eyJpdSI6IjkzNjRiMTg5Yjk0MWM0OTM2YzA4OWI2MTcyZTc3ZTYwNWIyNGQzOTdlYTUxMDQ2ODlhMWVkYjEwOWY3M2I2NTciLCJ3IjozMDAsImgiOjIyNywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 11 KB
11 KB 81ms
18ms Image
image/webp 95.101.201.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjkzNjRiMTg5Yjk0MWM0OTM2YzA4OWI2MTcyZTc3ZTYwNWIyNGQzOTdlYTUxMDQ2ODlhMWVkYjEwOWY3M2I2NTciLCJ3IjozMDAsImgiOjIyNywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-201-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 426731bec79c213a5156e34965be4bdb8a8fd06e7e7328db86a3e7829e825d56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:18 GMT
last-modified: Tue, 21 Jun 2022 11:26:16 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2348464
access-control-allow-credentials: false
x-traceid: 7335d59a922cd375b41b910ac86a21a0
timing-allow-origin: *, *
content-length: 11144

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2878700&time=1658221158381&url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwA...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2878700%26time%3D1658221158381%26url%3Dhttps%253A%252F%252Fwww.todayonline.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2878700&time=1658221158381&url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwA...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2878700&time=1658221158381&url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIw...

0
265 B

150ms
119ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2878700&time=1658221158381&url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&liSync=true&e_ipv6=AQKuzvNmx7zxCwAAAYIVruFVQAXj9bY2jYuBxiqiE1HfxP2NogrxnD7MTAO2OiMI45MDvbP9NIHVdBHA2tZFkAK7_5Hd8A
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:18 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 87E9B4C7DA904DAAB1D680D074CC5F07 Ref B: FRAEDGE1215 Ref C: 2022-07-19T08:59:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXkJLMiOCF8Iq/328EhzA==
x-li-fabric: prod-lva1

Redirect headers

date: Tue, 19 Jul 2022 08:59:18 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D86F51A328124457883F7CA453005083 Ref B: FRAEDGE1521 Ref C: 2022-07-19T08:59:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2878700&time=1658221158381&url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&liSync=true&e_ipv6=AQKuzvNmx7zxCwAAAYIVruFVQAXj9bY2jYuBxiqiE1HfxP2NogrxnD7MTAO2OiMI45MDvbP9NIHVdBHA2tZFkAK7_5Hd8A
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXkJLMgBkDNoCp2rc+Y2w==

GET
H2 200 json Show response
trc.taboola.com/1382494/trc/3/ 2 KB
2 KB 45ms
25ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1382494/trc/3/json?tim=1658221158389&data=%7B%22id%22%3A84%2C%22ii%22%3A%22%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1658221158383%2C%22cv%22%3A%2220220714-28-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dmediacorppteltd-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1658221158388%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1382494/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: febd2fb1df5cbaa2dcae820d77d7c2f7725d70587954eae847fe7851dfe7db5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms: 24
date: Tue, 19 Jul 2022 08:59:18 GMT
content-encoding: gzip
server: nginx
x-timer: S1658221158.412133,VS0,VE24
x-served-by: cache-hhn4083-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 37ms
15ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1148382323&t=pageview&_s=1&dl=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&ul=en-us&de=UTF-8&dt=Man%20exploited%20EZ-Link%20card%20auto%20top-up%20function%20to%20buy%20at%20least%20S%24109%2C990%20worth%20of%20cigarettes%20with%20friends%20-%20TODAY&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1571175425&gjid=760739177&cid=1613911154.1658221158&tid=UA-55184547-4&_gid=500539463.1658221158&_r=1&gtm=2wg7i05MNRC5V&z=195970221

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.todayonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/989858422/ 2 KB
1 KB 71ms
41ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/989858422/?random=1658221158472&cv=9&fst=1658221158472&num=1&value=0&label=jHlbCJLT3IcCEPaUgNgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&tiba=Man%20exploited%20EZ-Link%20card%20auto%20top-up%20function%20to%20buy%20at%20least%20S%24109%2C990%20worth%20of%20cigarettes%20with%20friends%20-%20TODAY&auid=752422796.1658221158&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ee61bc45d64f7b9e7395cff9e4d1192f262dba55243dbb1916e5476a3ccf4c01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tp.gif Show response
d89e089a522bc70dcd41f83fb75b135f0c2bbd3c184b8e789228b022.trk.sensic.net/ Frame 97A8 42 B
597 B 90ms
17ms XHR
image/gif 65.9.86.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d89e089a522bc70dcd41f83fb75b135f0c2bbd3c184b8e789228b022.trk.sensic.net/tp.gif?r=www.todayonline.com&m=1&r=sg-config.sensic.net&p=sg2&instanceid=D89E089A522BC70DCD41F83FB75B135F0C2BBD3C184B8E789228B022
Requested by: Host: sg-config.sensic.net
URL: https://sg-config.sensic.net/sui.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-94.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sg-config.sensic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 04:05:31 GMT
via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfec.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 17628
x-cache: Hit from cloudfront
content-length: 42
last-modified: Thu, 28 Nov 2019 09:56:25 GMT
server: AmazonS3
etag: "d89746888da2d9510b64a9f031eaecd5"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Origin, Date
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: BcdORI7oB7LPxkjTZkG-Aejegk1qJbKmTfLNCXHbhLYDxWMP4VVigQ==
expires: Wed, 21 Oct 2015 07:28:00 GMT

GET
H/1.1 200
OK detect Show response
detect-survey.effectivemeasure.net/ 19 B
461 B 86ms
8ms XHR
application/json 2600:9000:206f:5800:1f:612c:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://detect-survey.effectivemeasure.net/detect?
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1658
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5800:1f:612c:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 438da1276d1d3eda0a0ad7c3a798065015b616021e05b332c0a12c73b0d1de34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 13 Jul 2022 14:14:52 GMT
Via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 499466
X-Powered-By: Express
X-Cache: Hit from cloudfront
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-Amz-Cf-Pop: FRA56-C1
Content-Length: 19
X-Amz-Cf-Id: -nomxhnPWnfiluX-gx59m65Oi_yrlwaSNUpB4gJqu8hue6eUONcasA==

GET
H/1.1 200
OK sync_pixels Show response
collector.effectivemeasure.net/ 2 B
308 B 139ms
34ms XHR
application/json 34.241.137.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.effectivemeasure.net/sync_pixels?pageURL=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&vt=0d596b3e-ada1-49d8-bcc3-e292c8ce9de1-18215aedfdb-b4d9e815
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1658
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.137.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-137-254.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 08:59:18 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 2
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK pixel
collector.effectivemeasure.net/ 35 B
288 B 44ms
43ms Image
image/gif 34.241.137.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/pixel?et=pageview&ed=&br=t&vn=b21b8ec&tz=0&pu=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&vt=0d596b3e-ada1-49d8-bcc3-e292c8ce9de1-18215aedfdb-b4d9e815&vi=99db997a-fbad-4256-89b7-edc3ebc5b8f3-18215aee06c-13bfac0a&du=0&dt=0&c1=1&c3=1&pc=1&db=0&pr=&tt=Man%20exploited%20EZ-Link%20card%20auto%20top-up%20function%20to%20buy%20at%20least%20S%24109%2C990%20worth%20of%20cigarettes%20with%20friends%20-%20TODAY&te=410&sh=1200&sw=1600
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.137.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-137-254.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 08:59:18 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 204 tp.gif Show response
1658221157557eeb6cb95f35bd3d01dc633148bc66305157392122f8.tmptrk.sensic.net/ 0
134 B 82ms
17ms XHR
text/plain 3.127.130.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1658221157557eeb6cb95f35bd3d01dc633148bc66305157392122f8.tmptrk.sensic.net/tp.gif?m=TdyWeb&r=www.todayonline.com&p=sg2&instanceid=1658221157557EEB6CB95F35BD3D01DC633148BC66305157392122F8
Requested by: Host: sg-config.sensic.net
URL: https://sg-config.sensic.net/s2s-web.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.130.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-130-1.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Jul 2022 08:59:18 GMT
cache-control: no-cache, no-store, must-revalidate
server: awselb/2.0
expires: Wed, 21 Oct 2015 07:28:00 GMT

GET
H2 200 3pc.html Show response
sg-config.sensic.net/ Frame F089 25 KB
9 KB 15ms
13ms Document
text/html 2600:9000:223c:ac00:16:a1f8:76c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-config.sensic.net/3pc.html
Requested by: Host: sg-config.sensic.net
URL: https://sg-config.sensic.net/s2s-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ac00:16:a1f8:76c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 534b55418b02bb803fa566cc6eb5a8590f8be59fedd2bebba103b532a53ac681

Request headers

Referer: https://www.todayonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 32
cache-control: max-age=60
content-encoding: gzip
content-length: 9079
content-type: text/html
date: Tue, 19 Jul 2022 08:58:46 GMT
etag: "721aa00dac52dacbe13876c1d7dc80d6"
last-modified: Mon, 20 Jun 2022 16:08:03 GMT
server: AmazonS3
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-id: NPKvuEbyR41jIoPEBff_u1-vjzVXU2NVoRkFW4oJQa04BTyxD9WCaA==
x-amz-cf-pop: FRA56-P2
x-amz-version-id: DW2_v5nAd4wXsjDM9KM04pW5322pkdeM
x-cache: Hit from cloudfront

GET
H2

200

/
www.google.de/pagead/1p-conversion/989858422/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/989858422/?random=1764769008&cv=9&fst=1658221158472&num=1&value=0&label=jHlbCJLT3IcCEPaUgNgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
https://www.google.com/pagead/1p-conversion/989858422/?random=1764769008&cv=9&fst=1658221158472&num=1&value=0&label=jHlbCJLT3IcCEPaUgNgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
https://www.google.de/pagead/1p-conversion/989858422/?random=1764769008&cv=9&fst=1658221158472&num=1&value=0&label=jHlbCJLT3IcCEPaUgNgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...

42 B
548 B

47ms
22ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/989858422/?random=1764769008&cv=9&fst=1658221158472&num=1&value=0&label=jHlbCJLT3IcCEPaUgNgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&tiba=Man%20exploited%20EZ-Link%20card%20auto%20top-up%20function%20to%20buy%20at%20least%20S%24109%2C990%20worth%20of%20cigarettes%20with%20friends%20-%20TODAY&auid=752422796.1658221158&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ZnLWYr-3IO6gmLAP47GR6Ag&eitems=ChAI8KzZlgYQ0Zir-YSd5axpEh0AAdZ5-JxpYySmc-pJIQiIqr1WmBK0L6kGMX3DhA&random=80164779&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/989858422/?random=1764769008&cv=9&fst=1658221158472&num=1&value=0&label=jHlbCJLT3IcCEPaUgNgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&tiba=Man%20exploited%20EZ-Link%20card%20auto%20top-up%20function%20to%20buy%20at%20least%20S%24109%2C990%20worth%20of%20cigarettes%20with%20friends%20-%20TODAY&auid=752422796.1658221158&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ZnLWYr-3IO6gmLAP47GR6Ag&eitems=ChAI8KzZlgYQ0Zir-YSd5axpEh0AAdZ5-JxpYySmc-pJIQiIqr1WmBK0L6kGMX3DhA&random=80164779&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
fc-id.sensic.net/ 56 B
184 B 44ms
16ms XHR
application/octet-stream 18.195.84.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fc-id.sensic.net/
Requested by: Host: sg-config.sensic.net
URL: https://sg-config.sensic.net/s2s-web.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.84.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-84-169.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 04ab475a46ecb35532c6f4fd2909e0306eaeae5259ec1f4b18bb545486362a85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Jul 2022 08:59:18 GMT
cache-control: private, max-age=63072000
server: awselb/2.0
content-length: 56
content-type: application/octet-stream

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 97 B
653 B 33ms
32ms Script
text/javascript 34.241.137.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22gc%22%3A%22DE%22%2C%22mb%22%3A%220%22%7D&callback=cb1658221158100_2

Requested by

Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1658

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.241.137.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-137-254.eu-west-1.compute.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

895704d6353fff2f354d763d35ef58adac327a2dcdf24e8f0c55dcf629f94825

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 08:59:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 97
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 launchConfigs Show response
survey.effectivemeasure.net/ 2 B
122 B 94ms
93ms XHR
application/json 50.17.194.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1658
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.194.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-194-216.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 19 Jul 2022 08:59:18 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

OPTIONS
H2 204 launchConfigs
survey.effectivemeasure.net/ Frame 0
0 314ms
94ms Preflight 50.17.194.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.194.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-194-216.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.todayonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Tue, 19 Jul 2022 08:59:18 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 100 B
551 B 34ms
33ms Script
text/javascript 34.241.137.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22dmp%22%3A%221658221158668%22%7D&callback=cb1658221158100_3

Requested by

Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1658

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.241.137.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-137-254.eu-west-1.compute.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

602a1df9745f36d45e821a29e4d7ea41660e9ef057016aa7bef44a2d8d18490c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 08:59:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 95
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 s86355992174914 Show response
mediacorp.sc.omtrdc.net/b/ss/mediacorp-mcs-prd/1/JS-2.22.2-LCUM/ 43 B
441 B 586ms
207ms XHR
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mediacorp.sc.omtrdc.net/b/ss/mediacorp-mcs-prd/1/JS-2.22.2-LCUM/s86355992174914

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP6326e4d6b32f4a71ad5204459cc57d66/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 19 Jul 2022 08:59:19 GMT
x-content-type-options: nosniff
x-c: main-1661.I2f39db.M0-585
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 20 Jul 2022 08:59:19 GMT
server: jag
xserver: anedge-69c8d8cc76-fnn45
etag: 3561002825367289856-4619845237789927508
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.todayonline.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Mon, 18 Jul 2022 08:59:19 GMT

GET
H2 200 c.js Show response
collector.brandmetrics.com/ 0
76 B 166ms
35ms Script
text/javascript 20.50.2.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=a1d93f31-448d-45bb-ae69-13019c16c5a1&toploc=www.todayonline.com&rnd=3391983&uid=8581d8ce-9b27-45f2-b020-f7940da27686
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=a1d93f31-448d-45bb-ae69-13019c16c5a1&toploc=www.todayonline.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:18 GMT
content-length: 0
content-type: text/javascript;charset=utf-8

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 69ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.todayonline.com

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Jul 2022 08:59:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 49ms
22ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.todayonline.com

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Jul 2022 08:59:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
442 B 67ms
42ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=2953421284751575&vrg=2022071401&nw_id=4654&nslots=2&eid=31068502%2C21065724&pub_url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&sig=0&req=0&req_cnt=1&dm=8

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
13 KB 456ms
455ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2953421284751575&correlator=1230876091841183&eid=31068502%2C21065724&output=ldjh&gdfp_req=1&vrg=2022071401&ptt=17&impl=fifs&iu_parts=4654%2Ctoday_dweb%2Clb1%2Csingapore%2Carticlepage%2Cna%2Coop&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F6%2F3%2F4%2F5&prev_iu_szs=970x250%7C970x90%7C728x90%2C1x1&ifi=1&adks=685191664%2C1049174106&sfv=1-0-38&ecs=20220719&ists=1&fsapi=false&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26article%253Avideo%3Dfalse%26gs_cat%3Dgs_law%252Cgb_safe%252Cneg_mbv_bmw4%252Cneg_mbv_singtel%252Cgs_law_misc%252Cneg_mbv_mcdonalds%252Cgv_crime%252Cneg_mbv_mcdonalds2%252Cneg_esso_fuelsfp2%252Cgs_shopping_misc%252Cgs_finance%252Cgs_business%252Cgt_mixed%252Cneg_mss_block%252Cneg_mss_block_sustainability%26meid%3D8581d8ce-9b27-45f2-b020-f7940da27686%26meid_seg%3Dnone%26c_id%3D1946976%26c_title%3DMan%2520exploited%2520EZ-Link%2520card%2520auto%2520top-up%2520function%2520to%2520buy%2520at%2520least%2520S%2524109990%2520worth%2520of%2520cigarettes%2520with%2520friends%26cmskeywords%3DEZLink%252Cezlink%2520card%252Cexploitation%252Cauto%2520topup%252Ccigarettes%252Cconvenience%2520store%252Ccat%253Asingapore%26infinitescroll%3Dfalse%26pagetype%3Darticlepage&sc=1&cookie_enabled=1&abxe=1&dt=1658221158940&lmt=1658220878&dlt=1658221156222&idt=1387&adxs=156%2C156&adys=212%2C169&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&frm=20&vis=1&psz=1288x0%7C1288x0&msz=1288x0%7C1288x0&fws=4%2C4&ohw=1288%2C1600&ga_vid=1613911154.1658221158&ga_sid=1658221159&ga_hid=1148382323&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

bd82c3dd37ea461599d649dbff95c3502132bed1666cbcadb60c02e723d14f93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12880
x-xss-protection: 0
google-lineitem-id: -1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.todayonline.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d2adcf6220ab52475f2bdd485c23788e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CE33 6 KB
4 KB 97ms
15ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d2adcf6220ab52475f2bdd485c23788e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.todayonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 08:59:19 GMT
expires: Wed, 19 Jul 2023 08:59:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 id Show response
sg2-s2s.sensic.net/ 0
75 B 38ms
8ms XHR
text/plain 52.28.131.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sg2-s2s.sensic.net/id
Requested by: Host: sg-config.sensic.net
URL: https://sg-config.sensic.net/s2s-web.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.131.180 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-131-180.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 19 Jul 2022 08:59:19 GMT
server: nginx/1.14.1

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 50ms
7ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=MEDIACORP_HEADER1&hp=1&wf=1&ra=5&sgs=6&vb=2&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&t=1658221157264&de=217048726556&rx=396171225113&m=0&ar=1cb0373166b-clean&iw=8c08eb9&q=2&cb=0&cu=1658221157264&ll=2&lm=0&ln=0&em=0&en=0&d=todayonline.com%3AMan%20exploited%20EZ-Link%20card%20auto%20top-up%20function%20to%20buy%20at%20least%20S%24109%2C990%20worth%20of%20cigarettes%20with%20friends%3A__page__%3A-&zMoatAU=-&zMoatPS=-&zGSRC=1&gu=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=mediacorpheader458604908711&fd=1&ac=1&it=500&pe=1%3A1557%3A1594%3A0%3A2351&fs=199410&na=1300469581&cs=0
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 19 Jul 2022 08:59:19 GMT

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 45ms
7ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: W2S5A87EG1C89ADE
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: c9P6myFxLLD3IyZ4P2Q59GznMAh/LL0NtRLP/qzmj57pyyLc8LBRAjUQIZZNiJ5WMagYxPOHvUs=
x-served-by: cache-hhn4060-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1658221159.197298,VS0,VE0
date: Tue, 19 Jul 2022 08:59:19 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7109

GET
H2 200 RC595109a5dff248c494ce609a64e5ba93-source.min.js Show response
assets.adobedtm.com/2926360f3839/5e924aba9162/67ebbf171926/ 2 KB
1 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/67ebbf171926/RC595109a5dff248c494ce609a64e5ba93-source.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: aa309188206dc6a8fac3f2864b399e3fa9136e36d2ddc15fef88a555caa8dbdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:19 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 09:52:43 GMT
server: AkamaiNetStorage
etag: "c8c4a86ff5045202218f1f675822468b:1656582763.175785"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.todayonline.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 796
expires: Tue, 19 Jul 2022 09:59:19 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 46ms
29ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022071401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1146a24ed973a18058fe9838e3736afdfd3173f04d3f4365b46e962d57799816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Jul 2022 08:59:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11133
x-xss-protection: 0

GET
H/1.1 200
OK pixel.gif
recommend-zoom.mediacorp.sg/ 43 B
849 B 170ms
169ms Image
image/gif 45.60.34.205
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://recommend-zoom.mediacorp.sg/pixel.gif?event_type=impression&site=tdy&page_session_id=0acf356d-7ac4-4dde-93fc-ed2cfe777d20-1658221157623&meid=8581d8ce-9b27-45f2-b020-f7940da27686&widget_id=ZTh7fJsBrNj&is_webview=false&request_id=993c4c1e-4c08-4dfc-a7f2-de3c96e7997a&abtesting_id=gyw7t1oLIA&targeted=true&tags=project%3A%3AONECMS%2Cplatform%3A%3AWeb%2Cpage%3A%3AArticle%20Detail%20Page%2Cothers%3A%3ABackfill_Trn_6hrs&content_id=1946976&url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&referrer=&user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&date=1658221159180&response_time=951&recs=tdy-1945221%7Ccbf%7C%7C%7CSlot%20Group%201%2Ctdy-1946316%7Ccbf%7C%7C%7CSlot%20Group%201%2Ctdy-1942796%7Ccbf%7C%7C%7CSlot%20Group%201%2Ctdy-1943781%7Ccbf%7C%7C%7CSlot%20Group%201

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.205 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.22.0 / Express

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 08:59:19 GMT
Vary: Origin
Last-Modified: Thu, 10 Sep 2020 04:10:05 GMT
Server: nginx/1.22.0
X-Powered-By: Express
ETag: W/"2b-1747634ca7d"
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Type: image/gif
X-Iinfo: 3-238389951-238389966 2NNN RT(1658221156420 2185) q(0 0 0 -1) r(1 1) U2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-CDN: Imperva
request-context: appId=cid-v1:96d7c721-495d-4e1e-8dc5-2c8f092f6ac2

GET
H2 200 20220715_am_br-deliveryriders_2.jpg
onecms-res.cloudinary.com/image/upload/s--vfUup4PY--/f_auto%2Cq_auto/v1/mediacorp/tdy/image/2022/07/15/ 111 KB
111 KB 11ms
8ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onecms-res.cloudinary.com/image/upload/s--vfUup4PY--/f_auto%2Cq_auto/v1/mediacorp/tdy/image/2022/07/15/20220715_am_br-deliveryriders_2.jpg?itok=gQFwBYgv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f9d415e9ad97002940ffe73de82385314a9048bfb01fde96a73fa1026065cf9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Jul 2022 15:46:26 GMT
server: Cloudinary
etag: "8c41398c28e111b808ec73a44e200c3a"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=1;cpu=0;start=2022-07-19T08:59:19.200Z;desc=hit,rtt;dur=6
accept-ranges: bytes
timing-allow-origin: *
content-length: 113317

GET
H2 200 1_ben_yeo_steamboat_0.jpg
onecms-res.cloudinary.com/image/upload/s--8aaMhtl---/f_auto%2Cq_auto/v1/one-cms/core/ 235 KB
235 KB 15ms
13ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onecms-res.cloudinary.com/image/upload/s--8aaMhtl---/f_auto%2Cq_auto/v1/one-cms/core/1_ben_yeo_steamboat_0.jpg?itok=J8rAqVaA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

18c7487487e8507fd86e58119ac15dcb341eaf8dd2fda9b3cfb3eb8c05f59c07

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 Jul 2022 03:36:33 GMT
server: Cloudinary
etag: "837ad8685771ff7c8b5656b7ff6dcb82"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=2;cpu=0;start=2022-07-19T08:59:19.201Z;desc=hit,rtt;dur=6
accept-ranges: bytes
timing-allow-origin: *
content-length: 240444

GET
H2 200 photocollage_20220713_184106456.jpg
onecms-res.cloudinary.com/image/upload/s--Mq-TIGLB--/f_auto%2Cq_auto/v1/mediacorp/tdy/image/2022/07/13/ 190 KB
191 KB 13ms
12ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onecms-res.cloudinary.com/image/upload/s--Mq-TIGLB--/f_auto%2Cq_auto/v1/mediacorp/tdy/image/2022/07/13/photocollage_20220713_184106456.jpg?itok=1STd7w-F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

9eada8eb086ca79994b8808f245ff8d88b5fff16bbafcd214cd6f4031aa4b043

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Jul 2022 11:37:28 GMT
server: Cloudinary
etag: "d8c6617bd75fdd74a2490d12831ac1bb"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=2;cpu=0;start=2022-07-19T08:59:19.200Z;desc=hit,rtt;dur=6
accept-ranges: bytes
timing-allow-origin: *
content-length: 194843

GET
H2 200 20220714_pixabay_alcohol_0.jpg
onecms-res.cloudinary.com/image/upload/s--5Sm5_oJe--/f_auto%2Cq_auto/v1/mediacorp/tdy/image/2022/07/14/ 372 KB
373 KB 14ms
13ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onecms-res.cloudinary.com/image/upload/s--5Sm5_oJe--/f_auto%2Cq_auto/v1/mediacorp/tdy/image/2022/07/14/20220714_pixabay_alcohol_0.jpg?itok=nbYpG5P9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

3e53cdd9c20fbf8ef1286890a3e762665173610c55565ce8e9a348c6f81d003c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Jul 2022 09:07:02 GMT
server: Cloudinary
etag: "9f61ae357620e04cf800270ad75f78de"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=2;cpu=0;start=2022-07-19T08:59:19.201Z;desc=hit,rtt;dur=6
accept-ranges: bytes
timing-allow-origin: *
content-length: 381339

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 14ms
8ms Script
application/x-javascript 2600:9000:2240:7800:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:7800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fa7d9bd2cb33c921b9344cccd91566456718083452bb63176be14d5c4357b2d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:48:24 GMT
content-encoding: gzip
last-modified: Fri, 24 Jun 2022 01:40:38 GMT
server: nginx
age: 4255
etag: W/"62b51616-9200"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: TO9iItHiNjwrU-BpTmr4FS4Kb6xodbxLq0-oC5NLZyB4rH-oHnPl5g==
expires: Tue, 19 Jul 2022 09:48:24 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 11ms
7ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&sgs=6&vb=2&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.todayonline.com%2F%2Fsingapore%2F-&i=MEDIACORP_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CM%24%3D!!tTm7jgBufxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-wD%2FqAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-X1mOVythgEwLgg%3D%3D&sc=1&os=1-AQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1658221157264&de=217048726556&rx=396171225113&cu=1658221157264&m=1887&ar=1cb0373166b-clean&iw=8c08eb9&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5261&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1557%3A1594%3A0%3A2351&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=todayonline.com%3AMan%20exploited%20EZ-Link%20card%20auto%20top-up%20function%20to%20buy%20at%20least%20S%24109%2C990%20worth%20of%20cigarettes%20with%20friends%3A__page__%3A-&bo=undefined&bd=undefined&gw=mediacorpheader458604908711&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAU=-&zMoatPS=-&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=199410&na=952761118&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 19 Jul 2022 08:59:19 GMT

GET
H/1.1 200
OK NRBR-1426361f77835025262 Show response
bam.nr-data.net/1/ 49 B
725 B 186ms
147ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRBR-1426361f77835025262?a=1184812251&v=1216.487a282&to=ZVVSMUVQD0JWBUFQX1wfcQZDWA5fGCJHTEBTXGwLWFUEbXQJW01CXVxcAEVtL15TA2NQVUVzXwtDQw5dWwNHFA5EWVUS&rst=3795&ck=1&ref=https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976&ap=864&be=814&fe=3723&dc=2354&perf=%7B%22timing%22:%7B%22of%22:1658221155432,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:55,%22c%22:55,%22s%22:61,%22ce%22:70,%22rq%22:70,%22rp%22:787,%22rpe%22:800,%22dl%22:790,%22di%22:2351,%22ds%22:2352,%22de%22:2408,%22dc%22:3703,%22l%22:3722,%22le%22:3732%7D,%22navigation%22:%7B%7D%7D&fp=1557&fcp=1593&at=SRJRRw1KHEw%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90522e514d855ed21b6ee0407461445cc6b8b64ff2337a20f073d7e965a98204

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 08:59:19 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 72d242a57ed49b1f-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 48ms
18ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 08:59:19 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 301ms
95ms Image
image/gif 34.207.38.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=todayonline.com&p=%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976&u=H7TGHDV8c37D0FWJS&d=todayonline.com&g=60425&g0=singapore&g1=youjin.low&n=1&f=00001&c=0&x=0&m=0&y=5261&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3722&t=HIuSRBwV8iMTmGbXBmRhOkDd7XJC&V=135&i=Man%20exploited%20EZ-Link%20card%20auto%20top-up%20function%20to%20buy%20at%20least%20S%24109%2C990%20worth%20of%20cigarettes%20with%20f&tz=0&sn=1&sv=346onCX4D_1BOnzbqWzvqLDfOtuK&sd=1&im=067b0ef3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.207.38.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-38-202.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:19 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 35BC 13 KB
5 KB 31ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.todayonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:31:08 GMT
expires: Wed, 19 Jul 2023 07:31:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DA36 783 B
536 B 49ms
27ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c91795952804df9c91bc061fda902fa225074a16b7b86c67445b7929e4d5b1c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YZD5R0-VHPP22iuxqNcjAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.todayonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-YZD5R0-VHPP22iuxqNcjAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 08:59:19 GMT
expires: Tue, 19 Jul 2022 08:59:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js Show response
pagead2.googlesyndication.com/bg/ Frame 35BC 35 KB
13 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:39:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 296411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jul 2023 22:39:08 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ Frame DA36 0
0

POST
H2 200 init Show response
gw.geoedge.be/api/ 0
96 B 417ms
195ms XHR
text/plain 3.214.236.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.214.236.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-236-239.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.todayonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 19 Jul 2022 08:59:19 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012207071723000/ 220 KB
61 KB 53ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/amp4ads-v0.mjs

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa4ea8e54139dd16f73e5a3aca1e036ae5699fd2a2da1fe7bb6c5b59caca7674

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 57931
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61513
x-xss-protection: 0
server: sffe
date: Mon, 18 Jul 2022 16:53:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a40ea3ab2445e497"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 18 Jul 2023 16:53:48 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ 14 KB
5 KB 70ms
27ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

574d9c501654d592fb31796d8269e48880618cc7d4b55d424286b50fe6b7aacc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 57931
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5205
x-xss-protection: 0
server: sffe
date: Mon, 18 Jul 2022 16:53:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ecf6d7700179f984"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 18 Jul 2023 16:53:48 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ 94 KB
28 KB 71ms
29ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-analytics-0.1.mjs

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa497572a264f0a35be76178b2ef71de981199be53af1c4608d592947f5c2e97

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28819
x-xss-protection: 0
server: sffe
date: Mon, 18 Jul 2022 23:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9ca8eecb6dce4cd9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 18 Jul 2023 23:08:24 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ 5 KB
2 KB 74ms
32ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-fit-text-0.1.mjs

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d3eafaf26912ddf3fcbda012c6ab84ee03420313f73324e14edf73382766cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 57931
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1910
x-xss-protection: 0
server: sffe
date: Mon, 18 Jul 2022 16:53:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4aeabff663ac872e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 18 Jul 2023 16:53:48 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ 40 KB
13 KB 75ms
33ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-form-0.1.mjs

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bd651a75b41ffd685e205862db2da8e5e758f8a34141738ec0450b60b8d861a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 57931
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
date: Mon, 18 Jul 2022 16:53:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "10eeb975567515a5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 18 Jul 2023 16:53:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 58ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 08:23:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 19 Jul 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Jul 2022 08:59:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
694 B 59ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/2b21528e-ff2c-4ddc-bf3e-aa6b3ba8d6fb/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 07:50:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 19 Jul 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Jul 2022 08:59:19 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ 2 KB
2 KB 10ms
7ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 09:48:35 GMT
x-content-type-options: nosniff
server: cafe
age: 83444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 19 Jul 2022 09:48:35 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ 295 B
319 B 11ms
9ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 09:55:02 GMT
x-content-type-options: nosniff
server: cafe
age: 83057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 19 Jul 2022 09:55:02 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17896714823974455591/ 8 KB
8 KB 12ms
9ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17896714823974455591/downsize_200k_v1?sqp=4sqPyQSUAUKRAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhgIrAEQWhgBIAEtAAAAPzCsAThaRQAAgD8&rs=AOga4qkGfN25EPePsxQxCqK1eVPmX-JJVw

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7d7caf50c23051364ed90b3110d1cde35c50dac1fd062788e5558abeb7ca200

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 14:22:26 GMT
x-content-type-options: nosniff
age: 153413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8075
x-xss-protection: 0
last-modified: Wed, 26 Aug 2020 18:57:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Jul 2023 14:22:26 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13949630039595074571/ 16 KB
17 KB 29ms
27ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13949630039595074571/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qlf-6jtzwhaZxieQ0uMYB8pZ6n_Ww

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d395f1d7b9526373af1bd107d3d973b17eb1be00fc9c67e5e6237aeabf4e60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 06:48:05 GMT
x-content-type-options: nosniff
age: 526274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16879
x-xss-protection: 0
last-modified: Fri, 06 Sep 2019 19:31:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 13 Jul 2023 06:48:05 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 56ms
54ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9eWOZnLWYvnZPKih9u8PgdSpiAXb7LKSa_ndpJbYDLSfo6L3HhABINXvmx5glYKQgqAHoAGU1u7VA8gBBuACAKgDAcgDCqoEsQJP0AvgfPvvnt2f2RZKe3ByWfryMfk25LanGEcM5fzKJC85aI8kTWEHAsAvO3a6FAjdPRTEiGm-iOaZftxA1HAK8X5oQ5JUksFFL0eytpC1fFg4rf3AzYcfITs9lY_RKhQmHoN5ViVUW9REj1-LzYmpk1S8lcBLuEQaz3lHbPvJ7cBYmjekuWnTvaKXZsa-VZAjuH4pQgtzqgaAGpNE0lUQ8OvC8EIYJl-ZHesdfoOBPndkzFjIZk5xkqBcmqPz6C5Ibkn1Xw1jI_o1p9tWZ_3RE8IovhNQU4V-qlEeU2dAzpNoXtBLj-GcguAkxtLgQ6ORAd-0yUNrZ8iGSGYcjwtl511CnVbWl-ExckJ-gAN_TbryqTN97NsiIDo6kCh3cECKGUyD1M35mPEA3OQHz9xAO8AEk5-347UD4AQBkgUECAQYAZIFBAgFGASgBjeAB9SpkSqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCN_wrSCBEIgOGAcBABGB0yAusCOgKAQIAKA8gLAdgTDIgUA9AVAZgWAYAXAbIXHgocCAASFHB1Yi05Mjg2ODUxMzQ4OTA0NTgzGNz1EQ&sigh=I6ZXMWzez5I&uach_m=[UACH]&template_id=492
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3

200

B25164142.293005038;dc_pre=CLf5tZnLhPkCFXEp4AodpYAGjg;dc_trk_aid=486096674;dc_trk_cid=142447246;ord=3775430951;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=
ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005038;dc_trk_aid=486096674;dc_trk_cid=142447246;ord=3775430951;dc_lat=;dc_rdid=;tag_for_child_directed_treatmen...
https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005038;dc_pre=CLf5tZnLhPkCFXEp4AodpYAGjg;dc_trk_aid=486096674;dc_trk_cid=142447246;ord=3775430951;dc_lat=;dc_rdi...

43 B
64 B

43ms
26ms

Image
image/gif

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005038;dc_pre=CLf5tZnLhPkCFXEp4AodpYAGjg;dc_trk_aid=486096674;dc_trk_cid=142447246;ord=3775430951;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005038;dc_pre=CLf5tZnLhPkCFXEp4AodpYAGjg;dc_trk_aid=486096674;dc_trk_cid=142447246;ord=3775430951;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ 0
0 32ms
30ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSR-fs7WfK6WVMxVxOWZMpbBAqbspUAi-vXU5TaSXuvwe9CtnPeloHRIGCOybFHih4ejBFx
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb7083b104ad7bc9261064ea00804840bb42ba5c98aa391f962cab4ab2787fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 40ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.todayonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 49884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 19:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 41ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.todayonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 72194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 12:56:05 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1148382323&t=pageview&_s=1&dl=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1613911154.1658221158&tid=UA-55184547-4&_gid=500539463.1658221158&gtm=2wg7i05MNRC5V&z=1754434767

Requested by

Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 23:08:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35443
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

70ms
53ms

Image
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.todayonline.com
URL: https://www.todayonline.com/singapore/exploit-ez-link-card-auto-top-buy-cigarettes-1946976?fbclid=IwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Protocol: H3
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

date: Tue, 19 Jul 2022 08:59:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1382494/log/3/ 0
250 B 98ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1382494/log/3/unip?en=pre_d_eng_tb&tos=1585&scd=22&ssd=1&est=1658221158385&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1658221159971&vi=1658221158383&ri=1d34a3ccb34f82d466ea5562787abce7&ref=null&cv=20220714-28-RELEASE&item-url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1382494/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://www.todayonline.com
pragma: no-cache
date: Tue, 19 Jul 2022 08:59:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
64 B 55ms
55ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkNG-oXJ0fd9qQzDR4ahPwI5HLWCuqlYuV4oFe0bRuw52_-bEjjtEdR5HjrdiAEDLeFT3VN4WA0A_yf-TGABDCeTduznupJH9D_h_XYwueX2Hi4RamoV0mxBoga80ZMCLKxoHSAcJ5-IMBgQSkEkqoCqiU4csoht_IY5bfnmQTFw0Rj1bUyDT6Bzb5CMaWo19yExTscCGWcOqLBkXyXVcMm6g9ZFgM5nk4ongkPc2bFCJt_bxKOiBqjlhET8kfMHQU3r181szWX14obh1XyZtP-NBovd4hcbCmlKEK1VKgNhdvRh5DhYup2Jn0IujTv6wIwMswtPk0PKvfvy7GcYXxPeLvzT8N3tw2EWFJGuanTaq5wwCO31K4OBQMLq3mGzYb0bDrkum5thHu7gHarxOeLfLR03y_rsBNDeQrhOV6UQ2mFONfZL3ixUDE3Kipw9UtLPYkgnkHr-l5i-O_GdEFayPU1Ki2b_SI3CTNbVZc98nREXRRmK1pZqAu_l8fS6M18fOhqM6p4vNEPnCR2HIDGveaPFVbr5DLDIzQjk_8CxEDbgoaujBUdlUZACqcZwNop6obNpHxa_UEKK99BSBTfOeBmefooP4cyWyCF2Ty3PuXAMBvEgHsn6PwpFTLXrGflPb6dapSbgiQSl-ZclmJ4EJspIvrXljmin7rodzo4lJOfE-7fFjavJuV2YQV8zEw3BqC81lBuYzSc8m_YqqlsZsJjDXw-a4YwPXjQri8JHG7ddLTgGe6UDH4DgpMYIsQJ4shEWwEMMLmODqllzAzXjw02YGVq9Q31gD8E1Obr6Hn8T7x9P1Rzo6jCZS3joFxGkQ3o_nzpd65x-5Aa85Hqseh-p2PKbEN9SKZFoR4YLER0jBEjyuqq0u7Scz8bJV5RrNslyL8_C9frylHNWx8Y0ex4sk12fM_-51cS-_LPMsiH1jgmKppaa7XiUaF2VVmIlQZZW_Et6dN62nAN5LXbDIHqwz61GFcbk26W6b-kFNRcAc5HwtDH85nIYrRGU9f5q7Wl-yVTMvoxwToMu8Y13QQaW6LG47GqeJ-B-_fHYZ7CDU54Wsmuwne_4XCEdH6sKUj5rQ5uDgm0Dssr22bFpLvMUK3Fn3OWpnrxyzflGv4Gu8HYRAPRVq6k2IieGEo0I7R1rYHz-PEQjizeV8KcFQGi-_6OJxeDGFLfo90&sai=AMfl-YQTfM0FiamFg62X5-ua9a3gWtkXJPk6O7TEs36BmzfHVZAKsVw0grokJz-6heLDIlc6VGO4GWhs3xmwmUcOtmeU7fWurhjAEAXyJA9xxZ0nCQ1dfO2hA3UnvtMNGsN_7CbDWVrke19qaQ&sig=Cg0ArKJSzJxo2ZxYWhBbEAE&cid=CAASUORoBpNbVWbjwYgfwkyLEK50mLYPP5KTi7X582YJsNBeq8t-Bln1u1wXNeIFq3OTHCWWFWLGB-dOL0jgKUUDDZqT_V6_sX81_QQzq0wk76J4&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=4344&tls=5344&g=100&h=100&tt=5345&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=685191664

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 08:59:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
eb2.3lift.com/ 37 B
140 B 49ms
13ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:59:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 unip Show response
trc-events.taboola.com/1382494/log/3/ 0
249 B 14ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1382494/log/3/unip?en=pre_d_eng_tb&tos=4586&scd=22&ssd=1&est=1658221158385&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1658221162972&vi=1658221158383&ri=1d34a3ccb34f82d466ea5562787abce7&ref=null&cv=20220714-28-RELEASE&item-url=https%3A%2F%2Fwww.todayonline.com%2Fsingapore%2Fexploit-ez-link-card-auto-top-buy-cigarettes-1946976%3Ffbclid%3DIwAR1Y8xdaK9sNXXmhflu-RHczQ9QbgUmjqNumPb0R4Ej3aoCGGDncadaWjnU
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1382494/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://www.todayonline.com
pragma: no-cache
date: Tue, 19 Jul 2022 08:59:22 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022071401&jk=2953421284751575&rc=

Verdicts & Comments Add Verdict or Comment

401 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

72 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
collector.effectivemeasure.net/beacon	1970-01-20 13:15:25	Name: c3 Value: 1
collector.effectivemeasure.net/beacon	1970-01-20 13:15:25	Name: gc Value: DE
collector.effectivemeasure.net/beacon	1970-01-20 13:15:25	Name: mb Value: 0
collector.effectivemeasure.net/beacon	1970-01-20 13:15:25	Name: dmp Value: 1658221158668
www.todayonline.com/	1970-01-20 13:22:03	Name: visid_incap_867149 Value: 0pyMK15BQN6WYedt4qUt02Ny1mIAAAAAQUIPAAAAAAA+Q1QAMlXiCCvETBmh3lFY
www.todayonline.com/	1969-12-31 23:59:59	Name: nlbi_867149 Value: CbOiaqI6UD6P1NGA2FcBHgAAAACawrn4r7m+fi98X50bQiUL
www.todayonline.com/	1969-12-31 23:59:59	Name: incap_ses_728_867149 Value: O/ZrSMc5FSB8SJExPmAaCmNy1mIAAAAA4K+lse2t4JsX8hnMdzIOvg==
.todayonline.com/	1970-01-20 13:22:37	Name: UID Value: 8581d8ce-9b27-45f2-b020-f7940da27686
www.todayonline.com/	1970-01-20 13:22:37	Name: UID Value: 8581d8ce-9b27-45f2-b020-f7940da27686
.todayonline.com/	1969-12-31 23:59:59	Name: cX_S Value: l5ry29h5yzhtsq20
.todayonline.com/	1970-01-20 13:22:37	Name: cX_P Value: l5ry29h757t6wyk2
www.todayonline.com/	1969-12-31 23:59:59	Name: incap_ses_1309_867149 Value: 9MepG1SprgIwM03tIIEqEmRy1mIAAAAAxt4tz8F6JnnwLeesAqcm6w==
.demdex.net/	1970-01-20 08:56:13	Name: demdex Value: 85262433638588269670537047042138685826
.todayonline.com/	1969-12-31 23:59:59	Name: AMCVS_B464317853A9C8390A490D4E%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 13:22:37	Name: everest_g_v2 Value: g_surferid~YtZyZQAAAJGahwMx
.mediacorp.sg/	1970-01-20 13:22:37	Name: UID Value: 8581d8ce-9b27-45f2-b020-f7940da27686
uid.mediacorp.sg/	1970-01-20 13:22:37	Name: UIDPriorityDomain Value: 8581d8ce-9b27-45f2-b020-f7940da27686
.todayonline.com/	1970-01-20 13:22:37	Name: MeID_Seg Value: none
.todayonline.com/	1970-01-20 13:22:37	Name: adtechTargetingKeys Value: none
.dpm.demdex.net/	1970-01-20 08:56:13	Name: dpm Value: 85262433638588269670537047042138685826
www.todayonline.com/	1970-01-20 04:37:01	Name: ___utmvc Value: DAD/ndkyzTnzhkRLdXk6xtEpqdAi0oVzfCCZENzxL49KB3J6tVnSfLq58HBsrR58P80evuYvRsfoyKK4dXyY78Ku64LZ+qnsLnYeMAWFC/aGA+3txeOEPoSlKGYOdHZfst6XlObx4970+rTGL63i3xJOQYVlEsXWtrB3k6nTP5WtesCwmazzKhnVHb2eaqi9bgwm0fR+8i5p1Lk8rfX5jQS19hQW17lMB8NALnDbuRNQBt4ucfFzv4BsC7bHDBjkpcuuHL6NKyVr3MeM+JaLKrgPV38LvPV9SpamATLOcWmYACORRgU2yBCXok/96llaLfqNk/ZMxRHacwmJ4qnuFDmInH5SMC2JttweANCjdbUlQXsBk2+6tR0O1EvT2Pg3VHQKWy2ye5S4nCQRfL7rfGF9srClPRcQEE3Qj4yITyWEdqc3OZzESgoVPmL1BJYUhpKtF/fq62T6RwTMxTkLXFkryV+5sBpuEDLDb4DMvgK+czeXw4MFQ/aC7zncGjm6heA/gq9ZpIo+ko63NRj+N9NVBhaOD6p+W+FmzGcviXDHgtfCxaRaVDWKd5y86EIM3PI0oLCm/0gveDbbGLHAaTICChR5RsAhZG0QkNB8H9h/Q2YEcnv2V+hWVUnjYfjSYa7PCZ40CEV0IDyYRWDIDxfMY7WzNmYmCXbMpz0p1pJOjQa44msDhBQb+J+FnR6wHpsU2YKBWePgJ4hx9hQgw0goNNHbIG35AJk1QbJkbutpq6SdoHNGbZYF8M2JNY3X8oMqSJWK5tGZ2Rlzu7BRzULFPaWlvR3ewXIcSsSmrgOX6NP2lMkGjM0hx+AdbIcOLhKLOeKBQHi6LQH4lr24rvVggxH3eCUOl+Ccg3lwwIJnE5TUX7gMmeV6lkMunSNBI4QYl8fZBa4txM2aGwatTfZ3irJncrfQxmvXArCx87RLiRa5NWU02/CL72oO4LtEWuA/z4itQLNWbyiu0DF5k3xqpGZY0vQKArsR+Iyiam4DI8FXZuPOvn1/GQBDeKM8dkdg+fkV1W63fgyfw27FxBIj4VFWDgivBYKeJXFDJOPd/ae6x0CVVpqmB0jU2vRRBVuvD97t8zyYORaquIf8IIvM/GHMGDH2AV1pNKlbaYtim9iptORiZw/7uY3biKyAwoNZyPij50sYyLnrfctW8oxFRKN0+fEY/bIyyS3EsLspEMtEov6FdpluWjT1cgI/YJxUJDJkiL34PrkESQ/1iB9c65Sy1BHrKVIfFXGDl0SjayPU7FSlwgNSWkVNOdezT7Gdwuf50zIQEzX4watDhVTb72rWzP2b4z45Yy+UtAFhCsWPqCUM+BSOSImfTpkuqT+mMCmWXCcoArNb0OtmLTZJmsqf2iTB8uyfwNRt5ckrg1C1NJJeelXfVpSVTvoZS/19fPfUGiDKDZUedMAC8FtLwGkTzZuzY2y0TQ+N5ZIx7SkaDDQgivQRTEuf0YIH9xLxqxCTSWQ5+KBY62UVj1x9a2giWr8e8kZxlOV1DB8F0nJxq/PX3q5vD960T8a3V40PKpAcEx0A3Gs+GkDNrHE5RSRkuWrgE64Mrgi1wHHjI0gsUZcR5VMU8hGeSMNqFNC//uNgS00LcYWvvaulwfoG0QmBdH9rRMEi71r9EB/zgjsMAaVl5uYPt56Cqc5A7Rcg92DCCF6Xor+3YggVZMGedumpHq9Mwdp34YlG+3vfgCKGaoTh0a8mQXtOeNzZybmjGStQXXUl9jIOfYSB9txUrem5SMTwJH0SFfDkQzMkl13osEuzVStTmJzHxTQiOCOkaCCPDUvxW9StPUggL0PzjeCLKDWiJpzMpdQDLGw+Uw3fCR6mlNen1w3Pjdf2ZyF1HjxUuNMzGZw3nb240Kg7NYM/0p394HfWiqgHYKidEKvcavR8yHFFNxY0knq5czvNYmZ01mg9kH5oA8kRLMdJTkigLg2gLTxyoc2Hh3lxsUagCWQZ8x4bY46nkSGYrhhzjP6WOl/rVpmt1B99qjb+iw+K4f5kZ3E5jlB8AcOxwZCaTRPRp/EfQeUiF2Bgb9SpUwDbooXN68aAvnPnNlCLuVnZUs03icaDukFv6MfrHcezbZY8tDvCJ7KQub6Zvx4/J1A3yuKqiZlBEx/qrXEd2HGpJ7Rv4ijzsw1NA4Xw0hFYii38d7d4Cg2BY7uNsLvsLSQjl0iUpE8TUDvoguggUtGiXtSCjokrc1LLsUmCEiJOaJzcAeNprDIYtuZVZZPT39rm22/OeStVioyDswGZxMTiJxMhAEvOI4FUDWAfL8gX7gzxPuawoe/MJhRKDGvaQgSkfMEQFa/OsMgif2xipwwXhmRKcnvzDqJ1B/j3DrmAxNUyL5/ygsjcOqfZ7dYB9YB12Ts6NbEj8YKcpY2Q4Pp8D7U+5QW6hEfaU4QrmixJdR2i+k0ssMmj78Ffy8svBHF2/qvcbjUlY6eJjv6tbTQF6pqMcvYtmNqffnswBNNB9Y25BbZOH2qWfF7Lz5EcK5StWzWOs1yte483be1Dfgd+lFTCAc65owJxUgS3hbS6BZsjsXvTsKnXdwaA8raND/27suADL+v5LP94RUtQiMaCOmZ6byXFkUMABjKRM+BZpz1Q2qm+h5v0z21KXha+uT19+jym/XXzAcIpDVtIRkXXlbWF3CfyI51fokuM6U3zZNb7akvOQdyzIN2BLGRpZ2VzdD0xODM4ODYsMTg0MTA5LHM9YWI5YmFjYTI4MTdkN2ZhMDg3YWQ5NWE4Njk2MDkwODE3MTY4N2I5ODlmNzA4YTdmNzVhZGEzODE4NGE3OGNhMjgxODBiMmFiODhhNzc2NmU=
www.todayonline.com/	1969-12-31 23:59:59	Name: incap_ses_536_867149 Value: WTHWe0aWFhge05+f10FwB2Vy1mIAAAAA8VzbZkTudrloWi251UnLRg==
.cxense.com/	1970-01-20 13:22:37	Name: gckp Value: cx:1egkx3u3uzzm21p7cflah5b9t:7w0rgwzqbncp
.todayonline.com/	1970-01-20 22:09:39	Name: AMCV_B464317853A9C8390A490D4E%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19193%7CMCMID%7C91367789870297912791147547428323689850%7CMCAAMLH-1658825957%7C6%7CMCAAMB-1658825957%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1658228357s%7CNONE%7CMCSYNCSOP%7C411-19200%7CvVersion%7C5.2.0
.imrworldwide.com/	1970-01-20 13:58:37	Name: IMRID Value: 125c2210-0741-11ed-a585-4768977b0171
.todayonline.com/	1970-01-20 06:46:37	Name: _gcl_au Value: 1.1.752422796.1658221158
.todayonline.com/	1970-01-20 13:22:37	Name: cX_G Value: cx%3A1egkx3u3uzzm21p7cflah5b9t%3A7w0rgwzqbncp
.todayonline.com/	1970-01-20 04:37:01	Name: lotame_domain_check Value: todayonline.com
.todayonline.com/	1970-01-20 13:22:37	Name: _hjSessionUser_2822227 Value: eyJpZCI6IjBmNDQyNDY2LTI1NmEtNWZhYi1iOWIzLTcyODE4MTk0YmI5NiIsImNyZWF0ZWQiOjE2NTgyMjExNTc3MjIsImV4aXN0aW5nIjpmYWxzZX0=
.todayonline.com/	1970-01-20 04:37:02	Name: _hjFirstSeen Value: 1
www.todayonline.com/	1970-01-20 04:37:01	Name: _hjIncludedInSessionSample Value: 0
.todayonline.com/	1970-01-20 04:37:02	Name: _hjSession_2822227 Value: eyJpZCI6ImNjZjY5YWU2LWQ4MDItNDZiYS1hZjcxLTMyNDljZGM3MWU5YSIsImNyZWF0ZWQiOjE2NTgyMjExNTgzMzksImluU2FtcGxlIjpmYWxzZX0=
.todayonline.com/	1970-01-20 04:37:02	Name: _hjAbsoluteSessionInProgress Value: 1
collector.effectivemeasure.net/	1970-01-20 13:15:25	Name: vt Value: 0d596b3e-ada1-49d8-bcc3-e292c8ce9de1-18215aedfdb-b4d9e815
.todayonline.com/	1970-01-20 22:08:13	Name: _ga Value: GA1.2.1613911154.1658221158
.todayonline.com/	1970-01-20 04:38:27	Name: _gid Value: GA1.2.500539463.1658221158
.todayonline.com/	1970-01-20 04:37:01	Name: _gat_UA-55184547-4 Value: 1
www.todayonline.com/	1969-12-31 23:59:59	Name: LUID Value: null
www.todayonline.com/	1969-12-31 23:59:59	Name: lotameid Value:
.sg-config.sensic.net/	1970-01-20 22:08:13	Name: sui Value: %7B%22id%22%3A%22D89E089A522BC70DCD41F83FB75B135F0C2BBD3C184B8E789228B022%22%2C%22cd%22%3A1658221158%2C%22lt%22%3A1721293158%2C%22t%22%3A%22s2s-w%22%2C%22apps%22%3A%7B%22SuiGen%22%3A%222.5.4%22%2C%22VMS%22%3A%222.0.9%22%7D%7D
.todayonline.com/	1970-01-20 13:15:25	Name: _em_vt Value: 0d596b3e-ada1-49d8-bcc3-e292c8ce9de1-18215aedfdb-b4d9e815
.todayonline.com/	1970-01-20 04:37:02	Name: _em_c3 Value: 1
.todayonline.com/	1970-01-20 04:37:02	Name: _em_vi Value: 99db997a-fbad-4256-89b7-edc3ebc5b8f3-18215aee06c-13bfac0a
.todayonline.com/	1970-01-20 04:37:02	Name: _em_lt Value: 1658221158508
.todayonline.com/	1970-01-20 04:37:02	Name: _em_ft Value: 1658221158508
.todayonline.com/	1970-01-20 04:37:02	Name: _em_pc Value: 1
.linkedin.com/	1970-01-20 05:20:13	Name: UserMatchHistory Value: AQLVyIR-eiMaugAAAYIVruBN3B9yaw76KdaEfT776hVy39AgHK6j2PlcX5aaNzEfs-JyZ1R4Xki4aA
.linkedin.com/	1970-01-20 05:20:13	Name: AnalyticsSyncHistory Value: AQI8V6ZkhVYHUAAAAYIVruBNqyspji8HMoaxzaH0xwAlCRnL291mFzBMt221Wfh4KNh2b6JSX09suAw57BKzjw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 22:08:55	Name: bcookie Value: "v=2&ecd37edd-1629-455e-8d6e-ff8a1f3dd17e"
.linkedin.com/	1970-01-20 04:38:27	Name: lidc Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2529:u=1:x=1:i=1658221158:t=1658307558:v=2:sig=AQGBRO6YLnCe8Z0FXPUVTCRlO2Vlx7xL"
www.todayonline.com/	1970-01-20 22:08:13	Name: sui_1pc Value: 16582211586092932B894D5B0DCB6D8C8E381734BA375D5D1A0DD700
.todayonline.com/	1970-01-20 13:15:25	Name: _em_gc Value: DE
.todayonline.com/	1970-01-20 13:15:25	Name: _em_mb Value: 0
.sensic.net/	1970-01-20 22:08:13	Name: sui_3pc Value: 16582211586161D98A3AF1EA1FE0A7B53AFFC24C9F5E18274C146873
.todayonline.com/	1970-01-20 05:20:13	Name: s_nr Value: 1658221158647-New
.todayonline.com/	1970-01-20 04:37:02	Name: gpv_v9 Value: sg%3Atoday%3Aonline%3Asingapore%3A20220718%3A1946976_Man%20exploited%20EZ-Link%20card%20auto%20top-up%20function%20to%20buy%20at%20least%20S%24109%2C990%20worth%20of%20cigarettes%20with%20friends
.todayonline.com/	1970-01-20 13:15:25	Name: _em_dmp Value: 1658221158668
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 22:08:55	Name: bscookie Value: "v=1&202207190859189ad2cb4b-71de-467e-830a-c94484e79bffAQGb_s67o_JJGvAaDHz0lJnQ3YFpnv9E"
.linkedin.com/	1970-01-20 22:05:25	Name: li_gc Value: MTswOzE2NTgyMjExNTg7MjswMjGaiCedRROp3mkjJwmz9hGw8CYjJrakgak2I/7dC2mmTw==
.todayonline.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.todayonline.com/	1970-01-20 04:37:02	Name: _em_scf Value: []
.todayonline.com/	1969-12-31 23:59:59	Name: s_ppvl Value: sg%253Atoday%253Aonline%253Asingapore%253A20220718%253A1946976_Man%2520exploited%2520EZ-Link%2520card%2520auto%2520top-up%2520function%2520to%2520buy%2520at%2520least%2520S%2524109%252C990%2520worth%2520of%2520cigarettes%2520with%2520friends%2C23%2C23%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.todayonline.com/	1970-01-20 14:05:49	Name: _cb Value: H7TGHDV8c37D0FWJS
.todayonline.com/	1970-01-20 14:05:49	Name: _chartbeat2 Value: .1658221159265.1658221159265.1.346onCX4D_1BOnzbqWzvqLDfOtuK.1
.todayonline.com/	1970-01-20 04:37:02	Name: _cb_svref Value: null
.doubleclick.net/	1970-01-20 13:58:37	Name: IDE Value: AHWqTUlRmjVHC2mwOwePBPRlP2NrGI8BtZfpDQklEJ8WTl-7dxvP9YPAyDKDkmTzb4w
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: ef49a97c58a9b111
.todayonline.com/	1970-01-20 13:58:37	Name: __gads Value: ID=b8562ec33a2586a4:T=1658221158:S=ALNI_Mbxox413OJI-bvEO-itPf91RbjNrw
.todayonline.com/	1969-12-31 23:59:59	Name: s_ppv Value: sg%253Atoday%253Aonline%253Asingapore%253A20220718%253A1946976_Man%2520exploited%2520EZ-Link%2520card%2520auto%2520top-up%2520function%2520to%2520buy%2520at%2520least%2520S%2524109%252C990%2520worth%2520of%2520cigarettes%2520with%2520friends%2C100%2C23%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.doubleclick.net/	1970-01-20 04:37:04	Name: DSID Value: NO_DATA

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/launch-d80aafbf8ff2.min.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://uid.mediacorp.sg/api/scripts/meid.js?network=mediacorp, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/launch-d80aafbf8ff2.min.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://uid.mediacorp.sg/api/scripts/meid.js?network=mediacorp, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/launch-d80aafbf8ff2.min.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.cxense.com/cx.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://assets.adobedtm.com/2926360f3839/5e924aba9162/launch-d80aafbf8ff2.min.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure-sg.imrworldwide.com/v60.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://cdn.ampproject.org/rtv/012207071723000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1658221157557eeb6cb95f35bd3d01dc633148bc66305157392122f8.tmptrk.sensic.net
a.teads.tv
ad.doubleclick.net
adservice.google.com
adservice.google.de
assets.adobedtm.com
bam.nr-data.net
bcp.crwdcntrl.net
cdn-gl.imrworldwide.com
cdn.ampproject.org
cdn.brandmetrics.com
cdn.cxense.com
cdn.embed.ly
cdn.taboola.com
cm.everesttech.net
collector.brandmetrics.com
collector.effectivemeasure.net
comcluster.cxense.com
d2adcf6220ab52475f2bdd485c23788e.safeframe.googlesyndication.com
d89e089a522bc70dcd41f83fb75b135f0c2bbd3c184b8e789228b022.trk.sensic.net
detect-survey.effectivemeasure.net
dpm.demdex.net
eb2.3lift.com
fc-id.sensic.net
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
googleads.g.doubleclick.net
gw.geoedge.be
ib.adnxs.com
id.cxense.com
images.outbrainimg.com
js-agent.newrelic.com
mab.chartbeat.com
maxcdn.bootstrapcdn.com
mb.moatads.com
mcdp-nydc1.outbrain.com
mediacorp.demdex.net
mediacorp.gscontxt.net
mediacorp.sc.omtrdc.net
odb.outbrain.com
onecms-res.cloudinary.com
p1cluster.cxense.com
pagead2.googlesyndication.com
ping.chartbeat.net
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
recommend-zoom.mediacorp.sg
rt.mediacorp.sg
rumcdn.geoedge.be
sb.scorecardresearch.com
script.hotjar.com
search.spotxchange.com
secure-sg.imrworldwide.com
securepubads.g.doubleclick.net
sg-config.sensic.net
sg-ssl.effectivemeasure.net
sg2-s2s.sensic.net
snap.licdn.com
static.addtoany.com
static.chartbeat.com
static.hotjar.com
survey.effectivemeasure.net
t.effectivemeasure.net
tags.crwdcntrl.net
targeting.unrulymedia.com
tcheck.outbrainimg.com
tlx.3lift.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
uid.mediacorp.sg
vars.hotjar.com
vc.hotjar.io
websdk.appsflyer.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.todayonline.com
z.moatads.com
pagead2.googlesyndication.com
104.16.89.50
108.138.7.127
108.138.7.56
108.138.7.79
13.107.42.14
13.32.121.17
132.145.232.67
141.226.228.48
142.250.186.166
142.250.186.66
143.204.89.123
147.75.83.64
15.188.95.229
151.101.14.132
151.101.193.44
151.101.194.137
162.247.241.14
172.217.16.130
18.195.84.169
18.66.112.82
18.66.139.84
185.94.180.123
20.50.2.28
2001:4860:4802:36::178
213.19.147.43
23.35.229.56
23.35.237.151
23.35.237.86
23.75.234.137
2600:9000:206f:5800:1f:612c:5a80:93a1
2600:9000:223c:ac00:16:a1f8:76c0:93a1
2600:9000:223f:2000:b:3c99:a880:93a1
2600:9000:2240:7800:18:1fcd:351:7bc1
2600:9000:2315:d200:2:42d9:3100:93a1
2600:9000:2491:9000:4:b37b:9440:93a1
2606:4700:10::6816:47c5
2606:4700:20::681a:79b
2606:4700::6812:bcf
2620:1ec:21::14
2a00:1450:4001:802::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:812::2008
2a00:1450:4001:827::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a02:26f0:3500:11::215:14d5
2a02:26f0:3500:591::1e80
2a02:26f0:480:f::213:7edd
2a02:26f0:6c00:2bf::268b
2a04:4e42::393
2a04:4e42::714
3.127.130.1
3.214.236.239
34.207.38.202
34.241.137.254
35.158.200.114
37.252.173.62
45.60.34.167
45.60.34.205
50.17.194.216
52.16.111.17
52.17.229.209
52.208.103.128
52.212.211.89
52.214.227.32
52.28.131.180
64.202.112.31
65.9.86.94
76.223.111.18
95.101.201.170
99.80.65.197
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
02e1c4508320ee6bc6b884c4de9a0d73e541b6735fa139cbd957a27f42c72140
04ab475a46ecb35532c6f4fd2909e0306eaeae5259ec1f4b18bb545486362a85
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
095d001362b6b1f182d1c2a185989cd2ec93a1db97e6f0eae0d7c2fecccd6cf6
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
1146a24ed973a18058fe9838e3736afdfd3173f04d3f4365b46e962d57799816
11bff36661fcd1685c78ac5096a8b0fa68190a2b87e25db973e7b717dfb3807c
1209384982b6fc977216d1620663a168854f6f518aa13e3d5af698f0839d0d78
134c41b3aacfa1a4af73a78978f4d7946542b3e50e538d07fdc9d2905e8cd56f
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
158b18b3f595a5bbc9e8ea24d57a6f49654559fed9250a6ca24798e2a9a9b150
172af02b64c148c57c958208e9b33402aac5bb424d29e8648cd76f044dbfdd67
18c7487487e8507fd86e58119ac15dcb341eaf8dd2fda9b3cfb3eb8c05f59c07
1969db37a232a574e060746d7ff39501417f1ec0c29741cbd09990c35210acc9
1b2a4bc108f8c7a970ed09503c8ed59598ac96538f975ff629d8d7cec609a0e3
1d44c70e9b719bf6984e7cbaaf6027d12d05ada6ffdebd0bea9ce018b28b10e5
1da3d09f20fce15112587b50a3cbeb49b536a41dbf3853f4b5e3500bd804c7a8
1df704bcc33c12209d2a228e3b930c80cf60691055b3c8e6991813485e75d0d3
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1f61e52ba5983e0eac376d1282eac092b85a0d1360701c633f45dd008730bb11
247101fa26528fd4c0cd689187428f0f9e4be4644f75bbe0d3ae858e33c73f6e
24a517a0eb692e34e7b968f3cd77e37793b208d0118248334e449991b1f7c804
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
280bbf781a90f30d7be755c745f0767af579a8e994f68410e78f234600332480
2c6a714ea36f4ef0e86abf3c4401be564cff0cfca89893422f6441a377d8f8b8
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cb1d28cc095cd066cb9a7c7787958362f797fe4f9cbfc8ec9106cea0886f7b5
2d6fa3e68803024fe600df245c6013b53c563fb9ab62e6da5c7222d58f356b1b
2df3d0eaa75250573a25ec8944a6c51ef13f211ce4e9599821944603d6aaad4c
2f44c4c0006c2239db8defec6537b0306ed3981369008fc4711bad69fbaf15e1
3499c2bfdc525e4672c8a2d78d7fb89e7cadd4b4c84a58daf8c30f3a2c7cee59
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3ac1ad349d13ce5671690154d9b171de3f75b376e88fc1c1ced32ae18766ad27
3bd651a75b41ffd685e205862db2da8e5e758f8a34141738ec0450b60b8d861a
3e53cdd9c20fbf8ef1286890a3e762665173610c55565ce8e9a348c6f81d003c
426731bec79c213a5156e34965be4bdb8a8fd06e7e7328db86a3e7829e825d56
438da1276d1d3eda0a0ad7c3a798065015b616021e05b332c0a12c73b0d1de34
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4ca9e818583972924dee3d29186df8359d3f06f087b9a557cf5dbdb906bdc1f9
4d4cb2d8b6afe5568c994e1f22bdc34e5ac5ceda6663d7c01a75b61cd9ca474d
4d97d2be62c82acc075fd713971aac9d9118850ebc616930f1ebcda8aa315ec3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5051e0eba5218b6f445a1aa1fd666aee2aa78ffdb615700f2384ea9c17dffeb9
51e28882b6a8817aaff06015a33a6847ed36ca672998495cd8f6f5af17308c76
531fe840c062df3e041b9e1f83af4c4f8f4cfa0f8aee3fa5863140701ae570cc
53379e894b0f363126474a31bbcaece9b21ccc92995ea57b63e0767a72271971
534b55418b02bb803fa566cc6eb5a8590f8be59fedd2bebba103b532a53ac681
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
53dcf59d6b28bbaa214a2e3833ded4560a55f1753c95a84f940e57da87c771ef
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
574d9c501654d592fb31796d8269e48880618cc7d4b55d424286b50fe6b7aacc
5a6262b78afcd9bc5910c80a2f41c8694688d81832ec558c868551266b485697
5d395f1d7b9526373af1bd107d3d973b17eb1be00fc9c67e5e6237aeabf4e60c
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f91f4a72819f428a65bb0c304a00fbe91b256461e4e76371e775ccae23fb46f
5ffbfed98f361c1cd8962b5535ec923624cb1d4af74fe41862ecf78c9bff878a
602a1df9745f36d45e821a29e4d7ea41660e9ef057016aa7bef44a2d8d18490c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
625493faffb5d44848c42066a1d349f14937feeb11cc0a4fd189a9d13fec23e0
63793d0dda6a57cfdf005435a1cbda2052aa34df8fbc277806d2449a5e69908c
63c6f48702c1f320e0e7057da1e5b1b784d7acc77f9b7cc0dc5438c3c5dee11b
655f4b3f263bef7104a61027baee673ec2c0fd13a6a39626c52e96a0bc7759c8
660e00972be81adf871fae54ab5b5e76e45ca79de8c8c3ff8b456153bcca38af
6a360fdf5b5a2044df05234ea747f94c48ec95ab33c45c9248dfe8de0cff71ee
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cd077bfe3fc8ee797564a79eb7f424225f767bd8f1f2b219554c9a50e3d3f6c
6ddb6136a28672c71f25498d8c3520831eebefdca7066c8285a9ecddbdb76b4d
6f225156d4b0bb9d797db670ed5117d03c930e7bc999bac0857ada000d1f8d8c
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
717465b056200a9b0317e6f7b8803ed1dc674f35f7aeeba603b6578d917616cf
72e0243171689efe02180f41d8bd813bb9d64f59cb1df14438a37e982ddd6c4f
78c7121a3c3b47ae25e0655fc129ce475d61ba2d455098598f07b766bb86ee77
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a0da58f01d2998a2a6424b1450af44176ea7a8f87f29ef62bb17b0eb4eea017
7b415c864006c59b5c2db54ecc2ceb6b06a06820801f05ad7560f55d14ad6674
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
7f2545c233289dd2cbb8564a2269d9f486ef0466608c137f8b5a81cb1bae7fc6
7f85cfefb331522c43705c0899c3664e4f8c6e7c54878a9bd5ee8521ca79133d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81cd505b2518b20084e6078c23b007f6ad8901962e571745d2ef5009fb931f9c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8883f88fe90241bc3578f84ca69c37286eb15f6b1526dd704907566b5f4bc72d
895704d6353fff2f354d763d35ef58adac327a2dcdf24e8f0c55dcf629f94825
89924184310a24e8dbf280e33abb84306b86beb5f55e4dcf9d4ce71f0cf3ed67
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
8acbfa7a9755166293bb6a0d575934b48b63d2c47d884eed384a1feef0e23fb0
8db34f1434895d416ea5e7d15da496246297f5703c697725ea7b2326aaf66b3b
8dc96803cb0fafdcf62a1c4d7c2d3b15f30fd4347efa538baf71d3a8fa81cf7e
90522e514d855ed21b6ee0407461445cc6b8b64ff2337a20f073d7e965a98204
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
93b62139f9bf264126797cc02d20bc33ce83b8a4c1007273f942af25154c2c79
95edd6c75869dee5f0fb2e756ee6400aee8e60369310df96d36ed3ffc1c9d5d5
983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9eada8eb086ca79994b8808f245ff8d88b5fff16bbafcd214cd6f4031aa4b043
9f852190a2a23546002fe6c40588d4266e54daa99eb78838b0c8674309d2fe7b
a0c5bac5cf275b84834e3c69fb63d20aa9595d23ae47c53ac3ab96b7d5271ee4
a176b44662d7eb55562527b7df840e6eb620d9f326989674a16f0765dc94f360
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a46edca35b4a1ecdb0eb5f7d788c1d0a86422e6bf4c05e48797c4c3e5b0bb22b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c5fcbd491e7805187e12fa8c501fa18d9bb082adca93d845e392bd27b50870
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa309188206dc6a8fac3f2864b399e3fa9136e36d2ddc15fef88a555caa8dbdc
aa497572a264f0a35be76178b2ef71de981199be53af1c4608d592947f5c2e97
ac78f9999d81c54ef439fa5284220e879992f9e068c6c5becf3c91e10dc25562
ae8f1018f77b768854b8f57809073f1ab770184aeddfc44370db3a95da928a53
afeadc6a0bfe9515ceb03ce3b56013ac0896a82ee240a3d5e832c4371dd13e92
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b646e7ffbc66071e42f1027eadcc593772e9728738516f4bb79d1b3c9c137eb7
b7d7caf50c23051364ed90b3110d1cde35c50dac1fd062788e5558abeb7ca200
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc55ea549cdabf29bceef5a88e7e54f21557c2787f4fd7e84329e7a37f430f2b
bd82c3dd37ea461599d649dbff95c3502132bed1666cbcadb60c02e723d14f93
be1c4031c965bdf06827008cc018d79cbed689468cd9be0e6810a56a5f6617d7
bf623aace6c55e4a13f1c03cb7846798e95eba441c53feb74666e670e876396c
c1450f6a0cf9a955960ff9d3dcec301c0da3d62e11cb35ec405a01c82e0e8d4c
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc
c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1
c91795952804df9c91bc061fda902fa225074a16b7b86c67445b7929e4d5b1c3
ca6da40c879f18b1b2d4ad41ab8198794ee591c34b1fd5ec111a02e7efc15c11
cb0e3a3834516f58d9dfb32eeaf9cbc1c22f404e13a17fa87a857e99c88fce61
cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4127c5a17711e40b25d5aab358df83a3be14c7d43cb4cb4589f47b059867aae
d8bc402f0b0bd629a68cfe0318d54d195a08f189ed97e823bec7ade045717a68
dac27ac536b21718eee94700729c6bfe7a409302a54984670adde9f360d29737
e35796493f977523161a6a88ad31128de3d1268aa0d0c55b202c50f5e95f043b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf266c920ef8297bf135324d4c6232d117d1eb849a082850b8d0520c1966c2e
eca5abffe67effc75ac2afa5671d0336c1311a9e019a29bc6ebc77760ed0e070
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee61bc45d64f7b9e7395cff9e4d1192f262dba55243dbb1916e5476a3ccf4c01
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d96872360daacc0a24f615db9fe3eb040631c63614d91ed0db1bfecd583b9c
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f2ac2a9da89e49d0b5bb4e13ffb57275d3b384eb9795e0ab9eabe84ab1b091bc
f4d3eafaf26912ddf3fcbda012c6ab84ee03420313f73324e14edf73382766cf
f51f0289293baeaee45416a7f1041c8478131ed7ec5a5f0ca1aae380eae80a15
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9d415e9ad97002940ffe73de82385314a9048bfb01fde96a73fa1026065cf9d
fa4ea8e54139dd16f73e5a3aca1e036ae5699fd2a2da1fe7bb6c5b59caca7674
fa7d9bd2cb33c921b9344cccd91566456718083452bb63176be14d5c4357b2d3
fa99a8be2193125b48a77b68354d7664174c04c3986b7374dbaad667ad3c9cf9
fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f
fb7083b104ad7bc9261064ea00804840bb42ba5c98aa391f962cab4ab2787fc6
fe7bd8cacf9680625b7da9649a92bee8ab705909190040bad2396b2d6ca9436e
febd2fb1df5cbaa2dcae820d77d7c2f7725d70587954eae847fe7851dfe7db5b

www.todayonline.com Open in urlscan Pro 23.75.234.137 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

197 Requests

95 %HTTPS

37 %IPv6

47 Domains

86 Subdomains

75 IPs

6 Countries

3115 kBTransfer

7268 kBSize

72 Cookies

6 Outgoing links

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.todayonline.com Open in urlscan Pro
23.75.234.137 Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

95 %
HTTPS

37 %
IPv6

47
Domains

86
Subdomains

75
IPs

6
Countries

3115 kB
Transfer

7268 kB
Size

72
Cookies

197 HTTP transactions
2 data transactions