www.philstar.com Open in urlscan Pro
184.95.61.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.silobreaker.com/e2t/tc/VVxHVd7tj0GZW2y9nkp8ksYxZW8XrjSc4r4MC8MhPPSr2-HwrV1-WJV7CgQrxW6R1FRm8KLPtZW5xZC4s5S2X6FVG...
Effective URL:
https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hse...
Submission: On May 02 via api (May 2nd 2021, 11:18:56 am UTC) from DE

Summary HTTP 375 Redirects Links 52 Behaviour Indicators

Summary

This website contacted 74 IPs in 8 countries across 52 domains to perform 375 HTTP transactions. The main IP is 184.95.61.50, located in United States and belongs to SSASN2, US. The main domain is www.philstar.com.
TLS certificate: Issued by SSL.com RSA SSL subCA on January 10th 2020. Valid for: 2 years.

This is the only time www.philstar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.254 199.60.103.254	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
34	184.95.61.50 184.95.61.50	20454 (SSASN2) (SSASN2)
5	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20c... 2600:9000:20c8:a000:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:d941	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.40.187.26 104.40.187.26	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	104.126.37.49 104.126.37.49	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2 8	13.224.106.54 13.224.106.54	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:287::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a03:2880:f05... 2a03:2880:f050:f:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
22	2606:4700:10:... 2606:4700:10::6816:3da8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
13	2606:2800:233... 2606:2800:233:9de:380:d6:22cb:12e3	15133 (EDGECAST) (EDGECAST)
1	2600:9000:210... 2600:9000:2104:d200:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:210... 2600:9000:2104:8600:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2606:4700:10:... 2606:4700:10::ac43:1695	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.59.220.199 185.59.220.199	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:804::2001	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	70.42.32.31 70.42.32.31	13789 (INTERNAP-...) (INTERNAP-BLK3)
4	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82a::200d	15169 (GOOGLE) (GOOGLE)
3	2600:9000:20c... 2600:9000:20c8:ca00:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c02::9a	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f15... 2a03:2880:f150:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
15	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:46e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
3	3.208.237.232 3.208.237.232	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	65.9.84.38 65.9.84.38	16509 (AMAZON-02) (AMAZON-02)
3	184.30.21.51 184.30.21.51	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:e8a... 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4	14618 (AMAZON-AES) (AMAZON-AES)
5	64.74.236.63 64.74.236.63	19024 (INTERNAP-...) (INTERNAP-BLK5)
2	151.101.13.194 151.101.13.194	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
6	40.79.44.59 40.79.44.59	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2ab::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	54.89.48.101 54.89.48.101	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:6c0... 2a02:26f0:6c00:191::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.96.69.62 34.96.69.62	15169 (GOOGLE) (GOOGLE)
7	2600:9000:214... 2600:9000:214f:6000:1d:47ad:2280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:4700::68... 2606:4700::6812:c6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
8	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:303... 2606:4700:3030::6815:2045	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.6.252 37.157.6.252	198622 (ADFORM) (ADFORM)
1	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
2	3.127.73.204 3.127.73.204	16509 (AMAZON-02) (AMAZON-02)
2	185.86.138.121 185.86.138.121	201081 (SMARTADSE...) (SMARTADSERVER)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	69.16.175.42 69.16.175.42	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
1	3.210.126.214 3.210.126.214	14618 (AMAZON-AES) (AMAZON-AES)
375	74

2 199.60.103.254 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.silobreaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 184.95.61.50 (United States)

ASN20454 (SSASN2, US)

www.philstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:a000:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d941 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.40.187.26 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

zdwidget3-bs.sphereup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.126.37.49 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

media.philstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.224.106.54 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-54.mad50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:287::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f050:f:face:b00c:0:3 (Hamburg, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

rec.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:10::6816:3da8 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.vuukle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.vuukle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.vuukle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:2800:233:9de:380:d6:22cb:12e3 (United States)

ASN15133 (EDGECAST, US)

60a6ae725fca.bitsngo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:d200:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:19a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:8600:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:1695 (United States)

ASN13335 (CLOUDFLARENET, US)

publish.vuukle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.vuukle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.vuukle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.199 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)

3c737d6f5a7d38bc7f689be660bd9ec1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20c8:ca00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f150:82:face:b00c:0:25de (Hamburg, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:46e9 (United States)

ASN13335 (CLOUDFLARENET, US)

get.geojs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.208.237.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-237-232.compute-1.amazonaws.com

adsuite.adsparc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:bb90 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

play.vidcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 65.9.84.38 (United States)

ASN16509 (AMAZON-02, US)

adsparc.bbvms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.74.236.63 (United States)

ASN19024 (INTERNAP-BLK5, US)

mcdp-chidc2.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 40.79.44.59 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prod-sb-appanalytics-us1.servicebus.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.89.48.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:191::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.69.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.bidder.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:214f:6000:1d:47ad:2280:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.bluebillywig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:c6b (United States)

ASN13335 (CLOUDFLARENET, US)

adgebra.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:2045 (United States)

ASN13335 (CLOUDFLARENET, US)

static.amp.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.73.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)

cdn.vidcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ba1ac50216168ee8aefb4809e381c37f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
44e81175b4c73a1e0ed4a1744e218e4e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bdf9d2fa9a03277f369eabf1dbe621f4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.126.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

sps.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	philstar.com www.philstar.com media.philstar.com	382 KB
36	googlesyndication.com 3c737d6f5a7d38bc7f689be660bd9ec1.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com ba1ac50216168ee8aefb4809e381c37f.safeframe.googlesyndication.com 44e81175b4c73a1e0ed4a1744e218e4e.safeframe.googlesyndication.com bdf9d2fa9a03277f369eabf1dbe621f4.safeframe.googlesyndication.com	952 KB
36	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	498 KB
25	vuukle.com cdn.vuukle.com publish.vuukle.com api.vuukle.com image.vuukle.com	466 KB
20	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-chidc2.outbrain.com mv.outbrain.com	153 KB
20	google.com 3 redirects apis.google.com adservice.google.com accounts.google.com www.google.com	337 KB
15	ampproject.org cdn.ampproject.org	322 KB
14	googletagservices.com www.googletagservices.com	434 KB
13	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	246 KB
13	bitsngo.net 60a6ae725fca.bitsngo.net	229 KB
12	teads.tv a.teads.tv s8t.teads.tv t.teads.tv	136 KB
9	bbvms.com adsparc.bbvms.com	152 KB
8	scorecardresearch.com 2 redirects sb.scorecardresearch.com	6 KB
7	bluebillywig.com cdn.bluebillywig.com	939 KB
7	gstatic.com fonts.gstatic.com ssl.gstatic.com	131 KB
6	windows.net prod-sb-appanalytics-us1.servicebus.windows.net	933 B
5	google.de adservice.google.de www.google.de	829 B
5	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com platform-cdn.sharethis.com	36 KB
4	adgebra.co.in adgebra.co.in	7 KB
4	aniview.com player.aniview.com track1.aniview.com go1.aniview.com Failed	105 KB
4	vidcrunch.com play.vidcrunch.com cdn.vidcrunch.com	70 KB
4	googleapis.com fonts.googleapis.com	2 KB
4	facebook.net connect.facebook.net	160 KB
4	sphereup.com zdwidget3-bs.sphereup.com	17 KB
3	jsdelivr.net cdn.jsdelivr.net	111 KB
3	adsparc.net adsuite.adsparc.net	6 KB
3	facebook.com www.facebook.com	103 B
3	cloudflare.com cdnjs.cloudflare.com	41 KB
3	cheqzone.com ob.cheqzone.com obs.cheqzone.com	23 KB
2	smartadserver.com prg.smartadserver.com	648 B
2	360yield.com ice.360yield.com	1 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net	47 KB
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	47 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	izooto.com cdn.izooto.com	42 KB
2	silobreaker.com 1 redirects info.silobreaker.com	4 KB
1	springserve.com sps.springserve.com	403 B
1	2mdn.net s0.2mdn.net	115 KB
1	google.nl adservice.google.nl	799 B
1	pubmatic.com hbopenbid.pubmatic.com	117 B
1	adnxs.com ib.adnxs.com	1 KB
1	adform.net adx.adform.net	548 B
1	amp.services static.amp.services	1 KB
1	fbcdn.net scontent.xx.fbcdn.net	17 B
1	bidder.dev cdn.bidder.dev	119 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	5 KB
1	geojs.io get.geojs.io	1 KB
1	consensu.org c.sharethis.mgr.consensu.org l.sharethis.mgr.consensu.org Failed	1 KB
1	smartlook.com rec.smartlook.com	8 KB
0	googleadservices.com Failed partner.googleadservices.com Failed
0	leya.tech Failed analytics.leya.tech Failed
0	openx.net Failed adsparc-d.openx.net Failed
375	52

	Domain	Requested by
34	www.philstar.com	info.silobreaker.com www.philstar.com
32	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.philstar.com info.silobreaker.com adsuite.adsparc.net
26	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.philstar.com cdn.ampproject.org
15	cdn.ampproject.org	securepubads.g.doubleclick.net
14	www.googletagservices.com	www.philstar.com securepubads.g.doubleclick.net a.teads.tv pagead2.googlesyndication.com
13	60a6ae725fca.bitsngo.net	zdwidget3-bs.sphereup.com confiant-integrations.global.ssl.fastly.net
12	image.vuukle.com	www.philstar.com
12	media.philstar.com	www.philstar.com
10	widgets.outbrain.com	www.philstar.com widgets.outbrain.com
9	images.outbrainimg.com	www.philstar.com
9	adsparc.bbvms.com	securepubads.g.doubleclick.net adsparc.bbvms.com cdn.bluebillywig.com confiant-integrations.global.ssl.fastly.net www.philstar.com
8	t.teads.tv	www.philstar.com
8	www.google.com	3 redirects www.philstar.com securepubads.g.doubleclick.net
8	cdn.vuukle.com	www.philstar.com cdn.vuukle.com info.silobreaker.com
8	sb.scorecardresearch.com	2 redirects www.philstar.com widgets.outbrain.com
7	cdn.bluebillywig.com	adsparc.bbvms.com confiant-integrations.global.ssl.fastly.net www.philstar.com cdn.bluebillywig.com
6	prod-sb-appanalytics-us1.servicebus.windows.net	www.philstar.com
6	pagead2.googlesyndication.com	www.philstar.com www.googletagservices.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
6	fonts.gstatic.com	www.philstar.com fonts.googleapis.com
5	mcdp-chidc2.outbrain.com	widgets.outbrain.com
5	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	apis.google.com	www.philstar.com apis.google.com
4	adgebra.co.in	info.silobreaker.com adgebra.co.in
4	api.vuukle.com	cdn.vuukle.com
4	fonts.googleapis.com	securepubads.g.doubleclick.net zdwidget3-bs.sphereup.com
4	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	connect.facebook.net	www.philstar.com connect.facebook.net
4	zdwidget3-bs.sphereup.com	www.philstar.com
3	cdn.vidcrunch.com	www.philstar.com
3	cdn.jsdelivr.net	cdn.bidder.dev cdn.bluebillywig.com
3	googleads.g.doubleclick.net	www.philstar.com pagead2.googlesyndication.com
3	a.teads.tv	securepubads.g.doubleclick.net s8t.teads.tv
3	adsuite.adsparc.net	info.silobreaker.com www.philstar.com
3	www.facebook.com	www.philstar.com connect.facebook.net
3	platform-cdn.sharethis.com	www.philstar.com
3	odb.outbrain.com	widgets.outbrain.com
3	log.outbrainimg.com	widgets.outbrain.com
3	cdnjs.cloudflare.com	zdwidget3-bs.sphereup.com confiant-integrations.global.ssl.fastly.net
2	prg.smartadserver.com	cdn.jsdelivr.net
2	ice.360yield.com	cdn.jsdelivr.net
2	track1.aniview.com	www.philstar.com
2	player.aniview.com	play.vidcrunch.com player.aniview.com
2	confiant-integrations.global.ssl.fastly.net	cdn.vuukle.com confiant-integrations.global.ssl.fastly.net
2	obs.cheqzone.com	ob.cheqzone.com www.philstar.com
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	www.google-analytics.com	www.philstar.com www.google-analytics.com
2	cdn.izooto.com	www.philstar.com cdn.izooto.com
2	info.silobreaker.com	1 redirects
1	sps.springserve.com	www.philstar.com
1	s0.2mdn.net	confiant-integrations.global.ssl.fastly.net
1	bdf9d2fa9a03277f369eabf1dbe621f4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	44e81175b4c73a1e0ed4a1744e218e4e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ba1ac50216168ee8aefb4809e381c37f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	hbopenbid.pubmatic.com	cdn.jsdelivr.net
1	ib.adnxs.com	cdn.jsdelivr.net
1	adx.adform.net	cdn.jsdelivr.net
1	static.amp.services	cdn.jsdelivr.net
1	scontent.xx.fbcdn.net	www.philstar.com
1	cdn.bidder.dev	adsuite.adsparc.net
1	s8t.teads.tv	a.teads.tv
1	mv.outbrain.com	widgets.outbrain.com
1	maxcdn.bootstrapcdn.com	www.philstar.com
1	ssl.gstatic.com	accounts.google.com
1	play.vidcrunch.com	securepubads.g.doubleclick.net
1	get.geojs.io	cdn.vuukle.com
1	www.google.de	www.philstar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	3c737d6f5a7d38bc7f689be660bd9ec1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ob.cheqzone.com	widgets.outbrain.com
1	publish.vuukle.com	cdn.vuukle.com
1	widget-pixels.outbrain.com	www.philstar.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	c.go-mpulse.net	s.go-mpulse.net
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	rec.smartlook.com	www.philstar.com
1	s.go-mpulse.net	www.philstar.com
1	platform-api.sharethis.com	www.philstar.com
0	partner.googleadservices.com Failed	pagead2.googlesyndication.com
0	analytics.leya.tech Failed	cdn.bidder.dev
0	go1.aniview.com Failed	player.aniview.com
0	adsparc-d.openx.net Failed	cdn.jsdelivr.net
0	l.sharethis.mgr.consensu.org Failed	www.philstar.com
375	84

This site contains links to these domains. Also see Links.

Domain
interaksyon.philstar.com
twitter.com
www.instagram.com
www.youtube.com
www.facebook.com
community.turgensec.com
www.breaches.uk
restofworld.org
www.outbrain.com
zonnepaneelofferte.nl
www.inpixio.com
www.farandwide.com
www.searchist39.com
vuukle.com
www.volvocars.com
www.adsparc.com

Subject Issuer	Validity	Valid
info.silobreaker.com Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
*.philstar.com SSL.com RSA SSL subCA	`2020-01-10` - `2022-01-10`	2 years	crt.sh
*.apis.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-14` - `2021-08-14`	a year	crt.sh
*.sphereup.com Go Daddy Secure Certificate Authority - G2	`2020-10-09` - `2021-11-10`	a year	crt.sh
media.philstar.com R3	`2021-03-29` - `2021-06-27`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
1610534878.rsc.cdn77.org R3	`2021-04-20` - `2021-07-19`	3 months	crt.sh
*.raynw.net DigiCert SHA2 Secure Server CA	`2020-07-28` - `2022-08-05`	2 years	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
ob.cheqzone.com R3	`2021-04-07` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.adsparc.net Amazon	`2020-12-07` - `2022-01-05`	a year	crt.sh
wl.aniview.com R3	`2021-03-11` - `2021-06-09`	3 months	crt.sh
bbvms.com Amazon	`2020-09-22` - `2021-10-22`	a year	crt.sh
teads.tv R3	`2021-02-18` - `2021-05-19`	3 months	crt.sh
obs.cheqzone.com R3	`2021-04-15` - `2021-07-14`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
servicebus.windows.net Microsoft Azure TLS Issuing CA 01	`2021-04-21` - `2022-04-16`	a year	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
cdn.bidder.dev GTS CA 1D4	`2021-05-01` - `2021-07-30`	3 months	crt.sh
*.bluebillywig.com Amazon	`2020-06-08` - `2021-07-08`	a year	crt.sh
www.adgebra.co.in Go Daddy Secure Certificate Authority - G2	`2019-12-26` - `2022-01-07`	2 years	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-26` - `2022-03-26`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.vidcrunch.com Go Daddy Secure Certificate Authority - G2	`2021-04-21` - `2022-03-27`	a year	crt.sh
*.google.nl GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sps.springserve.com Sectigo RSA Domain Validation Secure Server CA	`2019-12-12` - `2021-12-11`	2 years	crt.sh

This page contains 27 frames:

Primary Page: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Frame ID: D04DC9F8DCCE7ED33E315ECFB399768D
Requests: 189 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/XE2HG-7JMB7-G8PK7-FGR8K-V397H
Frame ID: 8CB011BDF3007A9891B2FF6F4F7FB11F
Requests: 2 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 6CDB53549913DAB4BB0BA807304FEEB0
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 8F37466B62D0498A6CB642AECB797CEA
Requests: 2 HTTP requests in this frame

Frame: https://cdn.vuukle.com/widgets/index.html?amp=false&apiKey=75f932c6-b01d-490e-bae9-2a145b13e07d&host=philstar.com&articleId=2095356&globalLang=en&img=https%3A%2F%2Fmedia.philstar.com%2Fphotos%2F2021%2F05%2F02%2Fjose-calida-solicitor-general2018-05-1518-46-41_2021-05-02_16-12-32.jpg&lang=en&title=DOJ%3A%20Solgen%27s%20office%20looking%20into%20reported%20data%20breach&url=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk%26_hsmi%3D88974744&emotesEnabled=true&d=false&l_d=false&totWideImg=false&link=https%3A%2F%2F%5Burl%5D&hideArticles=false&maxChars=3000&gr=false&hideCommentBox=false&hideCommentBoxWithButton=false&hideCommentsWidget=false&wpSync=false&isCustomText=false
Frame ID: 8686EB4CB1AF0CB960F147CD4AEC063A
Requests: 15 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 29A6763A60EC6FC57DE9DB4B79216904
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 665A82C1794306A21CE5D91CDEB617E8
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 161246640EB460EC198AC5336C31418B
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: D65070AFEE7AA9E4D305A9089B5168DB
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0KZUvah_ieoRbQiTJSp_rEjxgcRzqSvBcwlussb8ui5Pb1cIx7GeJBY0ejmPBXWHUZeKSLzDf0YK50RBXTohLJ-aobJSWwBFha0jf4UskJFJHrCN8QWtODT6LfkwIkFcHDa5x41o9_SGIObTtci5WZgXIt9Y9WUxHHiSvd87Ng59sIq6T8nCBL6E7BhQ9RcIfSZLM_MfcS3xi8G-M80_KuI6Py1Eqip-jJ0eE0t6SYbdHsQPg70s463RY1Z300-mTPONwCDPM6ipV82VbBvKh6D8aeH7MnL3-NkXeFCcxMejI090lflMecCxy&sig=Cg0ArKJSzEDkl9tnusVoEAE&adurl=
Frame ID: D3F57E833A456AA171740525B70D5F71
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstw_vkJw-HfNnitEQQ2LTqtmTImkN_x_CwEvn0GyaMbFH_KrE-cl0QzNIiuDfBV5jLgQXBpb2wLz5ImcSyMcIFVcnW0g6ijTSkvNbNnp0o4v2xSFVPTg2x0PSuax4_fn9ejq8tZaoGbTOVSzcwC-95FE6FTOeS8_OG3oERk0YxfMZDhKu_MJf_xG3N9YKQnft3_K7XlzqYjR4PW_Ms_BXJrY9ilfmPwjRsktwthteaXItu_7dI8WYTakY0b1YqiQDNyUwJwj-tMaP-UysMTztfjJ-Hc12ykNtFDKa9DDZiYSTU9TJxCKEIyHDLaTw&sig=Cg0ArKJSzBgL_kA6RuLSEAE&adurl=
Frame ID: BCDFC6CB147F384E14A192F10AF627D4
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPEp5_eB5RDjKIJFCGLbgp0C8_oTrU8-edCj2s36vYW5g-_Crqci8DTv1r_L-Joax80ckTZjtjTtIcWAMBhmmCdRB4xiEPOnGissLChVk87O4BmeWsyeOIDbWe8PVmu_ckEENC1WYSD5ZeyU128rQ0b0P7ENhaUDiQ2ZyxmcqvMBEI_cmnPiKLsg4XEuhD1i_ZLTEHoOwi2lxSnVDgczVB7pdCZms_c_ku8w8x9rFutBqybOjJ54DRsVutKzH3E1zlHyu9ZqrUoW45cfuEybtwlRxyILkOAoWkANxFJl4cfVMRbDEH4mAqUajRZqH4KsXXqTVxeje5q__zfGIvP6lD0FYnI2HrcJ_iYhDGv3Kp0k7WZ_y_Ew&sig=Cg0ArKJSzFNJF6gcE9gKEAE&urlfix=1&adurl=
Frame ID: 8B8525922CDD579374BB6608B82A7E0B
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWl4pjdCrE4-jCH70415cYmb0_d6dCA98co6PZ-9AWCCNDqGyTTxwlk2MnjtaCZNU0ApEspupUSPshTdih_PCAhj06OE2bkiq_1lF1-CDUTLiMXGuK_5Sz8FaxAbcuqxRHhoBM_xptCiac32R9rpiMqdZR9FhewG0QAULnJ76-gSdTn0UCOQdYievNLiMk3XVVwNvxUeLZidxtYu3ojsz5pYTbMfvZhWz1x8JOvQygIvRfJSRTl8DPKVZGRul6liwYvVZsEzkojDCctjSkubHuNGv4vMsLZMYZPpV8rCTkmMR8VbfOoclgGMN87wRN5KoSuuYTV8c4QIehAyRlKev_ZxHhZg&sig=Cg0ArKJSzE2RMoCaLwtdEAE&urlfix=1&adurl=
Frame ID: EA81FEF80BC5723E40387AAD1CD05E36
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKHITE3qFZ03WHU0YXjwRug7wSdfj1nLn-bNqD2baWoDHyqjvr3Rag7LyRRKB4AACjsKfX9uwYpi8ihAJzzdDEphwki2bRZwg8KciqjZOSbDs_pCzZjvWumovHKSHJLrChmXOaNrv_cJxdtTrrKyQ3cMhgsLjd68FZVMYlhb3IZndKEZbpxW9A_BM7jbCFZ8yZynKvMzgZWmPCVLsaymPifDOXybBbibnkZGDf34bRYqOfKJNKR1R_aEd5wwOtm-NFwyyYfjYWb_9HkuQXuBFI-hRzSUp592F6nXGDMS8XVvZfAiahfsKFGJ31KKAC9QbdnHfsUF0o2wlThN__q4w1OglTR8vhVaf0HM9uHzkYRbSzsTYq2LXS&sig=Cg0ArKJSzPe3FEc667ulEAE&urlfix=1&adurl=
Frame ID: 0A230AD0381BBED6341A75786D1F6120
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOPeV6lcVI0aEl4LZ36gFRT1UW6ZfAvQtc09IIzEQBrOjMGJFYI8bZQHpkb4fV_4WXwOF7Cy6Ja6subO6oDVOsI1xU4dkPvgUDMcB9TAAjnCRcG6emgiBlrlmjRVDkHvAOibTgjH0QMuq2iQGM1NM08V6tiN2HshYgHVopW9QsECSn2i2kjye8rzUmDCNYUhbZdUA-S2yExMoZtO7jzVdidDycX1gX6bc-X4zaQoCuB26ZU89sIZ5AFfh1Kgz9KdZNLXtCLOUGRGxT4-rFBTK3UFY7DDTTlsIKsQY9MI0yD-MxWuGgA2xOTJItPm_gXP_P5NnQQRjLvwlLkA&sig=Cg0ArKJSzFjJ5uSrgnh9EAE&urlfix=1&adurl=
Frame ID: A64B5406CC2D8E432CC6059C24756FF9
Requests: 5 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: E427DAF7578FE579F0B27E8BB6EB8446
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: D5FF0F65217DE4D7BD0A2F94C482B5B6
Requests: 20 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d0a162d28a06106f038a1c1
Frame ID: 8E70BD70B212220C601070AC4DAF741D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYXlWOPpzrNol_h7ldN35n38vIEbet6mIt7WTnc1YdCZdlamxn9yJ_qEob49pIhsb69iL0045PjSyg9Q7NVD4Bu2ECc1N1lSqVFRRNlmuSa7vtzJJjuu29zHVKaBwpMqWOxKYhn1PH6tmV2oxvqCIifpjiPUYg_0lzLBQBfJUHiLycNqDLBffAf4GCgcJYGpgDwbg2hm-zxUpjpHKQaaSmSqCTa7hsEcg0u7jMV2BiYMJ8OKuUR2WXeshPhjhuYlHbFD6-h4OH5R-xF1qdGOGVwLnQr4lCuRu3svCcRQSANZQes4Qd-34JxU29WetJL8L89w&sai=AMfl-YQ9bB0JQEMkVNcJ3GIkQ1ahYukSdoUVaAcE-LnJdgZj7d2E6cx38mdmMxxRR5IJW5Z22eUXOrtfpee-9u3GZMIQwzWqHTJtMmPXsfzoZYKEiuj0kYTZDxGDyfHmbsvp&sig=Cg0ArKJSzJzvePKlHQ4eEAE&urlfix=1&adurl=
Frame ID: 89188DA463FF492D3D90CEB680C2BA5F
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2uF71Gqxce68-Uca3b_lvEcTaOBd2_fcDid6lXQ8qf-_tSpH0ZvLlo4YfJZgLw10-4T3WyZ58L15GqC_cQu9Ws6c9vsKLPmo1mVdUYPfXCeE2tvSzPh3ohgPXxebzAH_TFG3Il39mL0gLYLHdDNi6N8cOuTQAitYPnKSSu1v1ZEq_oCyUa6gH9A3YoMen0Pw5yhy6S9QBV6mhJia0d1HG1-EpAUGZkTWLqSXD_bv1xO5TaWte92lYjV1qWHQ7ez4Bw3IbTmUDK20o6_yyMDgVr5fWQ2Rvl0PY08Oviq2gyprN21b1gHvNXG-PVssnd5s8LbVA&sai=AMfl-YSLN3EQD1cv8v_drSJXX2N-GyT0nxX-cDt4bRJVVc20bBPmS4vU_YDmn9cMqGWFK3nOj3txsHDFsa09avbERrnKJ9FHM38gbBHgByd78sP9OwQfxv3osyK1I18l33c&sig=Cg0ArKJSzGoxuk6xKqxTEAE&urlfix=1&adurl=
Frame ID: 25A4DECCE013DAD02AAEBC532A894A9D
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: F4413197650C896549A53F7A07B15CF6
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 3F5358FAB5A3E75447492448C18C0CB7
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcNa2qe2eu9OYNjfeZkhsRYWq2vaUha8B4hbyiqFsFM0ypx1CwvVB2hQS0thsQ2aI4RIp8S7HpjSafeXzQGHnKmz0M7j3uuMHcHC9Pb3lCx_joZK-hTz0uP8YOUssEzlMPv6R-WxXTQ55TS3fbGcYa4QY1eGkUaqbgPhsBvGAbFEVPx3yODQ56yhyrbKjrNZf7bNxFWQYP3-QG90I-Uz0TyIipc_3iBzEWm1yTpnLcxvvJQRY5QMyEV0-G7-8qFgUW8ricH_xTTw2vvUFkLwzpoy-UYmoZPhVppkJJZxb-IdcsNwKi1YFBWGHiVA&sig=Cg0ArKJSzNFQNtKFoP1hEAE&urlfix=1&adurl=
Frame ID: 4FBFD82C87F3DF2620F4305D620D3615
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html
Frame ID: 62700A14A9108CA3E010C69E3FB53219
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBJ2iGqLtjnCtUoDI2IVnVTcSB5TEu5Lkee9kuVl23KXMenur7KbCEbdXt4tix_ToPjgCK7XnPdLLiJq-SbhWDxDhosGK_8u5WM9412lf92ejcNG0fGgSrRFqhWL8KmWe-8jCHEfezZbgqTUM4pyGU5DcsqHSM_rcfnfwIVRBOKJq-48o01LMi2hMDCnBPx8vYvoTfcQH71LZwD-ivlvv8qgrlTSRPjXKhjD6c92NLuPFIkSZVAPQ-epqAlNw9z-B9v7CL9SjFkpYWzPUis7n8GHNdJHwnzhcrQPBZe636pf8J_9a2vu0Zrg54roA0hxLVhYIea9Q&sig=Cg0ArKJSzO_UhrIL3TpdEAE&urlfix=1&adurl=
Frame ID: 772730DB8F6974CA042756412F938948
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzemPB8LP4ghz1ThBfZFtatApK0ehXGomcfb4RfbLvPxGZeIIVzIvJ-dN1PiYK-sCLlvb_Q6CDXbWfK7qYrtXlZV6xg3qnR1ffXjOsfYidIIDsmYpEWi5_vazlGVBeMlWgziDZ55KojwwxFVV7Ip6TF3KlehhchKTAe_vihDPs5VGH8yZvTPWEKIHJZmSYO6b7ut7Z3ekD_EcTzBYEbtQ6Qs85kMi3Oiizg3LZt-6MNtqLOeVEbw6x-fbuhDmjZm6nSYsyHGpNN0LS7RbzwJPBKFdFb1YZNkzJ5msudaaI5EELPMzCXegZ1WXkGLtBEsXBvsJOR_A&sig=Cg0ArKJSzE72kR1f7GbREAE&urlfix=1&adurl=
Frame ID: F43A2AD2469DD2C5028B0CF19386E7C1
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1066013786354051&output=html&h=100&slotname=1356953082&adk=2886824444&adf=3171382013&pi=t.ma~as.1356953082&w=320&psa=0&format=320x100&url=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619954329890&bpp=79&bdt=1807&idt=1107&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3D192432892bf58148%3AT%3D1619954322%3AS%3DALNI_Mb6lyorKR2ZuAIXmpHb1A903S497A&correlator=5450944782288&frm=23&ife=4&pv=2&ga_vid=1474717677.1619954331&ga_sid=1619954331&ga_hid=714256879&ga_fc=0&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=640&ady=1200&biw=1600&bih=1200&isw=320&ish=100&ifk=3817122160&scr_x=0&scr_y=0&eid=44739537&oid=3&pvsid=454035454307894&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.22ffrttb4h5k&fsb=1&dtd=1201
Frame ID: 7BC945A95F09BD09A299F4E53CC0C96B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.silobreaker.com/e2t/tc/VVxHVd7tj0GZW2y9nkp8ksYxZW8XrjSc4r4MC8MhPPSr2-HwrV1-WJV7CgQrxW6R1FRm8... Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VVxHVd7tj0GZW2y9nkp8ksYxZW8XrjSc4r4MC8MhPPSr2-HwrV... HTTP 307
https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

375
Requests

95 %
HTTPS

63 %
IPv6

52
Domains

84
Subdomains

74
IPs

8
Countries

6374 kB
Transfer

16315 kB
Size

0
Cookies

52 Outgoing links

These are links going to different origins than the main page.

URL: https://interaksyon.philstar.com/
Title: Interaksyon

Search URL Search Domain Scan URL

URL: https://twitter.com/PhilstarNews
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/philstarnews
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/philstarcom
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/philstarnews

Search URL Search Domain Scan URL

URL: https://community.turgensec.com/security-lapse-exposes-345k-documents-from-the-philippines-solicitor-general/
Title: statement

Search URL Search Domain Scan URL

URL: https://www.breaches.uk/
Title: website

Search URL Search Domain Scan URL

URL: https://restofworld.org/2021/philippines-data-exposure/
Title: Rest of World

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://zonnepaneelofferte.nl/bespaar?utm_source=Outbrain&utm_medium=cpc&utm_campaign=zpoNL&utm_content=$ob_click_id$&obOrigUrl=true
Title: Nieuwe ontdekking over zonnepanelen zorgt voor prijsdoorbraak ZonnepaneelExperts

Search URL Search Domain Scan URL

URL: https://www.inpixio.com/static/lp/photostudio/NL/?tracking=INPIXIO_NL_PP_OB_PSTUDIO11&campaignid=Outbrain_IPX&filter=INPIXIO_NL_PP_OB_PSTUDIO11&keyword=SeagirlV2&clickid=$ob_click_id$&obOrigUrl=true
Title: Download inPixio Photo Studio 11 - Beeldcorrectie met één klik! InPixio

Search URL Search Domain Scan URL

URL: https://www.farandwide.com/s/cool-maps-europe-11a66f6c5ec04106?utm_campaign=cooleuropemaps-72a105105f574db7&utm_medium=cpc&utm_source=out&aid=008d034cf1b163e30d943e921a0636ed90&utm_term=$publisher_name$&obOrigUrl=true
Title: These Maps Show Europe In A New Light Far & Wide

Search URL Search Domain Scan URL

URL: https://www.searchist39.com/76343512-2eb9-4ab7-8abe-f8f5fdeacb75?creat=10&network=Outbrain&utm_medium=Discovery&utm_campaign=abogados-nl-outbrain&utm_content=De+uurtarieven+van+advocaten+voor+2021+zullen+u+wellicht+verbazen&site=$publisher_name$_$section_name$&ref=$publisher_id$&externalid=$ob_click_id$&cat=$section_name$&pub=$publisher_name$&obOrigUrl=true
Title: De uurtarieven van advocaten voor 2021 zullen u wellicht verbazen Vind advocaat | Search Ads

Search URL Search Domain Scan URL

URL: https://www.farandwide.com/s/european-countries-ranked-ccef2494f3994077?utm_campaign=rankingeurope-1a4a9c57d2b44dcb&utm_medium=cpc&utm_source=out&aid=008d034cf1b163e30d943e921a0636ed90&utm_term=$publisher_name$&obOrigUrl=true
Title: We Finally Know Which European Country is the Worst Far & Wide

Search URL Search Domain Scan URL

URL: https://vuukle.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&name=Philippine+Medical+Association%3A+Prescribe+ivermectin+vs+COVID-19+only+at+hospitals+with+permits&link=https://www.philstar.com/headlines/2021/05/02/2095342/philippine-medical-association-prescribe-ivermectin-vs-covid-19-only-hospitals-permits&redirect_uri=https://www.philstar.com/headlines/2021/05/02/2095342/philippine-medical-association-prescribe-ivermectin-vs-covid-19-only-hospitals-permits&picture=https://media.philstar.com/photos/2021/04/29/ivermectin-distribution-3_2021-04-29_18-38-47_thumbnail.jpg

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referrer=https://www.philstar.com/headlines/2021/05/02/2095342/philippine-medical-association-prescribe-ivermectin-vs-covid-19-only-hospitals-permits&text=Philippine+Medical+Association%3A+Prescribe+ivermectin+vs+COVID-19+only+at+hospitals+with+permits%20https://www.philstar.com/headlines/2021/05/02/2095342/philippine-medical-association-prescribe-ivermectin-vs-covid-19-only-hospitals-permits

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&name=Palace+blasts+Carpio%2C+other+critics+on+West+Philippine+Sea&link=https://www.philstar.com/headlines/2021/05/02/2095313/palace-blasts-carpio-other-critics-west-philippine-sea&redirect_uri=https://www.philstar.com/headlines/2021/05/02/2095313/palace-blasts-carpio-other-critics-west-philippine-sea&picture=https://media.philstar.com/photos/2021/05/01/wps_2021-05-01_22-29-40717_thumbnail.jpg

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referrer=https://www.philstar.com/headlines/2021/05/02/2095313/palace-blasts-carpio-other-critics-west-philippine-sea&text=Palace+blasts+Carpio%2C+other+critics+on+West+Philippine+Sea%20https://www.philstar.com/headlines/2021/05/02/2095313/palace-blasts-carpio-other-critics-west-philippine-sea

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&name=Only+one+name+on+%26lsquo%3Blist%26rsquo%3B+for+next+PNP+chief&link=https://www.philstar.com/headlines/2021/05/02/2095261/only-one-name-list-next-pnp-chief&redirect_uri=https://www.philstar.com/headlines/2021/05/02/2095261/only-one-name-list-next-pnp-chief&picture=https://media.philstar.com/photos/2021/05/01/ano_2021-05-01_22-01-14877_thumbnail.jpg

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referrer=https://www.philstar.com/headlines/2021/05/02/2095261/only-one-name-list-next-pnp-chief&text=Only+one+name+on+%26lsquo%3Blist%26rsquo%3B+for+next+PNP+chief%20https://www.philstar.com/headlines/2021/05/02/2095261/only-one-name-list-next-pnp-chief

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&name=Government+eyeing+P8%2C000+monthly+wage+subsidy&link=https://www.philstar.com/headlines/2021/05/02/2095315/government-eyeing-p8000-monthly-wage-subsidy&redirect_uri=https://www.philstar.com/headlines/2021/05/02/2095315/government-eyeing-p8000-monthly-wage-subsidy&picture=https://media.philstar.com/photos/2021/05/01/money_2021-05-01_22-34-20451_thumbnail.jpg

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referrer=https://www.philstar.com/headlines/2021/05/02/2095315/government-eyeing-p8000-monthly-wage-subsidy&text=Government+eyeing+P8%2C000+monthly+wage+subsidy%20https://www.philstar.com/headlines/2021/05/02/2095315/government-eyeing-p8000-monthly-wage-subsidy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&name=Domestic+workers+alarmed+by+compulsory+Hong+Kong+vaccine+plan&link=https://www.philstar.com/headlines/2021/05/02/2095255/domestic-workers-alarmed-compulsory-hong-kong-vaccine-plan&redirect_uri=https://www.philstar.com/headlines/2021/05/02/2095255/domestic-workers-alarmed-compulsory-hong-kong-vaccine-plan&picture=https://media.philstar.com/photos/2021/05/01/hk_2021-05-01_21-57-47414_thumbnail.jpg

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referrer=https://www.philstar.com/headlines/2021/05/02/2095255/domestic-workers-alarmed-compulsory-hong-kong-vaccine-plan&text=Domestic+workers+alarmed+by+compulsory+Hong+Kong+vaccine+plan%20https://www.philstar.com/headlines/2021/05/02/2095255/domestic-workers-alarmed-compulsory-hong-kong-vaccine-plan

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&name=Palace%3A+%27All+or+nothing%27+policies+in+West+Philippine+Sea+dangerous%2C+unproductive&link=https://www.philstar.com/headlines/2021/05/02/2095343/palace-all-or-nothing-policies-west-philippine-sea-dangerous-unproductive&redirect_uri=https://www.philstar.com/headlines/2021/05/02/2095343/palace-all-or-nothing-policies-west-philippine-sea-dangerous-unproductive&picture=https://media.philstar.com/photos/2021/03/26/whitsun-reef_2021-03-26_12-55-48_thumbnail.jpg

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referrer=https://www.philstar.com/headlines/2021/05/02/2095343/palace-all-or-nothing-policies-west-philippine-sea-dangerous-unproductive&text=Palace%3A+%27All+or+nothing%27+policies+in+West+Philippine+Sea+dangerous%2C+unproductive%20https://www.philstar.com/headlines/2021/05/02/2095343/palace-all-or-nothing-policies-west-philippine-sea-dangerous-unproductive

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&name=Philippines+sees+8%2C346+new+COVID-19+cases%2C+total+at+1.05+million&link=https://www.philstar.com/headlines/2021/05/02/2095350/philippines-sees-8346-new-covid-19-cases-total-105-million&redirect_uri=https://www.philstar.com/headlines/2021/05/02/2095350/philippines-sees-8346-new-covid-19-cases-total-105-million&picture=https://media.philstar.com/photos/2021/05/02/emergency-hospital-1_2021-05-02_12-53-28990_thumbnail.jpg

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referrer=https://www.philstar.com/headlines/2021/05/02/2095350/philippines-sees-8346-new-covid-19-cases-total-105-million&text=Philippines+sees+8%2C346+new+COVID-19+cases%2C+total+at+1.05+million%20https://www.philstar.com/headlines/2021/05/02/2095350/philippines-sees-8346-new-covid-19-cases-total-105-million

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&name=BI+reminds+public%3A+Foreign+tourists+still+barred+from+Philippines&link=https://www.philstar.com/headlines/2021/05/02/2095351/bi-reminds-public-foreign-tourists-still-barred-philippines&redirect_uri=https://www.philstar.com/headlines/2021/05/02/2095351/bi-reminds-public-foreign-tourists-still-barred-philippines&picture=https://media.philstar.com/photos/2021/04/05/foreign_2021-04-05_21-51-00746_thumbnail.jpg

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referrer=https://www.philstar.com/headlines/2021/05/02/2095351/bi-reminds-public-foreign-tourists-still-barred-philippines&text=BI+reminds+public%3A+Foreign+tourists+still+barred+from+Philippines%20https://www.philstar.com/headlines/2021/05/02/2095351/bi-reminds-public-foreign-tourists-still-barred-philippines

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&name=Phl+envoy%3A+Repatriation+from+India+may+start+when+commercial+flights+resume&link=https://www.philstar.com/headlines/2021/05/02/2095347/phl-envoy-repatriation-india-may-start-when-commercial-flights-resume&redirect_uri=https://www.philstar.com/headlines/2021/05/02/2095347/phl-envoy-repatriation-india-may-start-when-commercial-flights-resume&picture=https://media.philstar.com/photos/2021/05/02/ofw2020-08-1720-24-482020-11-2216-22-14_2021-05-02_12-13-57173_thumbnail.jpg

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referrer=https://www.philstar.com/headlines/2021/05/02/2095347/phl-envoy-repatriation-india-may-start-when-commercial-flights-resume&text=Phl+envoy%3A+Repatriation+from+India+may+start+when+commercial+flights+resume%20https://www.philstar.com/headlines/2021/05/02/2095347/phl-envoy-repatriation-india-may-start-when-commercial-flights-resume

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&name=10+days+of+paid+leave+sought+for+workers+who+get+COVID-19&link=https://www.philstar.com/headlines/2021/05/02/2095345/10-days-paid-leave-sought-workers-who-get-covid-19&redirect_uri=https://www.philstar.com/headlines/2021/05/02/2095345/10-days-paid-leave-sought-workers-who-get-covid-19&picture=https://media.philstar.com/photos/2021/05/02/frontliners-marikina-3_2021-05-02_11-41-57_thumbnail.jpg

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referrer=https://www.philstar.com/headlines/2021/05/02/2095345/10-days-paid-leave-sought-workers-who-get-covid-19&text=10+days+of+paid+leave+sought+for+workers+who+get+COVID-19%20https://www.philstar.com/headlines/2021/05/02/2095345/10-days-paid-leave-sought-workers-who-get-covid-19

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&name=No+significant+evidence+Ivermectin+can+help+vs+COVID-19%2C+WHO+warns&link=https://www.philstar.com/headlines/2021/03/30/2088192/no-significant-evidence-ivermectin-can-help-vs-covid-19-who-warns&redirect_uri=https://www.philstar.com/headlines/2021/03/30/2088192/no-significant-evidence-ivermectin-can-help-vs-covid-19-who-warns&picture=https://media.philstar.com/photos/2021/03/30/amang-rodriguez-hospital-marikina_2021-03-30_21-26-4828_thumbnail.jpg

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referrer=https://www.philstar.com/headlines/2021/03/30/2088192/no-significant-evidence-ivermectin-can-help-vs-covid-19-who-warns&text=No+significant+evidence+Ivermectin+can+help+vs+COVID-19%2C+WHO+warns%20https://www.philstar.com/headlines/2021/03/30/2088192/no-significant-evidence-ivermectin-can-help-vs-covid-19-who-warns

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&name=%27Very+basic%27+hospital+command+center+setup+leaves+it+unreachable+amid+COVID-19+surge&link=https://www.philstar.com/headlines/2021/03/30/2088102/very-basic-hospital-command-center-setup-leaves-it-unreachable-amid-covid-19-surge&redirect_uri=https://www.philstar.com/headlines/2021/03/30/2088102/very-basic-hospital-command-center-setup-leaves-it-unreachable-amid-covid-19-surge&picture=https://media.philstar.com/photos/2021/03/17/hospital_2021-03-17_22-06-07261_thumbnail.jpg

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referrer=https://www.philstar.com/headlines/2021/03/30/2088102/very-basic-hospital-command-center-setup-leaves-it-unreachable-amid-covid-19-surge&text=%27Very+basic%27+hospital+command+center+setup+leaves+it+unreachable+amid+COVID-19+surge%20https://www.philstar.com/headlines/2021/03/30/2088102/very-basic-hospital-command-center-setup-leaves-it-unreachable-amid-covid-19-surge

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&name=No+PhilHealth+ID+Number%3F+You+can+still+be+vaccinated+vs+COVID-19&link=https://www.philstar.com/headlines/2021/03/30/2088090/no-philhealth-id-number-you-can-still-be-vaccinated-vs-covid-19&redirect_uri=https://www.philstar.com/headlines/2021/03/30/2088090/no-philhealth-id-number-you-can-still-be-vaccinated-vs-covid-19&picture=https://media.philstar.com/photos/2021/03/30/sinovac-vial-philippines2021-03-0115-54-20_2021-03-30_17-13-36642_thumbnail.jpg

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referrer=https://www.philstar.com/headlines/2021/03/30/2088090/no-philhealth-id-number-you-can-still-be-vaccinated-vs-covid-19&text=No+PhilHealth+ID+Number%3F+You+can+still+be+vaccinated+vs+COVID-19%20https://www.philstar.com/headlines/2021/03/30/2088090/no-philhealth-id-number-you-can-still-be-vaccinated-vs-covid-19

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&name=Contact+tracing+in+Philippines%2C+inadequate+from+the+start%2C+has+deteriorated&link=https://www.philstar.com/headlines/2021/03/30/2088083/contact-tracing-philippines-inadequate-start-has-deteriorated&redirect_uri=https://www.philstar.com/headlines/2021/03/30/2088083/contact-tracing-philippines-inadequate-start-has-deteriorated&picture=https://media.philstar.com/photos/2021/03/30/free-ride-quezon-city-1_2021-03-30_16-32-22_thumbnail.jpg

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referrer=https://www.philstar.com/headlines/2021/03/30/2088083/contact-tracing-philippines-inadequate-start-has-deteriorated&text=Contact+tracing+in+Philippines%2C+inadequate+from+the+start%2C+has+deteriorated%20https://www.philstar.com/headlines/2021/03/30/2088083/contact-tracing-philippines-inadequate-start-has-deteriorated

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&name=%27ECQ+Plus%3F%27+IATF+meets+on+Saturday%2C+but+Roque+says+extension+is+%27last+resort%27&link=https://www.philstar.com/headlines/2021/03/30/2088081/ecq-plus-iatf-meets-saturday-roque-says-extension-last-resort&redirect_uri=https://www.philstar.com/headlines/2021/03/30/2088081/ecq-plus-iatf-meets-saturday-roque-says-extension-last-resort&picture=https://media.philstar.com/photos/2021/03/30/free-ride-quezon-city-4_2021-03-30_16-11-19826_thumbnail.jpg

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referrer=https://www.philstar.com/headlines/2021/03/30/2088081/ecq-plus-iatf-meets-saturday-roque-says-extension-last-resort&text=%27ECQ+Plus%3F%27+IATF+meets+on+Saturday%2C+but+Roque+says+extension+is+%27last+resort%27%20https://www.philstar.com/headlines/2021/03/30/2088081/ecq-plus-iatf-meets-saturday-roque-says-extension-last-resort

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&link=https://www.philstar.com/headlines/2021/03/30/2088192/no-significant-evidence-ivermectin-can-help-vs-covid-19-who-warns&redirect_uri=https://www.philstar.com/headlines/2021/03/30/2088192/no-significant-evidence-ivermectin-can-help-vs-covid-19-who-warns
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&link=https://www.philstar.com/headlines/2021/03/30/2088102/very-basic-hospital-command-center-setup-leaves-it-unreachable-amid-covid-19-surge&redirect_uri=https://www.philstar.com/headlines/2021/03/30/2088102/very-basic-hospital-command-center-setup-leaves-it-unreachable-amid-covid-19-surge
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&link=https://www.philstar.com/headlines/2021/03/30/2088090/no-philhealth-id-number-you-can-still-be-vaccinated-vs-covid-19&redirect_uri=https://www.philstar.com/headlines/2021/03/30/2088090/no-philhealth-id-number-you-can-still-be-vaccinated-vs-covid-19
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&link=https://www.philstar.com/headlines/2021/03/30/2088083/contact-tracing-philippines-inadequate-start-has-deteriorated&redirect_uri=https://www.philstar.com/headlines/2021/03/30/2088083/contact-tracing-philippines-inadequate-start-has-deteriorated
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1775905922621109&display=popup&link=https://www.philstar.com/headlines/2021/03/30/2088081/ecq-plus-iatf-meets-saturday-roque-says-extension-last-resort&redirect_uri=https://www.philstar.com/headlines/2021/03/30/2088081/ecq-plus-iatf-meets-saturday-roque-says-extension-last-resort
Title:

Search URL Search Domain Scan URL

URL: https://www.volvocars.com/nl/carebyvolvo/?utm_source=outbrain&utm_medium=native&utm_content=lifestyle_native&utm_campaign=nl_lifestyle_awareness_1909_care-by-volvo_b2c_always-on&obOrigUrl=true
Title: Het auto-abonnement van Volvo. 30 dagen op… Care by Volvo

Search URL Search Domain Scan URL

URL: https://www.adsparc.com/privacy-policy/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.silobreaker.com/e2t/tc/VVxHVd7tj0GZW2y9nkp8ksYxZW8XrjSc4r4MC8MhPPSr2-HwrV1-WJV7CgQrxW6R1FRm8KLPtZW5xZC4s5S2X6FVGx85n30skMKW5Lkd3s5g62MfW6N0TyR5v7VM6W97T-fp2S1d6YW8qHFW46j-cKrW97pXqW812fjgW1NJ8SD37vbM1W5Ns28j2VZ_1SV6DnhS2mrLZJVKZdS97ZN8j9W4j2hgg5Jt9LSN7xkxPV6lN5wW5T36Lf4Q_KwyW7nlwSr5P51SfW7kZs6w6FSqpmW4GQ3Q32J9Y7kW7h591n3NpQ3_W2BtfV53KCJLRW26MGHm4cZ_djW53QhNw8rl4V-W2Fnhq815Gg8bN3vMsDQNjFyjW1fPD9p8jq_QCN1496wq_0P2t369N1 Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VVxHVd7tj0GZW2y9nkp8ksYxZW8XrjSc4r4MC8MhPPSr2-HwrV1-WJV7CgQrxW6R1FRm8KLPtZW5xZC4s5S2X6FVGx85n30skMKW5Lkd3s5g62MfW6N0TyR5v7VM6W97T-fp2S1d6YW8qHFW46j-cKrW97pXqW812fjgW1NJ8SD37vbM1W5Ns28j2VZ_1SV6DnhS2mrLZJVKZdS97ZN8j9W4j2hgg5Jt9LSN7xkxPV6lN5wW5T36Lf4Q_KwyW7nlwSr5P51SfW7kZs6w6FSqpmW4GQ3Q32J9Y7kW7h591n3NpQ3_W2BtfV53KCJLRW26MGHm4cZ_djW53QhNw8rl4V-W2Fnhq815Gg8bN3vMsDQNjFyjW1fPD9p8jq_QCN1496wq_0P2t369N1?_ud=8cfe0711-7084-4e70-a7fa-b2c2f3c48e82&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 115

https://l.sharethis.com/pview?event=pview&hostname=www.philstar.com&location=%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach&product=inline-share-buttons&url=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=DOJ%3A%20Solgen%27s%20office%20looking%20into%20reported%20data%20breach%20%7C%20Philstar.com&cms=sop&publisher=5e1420cc68a9ad001281e737&sop=true&version=st_sop.js&lang=en&description=The%20Office%20of%20the%20Solicitor%20General%20is%20looking%20into%20a%20reported%20data%20breach%20that%20allegedly%20exposed%20345%2C000%20of%20its%20files. HTTP 301
https://l.sharethis.mgr.consensu.org/rd?rurl=https%3A%2F%2Fl.sharethis.com%2Fpview%3Fcms%3Dsop%26description%3DThe%2BOffice%2Bof%2Bthe%2BSolicitor%2BGeneral%2Bis%2Blooking%2Binto%2Ba%2Breported%2Bdata%2Bbreach%2Bthat%2Ballegedly%2Bexposed%2B345%252C000%2Bof%2Bits%2Bfiles.%26event%3Dpview%26fcmp%3Dfalse%26fcmpv2%3Dfalse%26has_segmentio%3Dfalse%26hostname%3Dwww.philstar.com%26lang%3Den%26location%3D%252Fheadlines%252F2021%252F05%252F02%252F2095356%252Fdoj-solgens-office-looking-reported-data-breach%26product%3Dinline-share-buttons%26publisher%3D5e1420cc68a9ad001281e737%26rd%3D0%26sop%3Dtrue%26source%3Dsharethis.js%26title%3DDOJ%253A%2BSolgen%2527s%2Boffice%2Blooking%2Binto%2Breported%2Bdata%2Bbreach%2B%257C%2BPhilstar.com%26url%3Dhttps%253A%252F%252Fwww.philstar.com%252Fheadlines%252F2021%252F05%252F02%252F2095356%252Fdoj-solgens-office-looking-reported-data-breach%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk%26version%3Dst_sop.js

Request Chain 182

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 193

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 197

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 290

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1619954326246&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=13795396&cs_ucfr= HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1619954326246&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=13795396&cs_ucfr=

Request Chain 292

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1619954326248&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=24473453&cs_ucfr= HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1619954326248&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=24473453&cs_ucfr=

375 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVxHVd7tj0GZW2y9nkp8ksYxZW8XrjSc4r4MC8MhPPSr2-HwrV1-WJV7CgQrxW6R1FRm8KLPtZW5xZC4s5S2X6FVGx85n30skMKW5Lkd3s5g62MfW6N0TyR5v7VM6W97T-fp2S1d6YW8qHFW46j-cKrW97pXqW812fjgW1NJ8SD37vbM1W5Ns28j2VZ_1SV6DnhS2...
info.silobreaker.com/e2t/tc/ 9 KB
3 KB 435ms
86ms Document
text/html 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://info.silobreaker.com/e2t/tc/VVxHVd7tj0GZW2y9nkp8ksYxZW8XrjSc4r4MC8MhPPSr2-HwrV1-WJV7CgQrxW6R1FRm8KLPtZW5xZC4s5S2X6FVGx85n30skMKW5Lkd3s5g62MfW6N0TyR5v7VM6W97T-fp2S1d6YW8qHFW46j-cKrW97pXqW812fjgW1NJ8SD37vbM1W5Ns28j2VZ_1SV6DnhS2mrLZJVKZdS97ZN8j9W4j2hgg5Jt9LSN7xkxPV6lN5wW5T36Lf4Q_KwyW7nlwSr5P51SfW7kZs6w6FSqpmW4GQ3Q32J9Y7kW7h591n3NpQ3_W2BtfV53KCJLRW26MGHm4cZ_djW53QhNw8rl4V-W2Fnhq815Gg8bN3vMsDQNjFyjW1fPD9p8jq_QCN1496wq_0P2t369N1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: info.silobreaker.com
:scheme: https
:path: /e2t/tc/VVxHVd7tj0GZW2y9nkp8ksYxZW8XrjSc4r4MC8MhPPSr2-HwrV1-WJV7CgQrxW6R1FRm8KLPtZW5xZC4s5S2X6FVGx85n30skMKW5Lkd3s5g62MfW6N0TyR5v7VM6W97T-fp2S1d6YW8qHFW46j-cKrW97pXqW812fjgW1NJ8SD37vbM1W5Ns28j2VZ_1SV6DnhS2mrLZJVKZdS97ZN8j9W4j2hgg5Jt9LSN7xkxPV6lN5wW5T36Lf4Q_KwyW7nlwSr5P51SfW7kZs6w6FSqpmW4GQ3Q32J9Y7kW7h591n3NpQ3_W2BtfV53KCJLRW26MGHm4cZ_djW53QhNw8rl4V-W2Fnhq815Gg8bN3vMsDQNjFyjW1fPD9p8jq_QCN1496wq_0P2t369N1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:17 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=dcea38ff8a5fa2a38e1696c61ef1f0cef1619954297; expires=Tue, 01-Jun-21 11:18:17 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=a48485c6ce5404e91ab247ce7ca327ca5fc581fb-1619954297; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray: 6490d919ed451fd2-AMS
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 09ce66043000001fd2b09a2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 8d107657-39c7-4e72-9cb6-f6348756991d
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IWXGf3%2F1V%2B16AADoEhvPywEUMxqM5Mf%2FuIGHwY%2BbEc8kb1xkKZQVA5OWyXe1yguP1ogqYix91HcCVXtQ3tggxpKw2VFa0MoiBENtqIdslMzMbgu4ug%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

GET
H/1.1

200
OK

Primary Request

Cookie set doj-solgens-office-looking-reported-data-breach Show response
www.philstar.com/headlines/2021/05/02/2095356/
Redirect Chain

https://info.silobreaker.com/events/public/v1/track/tc/VVxHVd7tj0GZW2y9nkp8ksYxZW8XrjSc4r4MC8MhPPSr2-HwrV1-WJV7CgQrxW6R1FRm8KLPtZW5xZC4s5S2X6FVGx85n30skMKW5Lkd3s5g62MfW6N0TyR5v7VM6W97T-fp2S1d6YW8qH...
https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCD...

174 KB
32 KB

918ms
367ms

Document
text/html

184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk

Requested by

Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVxHVd7tj0GZW2y9nkp8ksYxZW8XrjSc4r4MC8MhPPSr2-HwrV1-WJV7CgQrxW6R1FRm8KLPtZW5xZC4s5S2X6FVGx85n30skMKW5Lkd3s5g62MfW6N0TyR5v7VM6W97T-fp2S1d6YW8qHFW46j-cKrW97pXqW812fjgW1NJ8SD37vbM1W5Ns28j2VZ_1SV6DnhS2mrLZJVKZdS97ZN8j9W4j2hgg5Jt9LSN7xkxPV6lN5wW5T36Lf4Q_KwyW7nlwSr5P51SfW7kZs6w6FSqpmW4GQ3Q32J9Y7kW7h591n3NpQ3_W2BtfV53KCJLRW26MGHm4cZ_djW53QhNw8rl4V-W2Fnhq815Gg8bN3vMsDQNjFyjW1fPD9p8jq_QCN1496wq_0P2t369N1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

45e14e8bfa6b001c49d566897f6f7f4b2269740fc959fdccbd0ee4a4d6f2b6af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Host: www.philstar.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://info.silobreaker.com/e2t/tc/VVxHVd7tj0GZW2y9nkp8ksYxZW8XrjSc4r4MC8MhPPSr2-HwrV1-WJV7CgQrxW6R1FRm8KLPtZW5xZC4s5S2X6FVGx85n30skMKW5Lkd3s5g62MfW6N0TyR5v7VM6W97T-fp2S1d6YW8qHFW46j-cKrW97pXqW812fjgW1NJ8SD37vbM1W5Ns28j2VZ_1SV6DnhS2mrLZJVKZdS97ZN8j9W4j2hgg5Jt9LSN7xkxPV6lN5wW5T36Lf4Q_KwyW7nlwSr5P51SfW7kZs6w6FSqpmW4GQ3Q32J9Y7kW7h591n3NpQ3_W2BtfV53KCJLRW26MGHm4cZ_djW53QhNw8rl4V-W2Fnhq815Gg8bN3vMsDQNjFyjW1fPD9p8jq_QCN1496wq_0P2t369N1

Response headers

Server: nginx
Date: Sun, 02 May 2021 11:18:19 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=2
Vary: Accept-Encoding
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; path=/; HTTPOnly; Secure; secure; HttpOnly oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; expires=Sun, 02-May-2021 12:18:19 GMT; path=/; HTTPOnly; Secure visitor=n; expires=Mon, 02-May-2022 11:18:19 GMT; path=/; HTTPOnly; Secure
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Access-Control-Allow-Origin: https://www.philstar.com
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

Redirect headers

date: Sun, 02 May 2021 11:18:18 GMT
set-cookie: __cfduid=da937ae344aa5594916f2e8a119713f211619954298; expires=Tue, 01-Jun-21 11:18:18 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=a8a04869753cb91c52ce0816de6e1a32d1e41179-1619954298; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
location: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
cf-ray: 6490d91c294f1fd2-AMS
link: <https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 09ce66059f00001fd2919c3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 2bd1c56b-8cb8-4166-8687-02eb920e2561
x-robots-tag: none
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pt9GgprppFtrid7ANZgHVRa%2BXJcLR9QGMDVTYTxHoU7fw1FcQcUZG%2FCIR9v44vvdWrtVsyRg75EtmGiYOYfiOTcRwbH0sRCOC5tVyP4y76hce8jeiw%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 127ms
38ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6598e71167cec2f5afb33005aca2185944a3a9def8be956dac43bf65b56b40ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s7SZd0q14lwubVc2C8PMaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "ca7c2d1aae642024d440b5bda933a9b5"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-s7SZd0q14lwubVc2C8PMaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sun, 02 May 2021 11:18:19 GMT

GET
H2 200 api:client.js Show response
apis.google.com/js/ 12 KB
6 KB 116ms
28ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api:client.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

91eb25d110ad22db6ce668fbb41e4f8b6048d02e8c9936382c72efd3c3311f8f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KLFl/xdNnRL1b+Px7Z0U6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "c0774c8d042e7fa248b9755161149911"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-KLFl/xdNnRL1b+Px7Z0U6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sun, 02 May 2021 11:18:19 GMT

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
www.philstar.com/js/ 91 KB
33 KB 355ms
310ms Script
application/javascript 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.philstar.com/js/jquery-1.10.2.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Transfer-Encoding: chunked
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:16 GMT
Server: nginx
ETag: W/"5ac5ba08-16bb3"
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:19 GMT

GET
H/1.1 200
OK lazysizes.min.js Show response
www.philstar.com/js/ 7 KB
4 KB 300ms
170ms Script
application/javascript 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.philstar.com/js/lazysizes.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

826e001a9244a754841be1c3c02b9f148a9a30858e3c6943973b39d1f4207843

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Transfer-Encoding: chunked
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Wed, 20 Nov 2019 21:17:04 GMT
Server: nginx
ETag: W/"5dd5ad50-1c39"
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:20 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 101 KB
32 KB 341ms
36ms Script
text/javascript 2600:9000:20c8:a000:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:a000:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 38c288b893b166348ca23e242921ba2f260e3444cb2027e0c844304a894f0bbe

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:09:33 GMT
content-encoding: gzip
age: 527
etag: W/"192cc-3TBOdKYF02HlA++J6fQ0dmTq6Ow"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 4debdaa39c21a3212350a638102f8b06.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: TbXPHLlfhT6HBX8pyEl7SnK_8sTZPOjiXmz_wF6fNb-ZcUyZrqE9sQ==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 61 KB
21 KB 151ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5c6a2191fb3cab2e8d87f2cce6602741008e96166aa9083af2f919d44f66afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "859 / 527 of 1000 / last-modified: 1619820675"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21208
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:20 GMT

GET
H2 200 c65f4614dfc0196204b0f9505257c42b2d454846.js Show response
cdn.izooto.com/scripts/ 7 KB
2 KB 105ms
35ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/c65f4614dfc0196204b0f9505257c42b2d454846.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

778505dcf5d8581d6b1f97f29b9e9687d8cbafd4e6be9d1b10cca324196a4a07

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 09:18:53 GMT
server: cloudflare
age: 380385
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=691200
expires: Mon, 10 May 2021 11:18:19 GMT
cf-ray: 6490d92579761782-FRA
cf-request-id: 09ce660b720000178203bfd000000001
cf-bgj: minify

GET
H/1.1 200
OK Script Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 32 KB
14 KB 337ms
37ms Script
application/x-javascript 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=73376741
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0b7acf58e1ae4bb91b999bcee522af8a1d3dd58d4b5c9d40d62296dbef7ccd8f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:19 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Last-Modified: Sun, 02 May 2021 11:18:20 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: public, max-age=3600
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 14088
Expires: Sun, 02 May 2021 12:18:20 GMT

GET
H2 200 logo_03.png
media.philstar.com/images/ 2 KB
2 KB 1320ms
969ms Image
image/png 104.126.37.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.philstar.com/images/logo_03.png
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiGHost /
Resource Hash: afc03049f6330fe18cce72ed5a385629fc334b03786465e98c4690bd1d544a9b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:21 GMT
last-modified: Sun, 25 Mar 2018 21:55:08 GMT
server: AkamaiGHost
etag: "e7c6f049030c020d6cae05bf84b8d172:1575631266.619777"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-credentials: false
content-length: 1880
accept-ranges: bytes
access-control-allow-headers: *
mime-version: 1.0
expires: Sun, 02 May 2021 11:18:21 GMT

GET
H2 200 twitter-icon_white.png
media.philstar.com/assets/icons/ 477 B
792 B 1135ms
785ms Image
image/png 104.126.37.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.philstar.com/assets/icons/twitter-icon_white.png
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiGHost /
Resource Hash: 8f17085748c627266cc71f5acb362c2560337d899f835d7d20452ebe237c93b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:21 GMT
last-modified: Fri, 26 Jun 2020 08:43:20 GMT
server: AkamaiGHost
etag: "4509d1392f20a1d92ca3fd11f1b225f7:1593167741.863227"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-credentials: false
content-length: 477
accept-ranges: bytes
access-control-allow-headers: *
mime-version: 1.0
expires: Sun, 02 May 2021 11:18:21 GMT

GET
H2 200 IG-icon_white.png
media.philstar.com/assets/icons/ 571 B
886 B 1083ms
844ms Image
image/png 104.126.37.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.philstar.com/assets/icons/IG-icon_white.png
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiGHost /
Resource Hash: 01f03c5798afa7efec44af882dba64daecf39ec89d83fcd76e740d4e062ad3bf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:21 GMT
last-modified: Fri, 26 Jun 2020 08:42:54 GMT
server: AkamaiGHost
etag: "11eabbbdad17a38fa2b426adcb6322ce:1593167738.456122"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-credentials: false
content-length: 571
accept-ranges: bytes
access-control-allow-headers: *
mime-version: 1.0
expires: Sun, 02 May 2021 11:18:21 GMT

GET
H2 200 youtube-icon_white.png
media.philstar.com/assets/icons/ 402 B
716 B 1233ms
1009ms Image
image/png 104.126.37.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.philstar.com/assets/icons/youtube-icon_white.png
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiGHost /
Resource Hash: 34f9d8e9a7abfc721c8fb578050e8604266feebdb3b61a1d5823db85428ae798

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:21 GMT
last-modified: Fri, 26 Jun 2020 08:42:04 GMT
server: AkamaiGHost
etag: "9732c6a3dbe84f1d1bb6d75b752febcb:1593167743.80208"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-credentials: false
content-length: 402
accept-ranges: bytes
access-control-allow-headers: *
mime-version: 1.0
expires: Sun, 02 May 2021 11:18:21 GMT

GET
H/1.1 200
OK header_rss_mobile.png
www.philstar.com/images/ 667 B
1 KB 298ms
153ms Image
image/png 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.philstar.com/images/header_rss_mobile.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

24e095e971bffc79594d510eedcb227b939163b57d74ee9ac0e35a667c9c8b8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:20 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 667
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:24 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
ETag: "5ac5ba10-29b"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/png
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:20 GMT

GET
H/1.1 200
OK header_contact_mobile.png
www.philstar.com/images/ 714 B
1 KB 329ms
177ms Image
image/png 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.philstar.com/images/header_contact_mobile.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

fdf0bbc36c3e367d31e61d8325ff1a69ca417b429cb48dc1d66d30ad1d831b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:20 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 714
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:24 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
ETag: "5ac5ba10-2ca"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/png
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:20 GMT

GET
H/1.1 200
OK blank.png
www.philstar.com/images/ 95 B
907 B 266ms
171ms Image
image/png 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.philstar.com/images/blank.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:20 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 95
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:24 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
ETag: "5ac5ba10-5f"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/png
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:20 GMT

GET
H/1.1 200
OK header_divider_mobile.png
www.philstar.com/images/ 83 B
895 B 252ms
189ms Image
image/png 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.philstar.com/images/header_divider_mobile.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

4878a0cdab26b1122b66f984ffe94634e125c1840b41713c663710de2507709c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:20 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 83
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:24 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
ETag: "5ac5ba10-53"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/png
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:20 GMT

GET
H2 200 fb-icon_white.png
media.philstar.com/assets/icons/ 252 B
560 B 68ms
43ms Image
image/png 104.126.37.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.philstar.com/assets/icons/fb-icon_white.png
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 01d44eadb4c56f1c1d1735bef712acc0a9991308186521788532a051cae31ab8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:20 GMT
last-modified: Fri, 26 Jun 2020 08:43:38 GMT
server: AkamaiNetStorage
etag: "231ce17fad183d172de1dca9b2c502cf:1593167737.062745"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=314348
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 252
expires: Thu, 06 May 2021 02:37:28 GMT

GET
H/1.1 200
OK header_ot_mobile.png
www.philstar.com/images/ 114 B
927 B 238ms
168ms Image
image/png 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.philstar.com/images/header_ot_mobile.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

3ce167bbfdbff6682427d05d3c416f51e5087fe4a439902f8cb7d6ad35f1e21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:20 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 114
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:24 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
ETag: "5ac5ba10-72"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/png
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:20 GMT

GET
H/1.1 200
OK header_divider.png
www.philstar.com/images/ 83 B
895 B 413ms
176ms Image
image/png 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.philstar.com/images/header_divider.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

ab1fc6ac3f1ed1254dc59c9e4097b8f418247ec84a59be1f8fd88cf60915b101

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:20 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 83
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:24 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
ETag: "5ac5ba10-53"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/png
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:20 GMT

GET
H2 200 rss-icon_white.png
media.philstar.com/assets/icons/ 558 B
874 B 844ms
829ms Image
image/png 104.126.37.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.philstar.com/assets/icons/rss-icon_white.png
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiGHost /
Resource Hash: e10d995b86740b68bc0e0acb039af95a923a2b3776eb35f3b4e98024e42c2b81

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:21 GMT
last-modified: Fri, 26 Jun 2020 08:42:34 GMT
server: AkamaiGHost
etag: "2536f4033b4b8039c0af82eacaa792de:1593167739.976846"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-credentials: false
content-length: 558
accept-ranges: bytes
access-control-allow-headers: *
mime-version: 1.0
expires: Sun, 02 May 2021 11:18:21 GMT

GET
H/1.1 200
OK header_contact.png
www.philstar.com/images/ 475 B
1 KB 538ms
156ms Image
image/png 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.philstar.com/images/header_contact.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

2899158e8826d5f52a86156f4f35481ef3d32a3f2e5c504472d7f56aff65dc10

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:21 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 475
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:24 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
ETag: "5ac5ba10-1db"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/png
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:21 GMT

GET
H/1.1 200
OK loginserch_03.png
www.philstar.com/images/Home/ 445 B
1 KB 472ms
253ms Image
image/png 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.philstar.com/images/Home/loginserch_03.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

ed07c28a741c546f720a924e069b0a26753db45b581287a49a75fd075723a034

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:21 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 445
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:12 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
ETag: "5ac5ba04-1bd"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/png
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:21 GMT

GET
H/1.1 200
OK login_icon.png
www.philstar.com/images/ 293 B
1 KB 463ms
260ms Image
image/png 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.philstar.com/images/login_icon.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

3a04df71ae9d81d1bf3f4afb419a4a080cd4f45ac0bdb6a5ba5c8feb34197cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:21 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 293
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:24 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
ETag: "5ac5ba10-125"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/png
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:21 GMT

GET
H/1.1 200
OK mobile_fb.png
www.philstar.com/images/ 323 B
1 KB 463ms
261ms Image
image/png 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.philstar.com/images/mobile_fb.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

3f0bfcc9432f4e2490541585e32720e520b3b84b2bff0cbd2e30ab1a83d13f02

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:21 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 323
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:24 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
ETag: "5ac5ba10-143"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/png
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:21 GMT

GET
H/1.1 200
OK mobile_tw.png
www.philstar.com/images/ 759 B
2 KB 455ms
253ms Image
image/png 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.philstar.com/images/mobile_tw.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

860d00ed57fe71642e91d1159d67222142a25e9f64209fb47e36559e67c61ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:21 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 759
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:25 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
ETag: "5ac5ba11-2f7"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/png
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:21 GMT

GET
H/1.1 200
OK mobile_li.png
www.philstar.com/images/ 524 B
1 KB 765ms
172ms Image
image/png 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.philstar.com/images/mobile_li.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

398bfa09e1e3133cc13bbb6027523913a534eed72f65d10d9cf38c9baa355075

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:22 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 524
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:25 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
ETag: "5ac5ba11-20c"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/png
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:22 GMT

GET
H/1.1 200
OK mobile_gp.png
www.philstar.com/images/ 956 B
2 KB 774ms
172ms Image
image/png 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.philstar.com/images/mobile_gp.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

5792732e083a2e70504c0cdc313b4ff277e1a1ea5a7f7e57bf6e0e55135ca0ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:22 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 956
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:24 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
ETag: "5ac5ba10-3bc"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/png
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:22 GMT

GET
H/1.1 200
OK arrow-top.png
www.philstar.com/images/ 281 B
1 KB 491ms
238ms Image
image/png 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.philstar.com/images/arrow-top.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

bc3fe977eb6e99f863fa310f7bb75f39064581d3b21f324201404dbc67800de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:21 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 281
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:12 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
ETag: "5ac5ba04-119"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/png
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:21 GMT

GET
H2 200 jose-calida-solicitor-general2018-05-1518-46-41_2021-05-02_16-12-32.jpg
media.philstar.com/photos/2021/05/02/ 72 KB
72 KB 26ms
21ms Image
image/jpeg 104.126.37.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.philstar.com/photos/2021/05/02/jose-calida-solicitor-general2018-05-1518-46-41_2021-05-02_16-12-32.jpg
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: aafaad23772ac9f01a5a506c5ad336d0bfe513eff6083e843a118b75044859f9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:20 GMT
last-modified: Sun, 02 May 2021 08:12:35 GMT
server: AkamaiNetStorage
etag: "7827a9201abf3b684bcad91e9862f33e:1619943154.818825"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=594587
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 73353
expires: Sun, 09 May 2021 08:28:07 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 172 KB
58 KB 304ms
0ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d997e8a19831cf7b197e451253f17bcb91b73a18dd340ac2444e8d2c03387dc3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:20 GMT
content-encoding: gzip
last-modified: Sun, 02 May 2021 10:55:19 GMT
etag: W/"2b099-FnL40cWHodkHh7tfL+6CCc/7sfY"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 456d3f8e5e5111421a4cf8a37a3d0f82
timing-allow-origin: *, *
content-length: 58442
expires: Sun, 02 May 2021 15:18:20 GMT

GET
H/1.1 200
OK fonts.min.css
www.philstar.com/css/ 8 KB
2 KB 2009ms
356ms Stylesheet
text/css 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.philstar.com/css/fonts.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

9099f402f4c22e223c27850dbe7f15741fc94de10b13e71a949935b35054ed81

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 676
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Mon, 11 Jan 2021 21:52:04 GMT
Server: nginx
ETag: W/"5ffcc884-20fb"
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:23 GMT

GET
H/1.1 200
OK loaded.css
www.philstar.com/css/ 160 B
972 B 2009ms
335ms Stylesheet
text/css 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.philstar.com/css/loaded.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

06eb4d961e89f31ab44df87c04330550d19d6043ed8e3ea8af1fc7d083862fea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:23 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 160
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Sun, 24 Nov 2019 21:27:04 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
ETag: "5ddaf5a8-a0"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:23 GMT

GET
H/1.1 200
OK style.min_202008-20.css
www.philstar.com/css/ 47 KB
11 KB 2683ms
409ms Stylesheet
text/css 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.philstar.com/css/style.min_202008-20.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

36eb5acb67675e800747c6bcda0ce0f49664d91f339f51be54a3f34ac5035c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Transfer-Encoding: chunked
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Tue, 09 Feb 2021 21:41:17 GMT
Server: nginx
ETag: W/"6023017d-bdc9"
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:24 GMT

GET
H/1.1 200
OK style-desktop.min_202008-20.css
www.philstar.com/css/ 6 KB
3 KB 2184ms
403ms Stylesheet
text/css 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.philstar.com/css/style-desktop.min_202008-20.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

a6b21a9a9a0ce3f4b6c59d5fbc2a6938dfda97f14eedb613d8c5eb05c60f2c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Transfer-Encoding: chunked
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 20 Aug 2020 21:45:04 GMT
Server: nginx
ETag: W/"5f3eeee0-18ae"
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:24 GMT

GET
H/1.1 200
OK jquery-ui.min.css
www.philstar.com/css/ 29 KB
8 KB 1853ms
517ms Stylesheet
text/css 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.philstar.com/css/jquery-ui.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

550ceb9559bb4237527909ff21e719804f6b9df337f741f756821c0c9963392b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Transfer-Encoding: chunked
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Sun, 10 Feb 2019 00:34:29 GMT
Server: nginx
ETag: W/"5c5f7195-75d3"
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:24 GMT

GET
H2 200 share2_27.png
media.philstar.com/assets/ 707 B
1022 B 919ms
563ms Image
image/png 104.126.37.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.philstar.com/assets/share2_27.png
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiGHost /
Resource Hash: 0f7c1f881dbc7ea2ca8e3259f7fb3b30bf33b2bbed61c3edcf79c60020e53273

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:22 GMT
last-modified: Thu, 02 Jan 2020 09:52:15 GMT
server: AkamaiGHost
etag: "34271c68ea22cf074b60bff429fc3dd7:1578036180.390341"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-credentials: false
content-length: 707
accept-ranges: bytes
access-control-allow-headers: *
mime-version: 1.0
expires: Sun, 02 May 2021 11:18:22 GMT

GET
H2 200 share2_29.png
media.philstar.com/assets/ 575 B
891 B 1129ms
772ms Image
image/png 104.126.37.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.philstar.com/assets/share2_29.png
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiGHost /
Resource Hash: 824a3bd54a03a9669afa5770f5d59576891eb96946ee26b339d951043ec46994

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:22 GMT
last-modified: Thu, 02 Jan 2020 09:52:45 GMT
server: AkamaiGHost
etag: "0db91102cb1889d53b1d14a33497833f:1578036179.935628"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-credentials: false
content-length: 575
accept-ranges: bytes
access-control-allow-headers: *
mime-version: 1.0
expires: Sun, 02 May 2021 11:18:22 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
www.philstar.com/js/ 235 KB
64 KB 394ms
188ms Script
application/javascript 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.philstar.com/js/jquery-ui.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Transfer-Encoding: chunked
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:01 GMT
Server: nginx
ETag: W/"5ac5b9f9-3ab2b"
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:20 GMT

GET
H/1.1 200
OK jquery.history.js Show response
www.philstar.com/js/ 22 KB
7 KB 236ms
155ms Script
application/javascript 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.philstar.com/js/jquery.history.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

3eca2f7a428c7d60d1649538e4552740ce043df021e618b32943481689a8cfaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Transfer-Encoding: chunked
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:01 GMT
Server: nginx
ETag: W/"5ac5b9f9-5990"
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:20 GMT

GET
H/1.1 200
OK java.min.js Show response
www.philstar.com/js/ 15 KB
5 KB 297ms
169ms Script
application/javascript 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.philstar.com/js/java.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

30ac246c79f2c87f50d3fd478cd07006dbcc02e61f0649294c525ee0d69155b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Transfer-Encoding: chunked
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Mon, 17 Feb 2020 22:14:03 GMT
Server: nginx
ETag: W/"5e4b102b-3c72"
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:20 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/ 304 KB
304 KB 163ms
48ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api:client.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3cc04095f6fb2b7e0dfac81b982c82be43fec209b73be42b99b8c7a314b9052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 02:07:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 17:31:34 GMT
server: sffe
age: 292225
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311032
x-xss-protection: 0
expires: Fri, 29 Apr 2022 02:07:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 230ms
0ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6506
date: Sun, 02 May 2021 09:29:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 02 May 2021 11:29:55 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 709ms
130ms Script
application/javascript 13.224.106.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-54.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 10:58:57 GMT
via: 1.1 31a031d42a24d17f209d69933362ff3b.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1165
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: hzpUMfzUyWER2MmE3NdjkWXJpsiJb5kdC-oq-YSNU4FVTmeEv4QIbA==

GET
H2 200 XE2HG-7JMB7-G8PK7-FGR8K-V397H Show response
s.go-mpulse.net/boomerang/ Frame 8CB0 187 KB
47 KB 145ms
0ms Script
application/javascript 2a02:26f0:6c00:287::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/XE2HG-7JMB7-G8PK7-FGR8K-V397H
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:287::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:20 GMT
content-encoding: br
last-modified: Fri, 12 Mar 2021 05:33:41 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 47928

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
23 KB 821ms
141ms Script
application/x-javascript 2a03:2880:f050:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f050:f:face:b00c:0:3 Hamburg, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fff9d42b48b67b86f3f657418733d38176fa5eca4c13cf5f946f9ca410be4bd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: 7GleGeasptapwAOj9+iYYpvlaEpjjEvmWKQVu9GMblIugNTs7mdZdJ6tRKYb47/cW/yDALVB6VXinbg2VtdR1A==
x-frame-options: DENY
date: Sun, 02 May 2021 11:18:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 165 KB
39 KB 130ms
27ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/c65f4614dfc0196204b0f9505257c42b2d454846.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50b09ad439ff485aba8b9d97edfa65dbbd75adfdb69912aca7337c824a78bf96

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Apr 2021 13:36:50 GMT
server: cloudflare
age: 480764
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=691200
expires: Mon, 10 May 2021 11:18:20 GMT
cf-ray: 6490d929bf951782-FRA
cf-request-id: 09ce660e1000001782d48f3000000001
cf-bgj: minify

GET
H2 200 recorder.js Show response
rec.smartlook.com/ 27 KB
8 KB 1251ms
0ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://rec.smartlook.com/recorder.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

9f397390b25fe6c222d12e0fc16e0fdb45b56c1e50eb7bcdc170f4021b329bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AcO1rzWeBNjvAgEAAA==
date: Sun, 02 May 2021 11:18:22 GMT
content-encoding: br
etag: W/"607f5561-6d0b"
last-modified: Tue, 20 Apr 2021 22:27:45 GMT
server: CDN77-Turbo
x-77-nzt-ray: HG1MvQjDQ0U=
strict-transport-security: max-age=31536000
x-77-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
x-cache: HIT
x-age: 258
x-77-pop: frankfurtDE

GET
H/1.1 200
OK article.css
www.philstar.com/css/ 6 KB
2 KB 1856ms
267ms Stylesheet
text/css 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.philstar.com/css/article.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

3b22369cae5a85eb7cc8256622e6b2e5cad13c50549b7dd802d1e485ab6eb167

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1658
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Mon, 11 Jan 2021 21:52:04 GMT
Server: nginx
ETag: W/"5ffcc884-16ed"
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:24 GMT

GET
H/1.1 200
OK owl.carousel.css
www.philstar.com/css/ 1 KB
2 KB 725ms
147ms Stylesheet
text/css 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.philstar.com/css/owl.carousel.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

3c0bce2f4ff5da53b1e66e336f9bbd5748bdbfcc669d3b262d1aebccc73b1ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; cookies=cook; visitor=y
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:24 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 1074
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Wed, 06 Jan 2021 21:45:11 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
ETag: "5ff62f67-432"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:24 GMT

GET
H/1.1 200
OK owl.theme.css
www.philstar.com/css/ 1 KB
1 KB 706ms
192ms Stylesheet
text/css 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.philstar.com/css/owl.theme.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

c347861d38ccafeceaadb49821802b7994c0807c93d9fa0eadee4e07d8da5b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; cookies=cook; visitor=y
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 412
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Wed, 06 Jan 2021 21:45:10 GMT
Server: nginx
ETag: W/"5ff62f66-47c"
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:24 GMT

GET
H/1.1 200
OK owl.transitions.css
www.philstar.com/css/ 3 KB
1 KB 441ms
189ms Stylesheet
text/css 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.philstar.com/css/owl.transitions.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

59117bc67cd3b680bdd88f26509d943ff9aba9204874d2b228a8f1c18d094784

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; cookies=cook; visitor=y; _ga=GA1.2.706397866.1619954304
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 560
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Wed, 06 Jan 2021 21:45:11 GMT
Server: nginx
ETag: W/"5ff62f67-d94"
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:24 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 781ms
190ms Script
application/x-javascript 2a03:2880:f050:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f050:f:face:b00c:0:3 Hamburg, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

102fc03119b10efa5dc9050ad93bcfd89fb528d8c81457fc3ca2d21bb71ce24f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ppk7FZaNz+RvndmXasiAtw==
cross-origin-resource-policy: cross-origin
expires: Sun, 02 May 2021 11:34:39 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: YTrXTPyxwLyLdUrKVn5fGnGKJqleTXUhyMwCn6lFuWyV49XsOBXhhI5hoVT+zxd/tR1KkbMZndOkGOR3wtv7uQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: bb1522881f83fa3f4247ae59dfd88296
date: Sun, 02 May 2021 11:18:22 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "28fd7da41f5b62c467acf223b36feccb"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 platform.js Show response
cdn.vuukle.com/ 110 KB
30 KB 1179ms
0ms Script
application/javascript 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/platform.js
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d02c77325c7736fddb623d6729520978ef5b7fbf2d20c2b0a3cbdc2a397f56b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 69551
cf-polished: origSize=112502
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ce661763000096da1339f000000001
last-modified: Sat, 01 May 2021 15:58:07 GMT
server: cloudflare
etag: W/"608d7a8f-1b776"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=691200
cf-ray: 6490d9389cdd96da-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj: minify

GET
H2 200 pubads_impl_2021042801.js Show response
securepubads.g.doubleclick.net/gpt/ 300 KB
106 KB 930ms
0ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 08:37:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108145
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:22 GMT

GET
H2 200 zd_w_s_loading.css
60a6ae725fca.bitsngo.net/content/ 907 B
666 B 699ms
0ms Stylesheet
text/css 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/zd_w_s_loading.css?ver=4.0.v20210429050410.54719
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=73376741
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FAF) / ASP.NET
Resource Hash: df2f130ebaf879966d5e5e8e8623f57a217befe98549db88445fea1e2e1a5797

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:23 GMT
content-encoding: gzip
etag: "05f7098b43cd71:0"
last-modified: Thu, 29 Apr 2021 05:00:38 GMT
server: ECAcc (frc/8FAF)
age: 279046
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 470

GET
H2 200 jquery.tap.min.js Show response
60a6ae725fca.bitsngo.net/common-scripts/ 2 KB
1 KB 426ms
0ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/common-scripts/jquery.tap.min.js
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=73376741
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FFE) / ASP.NET
Resource Hash: 3d9b4c1e21f076d905f1b85a541dda587ee989d1516f1465c6c6ded005cb99a8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:23 GMT
content-encoding: gzip
etag: "048c04943ad71:0"
last-modified: Mon, 26 Apr 2021 12:02:24 GMT
server: ECAcc (frc/8FFE)
age: 513898
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 1130

GET
H2 200 zoomd.widget.loader.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/ 37 KB
13 KB 563ms
0ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/zoomd.widget.loader.min.js?ver=4.0.v20210429050410.54719
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=73376741
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FE8) / ASP.NET
Resource Hash: 6ceb80df4a2a09a64c6506bea46609e055f2043c2960b72a82e5e2388e016a86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:23 GMT
content-encoding: gzip
etag: "0e2c21cb53cd71:0"
last-modified: Thu, 29 Apr 2021 05:04:20 GMT
server: ECAcc (frc/8FE8)
age: 279046
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 12755

GET
H2 200 5e1420cc68a9ad001281e737.js Show response
buttons-config.sharethis.com/js/ 971 B
1 KB 726ms
0ms Script
text/javascript 2600:9000:2104:d200:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5e1420cc68a9ad001281e737.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:d200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad024d33b1f500f3bc9c86f48760eef99532704de3474cf012b05f834f1d852f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 02 May 2021 11:18:23 GMT
via: 1.1 362b298821815168614ba932732916eb.cloudfront.net (CloudFront)
last-modified: Wed, 08 Jan 2020 08:11:33 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: "b16ae3cf55102960da0ca0215b83919d"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 971
x-amz-cf-id: Sebp3lbuz16wJiNNQapnwiva9qIJ65mXDKJyOsQfmkB1laozshfQhg==

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 8CB0 51 B
323 B 524ms
36ms XHR
application/json 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=XE2HG-7JMB7-G8PK7-FGR8K-V397H&d=www.philstar.com&t=5399848&v=1.571.0&if=&sl=0&si=p99jldy4zl-NaN&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/XE2HG-7JMB7-G8PK7-FGR8K-V397H
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:19a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: de1d0e6831154c892bdcaa8ee9b684df41cec69a10640a740473000d49a0e7b1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 02 May 2021 11:18:23 GMT
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 51
Content-Type: application/json

GET
H3-29 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/ 62 B
83 B 293ms
57ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:04:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 17:53:46 GMT
server: sffe
age: 216819
vary: Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62
x-xss-protection: 0
expires: Fri, 29 Apr 2022 23:04:44 GMT

GET
H2 200 newsletter_signup.css
media.philstar.com/assets/newsletter/signup/ 3 KB
3 KB 1188ms
950ms Stylesheet
text/css 104.126.37.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media.philstar.com/assets/newsletter/signup/newsletter_signup.css
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiGHost /
Resource Hash: acb50104c4f8c09c8bbc9d36931eb6782745d067d18460a5fd4443bd70fca92e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:24 GMT
last-modified: Fri, 19 Feb 2021 13:01:10 GMT
server: AkamaiGHost
etag: "fa449bc60665db6f33ef08e66f4c8825:1613739676.442522"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-credentials: false
content-length: 3018
accept-ranges: bytes
access-control-allow-headers: *
mime-version: 1.0
expires: Sun, 02 May 2021 11:18:24 GMT

POST
H/1.1 200
OK Cookie set update_views.php Show response
www.philstar.com/ 4 B
1 KB 529ms
182ms XHR
text/html 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.philstar.com/update_views.php

Requested by

Host: www.philstar.com
URL: https://www.philstar.com/js/jquery-1.10.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

a4c3ed04a95a3da14a9d235c83d868bed7c0f45cf7f3faa751ee8f50598d2211

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://www.philstar.com
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Content-Length: 10
Pragma: no-cache
Host: www.philstar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Site: same-origin
Accept: */*
Referer
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 02 May 2021 11:18:24 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
X-Cache-Hits: 0
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 4
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/html; charset=utf8
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: cookies=cook; expires=Sun, 09-May-2021 11:18:24 GMT; path=/; HTTPOnly; Secure visitor=y; expires=Mon, 02-May-2022 11:18:24 GMT; path=/; HTTPOnly; Secure
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK jquery.jscroll.min.js Show response
www.philstar.com/js/ 4 KB
2 KB 527ms
170ms XHR
application/javascript 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.philstar.com/js/jquery.jscroll.min.js?_=1619954300123

Requested by

Host: www.philstar.com
URL: https://www.philstar.com/js/jquery-1.10.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

fcf79f11ac06bf4a318d0e6e1304020fb4dded4801f8126217aa52747968ee4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Transfer-Encoding: chunked
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 17 Jan 2019 09:20:03 GMT
Server: nginx
ETag: W/"5c4048c3-e45"
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:24 GMT

GET
H/1.1 200
OK owl.carousel.min.js Show response
www.philstar.com/js/ 23 KB
7 KB 525ms
168ms XHR
application/javascript 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.philstar.com/js/owl.carousel.min.js?_=1619954300124

Requested by

Host: www.philstar.com
URL: https://www.philstar.com/js/jquery-1.10.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; visitor=n
Connection: keep-alive
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Transfer-Encoding: chunked
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:01 GMT
Server: nginx
ETag: W/"5ac5b9f9-5d52"
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:24 GMT

GET
H3-29 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=signin2/exm=auth2,client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/ 11 KB
5 KB 337ms
149ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=signin2/exm=auth2,client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c3e99e02cad2cd57a9aab555e21ba1390e5a1f4deba308ac8a08da7b7a10f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 19:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 17:31:34 GMT
server: sffe
age: 403482
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4685
x-xss-protection: 0
expires: Wed, 27 Apr 2022 19:13:41 GMT

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame 6CDB 2 KB
1 KB 531ms
0ms Document
text/html 2600:9000:2104:8600:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8600:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Sun, 02 May 2021 10:49:17 GMT
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: Z3OrG4EPvn3l938bn6-HSqsmF97GXiSsPJ-HTjlxh_LzLXC-Y07EPQ==
age: 1747

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 8F37 416 B
798 B 287ms
0ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1619954162.88629"
last-modified: Sun, 02 May 2021 10:54:42 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Sun, 02 May 2021 11:18:24 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1619954304~rv=39~id=3bae9841cd70e47c82b71edd215d13b4; path=/; Expires=Sun, 02 May 2021 11:18:24 GMT; Secure; SameSite=None

GET
H/1.1 200
OK d3d3LnBoaWxzdGFyLmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
461 B 446ms
47ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnBoaWxzdGFyLmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:24 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=9251
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: e454a69dce3b66cd43a0f015b92053db
Content-Length: 15
Expires: Sun, 02 May 2021 13:52:35 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
451 B 449ms
0ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=9.366282528365849
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:24 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Tue, 01 Jun 2021 11:18:24 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 77ms
65ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=516027297&t=pageview&_s=1&dl=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&ul=en-us&de=UTF-8&dt=DOJ%3A%20Solgen%27s%20office%20looking%20into%20reported%20data%20breach%20%7C%20Philstar.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=535372243&gjid=823314784&cid=706397866.1619954304&tid=UA-42723673-1&_gid=1685062422.1619954304&_r=1&_slc=1&z=1639250887

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 May 2021 11:18:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.philstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
339 B 213ms
58ms Image
text/plain 13.224.106.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=8100059&ns__t=1619954304953&ns_c=UTF-8&cv=3.5&c8=DOJ%3A%20Solgen%27s%20office%20looking%20into%20reported%20data%20breach%20%7C%20Philstar.com&c7=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&c9=
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-54.mad50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:25 GMT
via: 1.1 31a031d42a24d17f209d69933362ff3b.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: lVx0inD-9GjZbUxwZwNGqd-iTKcN68Do87ZTIDvfx83bX-HAzSpKwg==
x-cache: Miss from cloudfront

GET
H3-29 200 1894659447519136 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 180ms
130ms Script
application/x-javascript 2a03:2880:f050:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1894659447519136?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f050:f:face:b00c:0:3 Hamburg, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

107c7d3fb19c3c6f6b1b61b8466cb867b5d3b6010213a4cb8fda2a23034ab544

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: UqG0TmO6z5w94+M6rCMkEMUfMzhOv41Rsvq27TVxt66JNptTl41wsX61TWwRAER157hdzzz7sB5vIHyTAYGzrg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Sun, 02 May 2021 11:18:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 211 KB
62 KB 87ms
49ms Script
application/x-javascript 2a03:2880:f050:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=4a0f2cdd0992e30f9d0f3da18a33797f&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f050:f:face:b00c:0:3 Hamburg, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

778b2f41cbafa94cbeefe4ca0ed657d018f268db474e9d78a6f8813f2d04df31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.philstar.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: p9JQJJ8/UvBORERK2zxJEQ==
cross-origin-resource-policy: cross-origin
expires: Mon, 02 May 2022 10:07:35 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 63631
x-fb-rlafr: 0
x-fb-debug: iCFCbwtycl+4a/7uxzKSWpDYcSquXCOqt7q+bv86+4EaWr1rtU4+iObLhkY4rNoTDu6VCOrYVvf8sO+JX8xnFA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: b2ef7b39c8e2f490531745e331d21cd5
date: Sun, 02 May 2021 11:18:25 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d3a04e22c2f81eb751161660b5a628ec"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 bq-publish Show response
publish.vuukle.com/ 0
433 B 3208ms
161ms XHR
text/plain 2606:4700:10::ac43:1695
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publish.vuukle.com/bq-publish?callback=&{%22action%22:%22view_page%22,%22hashed_email%22:%22$3d4d0d-2384-4f58-9c93-206ad481545b%22,%22hostname%22:%2275f932c6-b01d-490e-bae9-2a145b13e07d%22,%22pubdomain%22:%22philstar.com%22,%22refDomain%22:%22%22,%22sessionId%22:%22cb9f2384-cc17-4e84-a09d-0be1a134c23e%22,%22version%22:%224.20%22,%22articleImg%22:%22%22,%22articleTitle%22:%22DOJ:%20Solgens%20office%20looking%20into%20reported%20data%20breach%22,%22article_id%22:%222095356%22,%22hashed_article_url%22:%22https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk%26_hsmi%3D88974744%22,%22referrer%22:%22%22,%22tags%22:%22%22,%22browser%22:%22Chrome%22,%22device%22:%22Desktop%22,%22os%22:%22Windows%22}&_=1489139930741

Requested by

Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1695 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: https://www.philstar.com
access-control-allow-credentials: true
cf-request-id: 09ce662c7a000063bf59290000000001
cf-ray: 6490d95a5e3463bf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1

GET
H3-29 200 philstar.com.json Show response
cdn.vuukle.com/ads/ 16 KB
2 KB 370ms
209ms XHR
application/json 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/ads/philstar.com.json
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88e69708d67f5eb17d71a92f6ef0f56e96bd2e29b3040cc2db5902c3199d6c31

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 May 2021 11:18:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 01 May 2021 15:50:02 GMT
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
etag: W/"608d78aa-418c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cf-ray: 6490d95d0f300746-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ce662e210000074657037000000001

GET
H2 200 prebid3.js Show response
cdn.vuukle.com/static/ 349 KB
96 KB 442ms
69ms Script
application/javascript 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/static/prebid3.js
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57633c7d26f5a8ff45750245d8c7a21a6031e9b98b97d33cc59c88a1ef3b425d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:25 GMT
content-encoding: br
cf-cache-status: HIT
age: 162559
cf-polished: origSize=450097
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ce66226c000096daff009000000001
last-modified: Fri, 30 Apr 2021 14:01:27 GMT
server: cloudflare
etag: W/"608c0db7-6de31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=259200
cf-ray: 6490d94a4c9096da-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj: minify

GET
H2 200 index.html Show response
cdn.vuukle.com/widgets/ Frame 8686 8 KB
3 KB 518ms
204ms Document
text/html 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/widgets/index.html?amp=false&apiKey=75f932c6-b01d-490e-bae9-2a145b13e07d&host=philstar.com&articleId=2095356&globalLang=en&img=https%3A%2F%2Fmedia.philstar.com%2Fphotos%2F2021%2F05%2F02%2Fjose-calida-solicitor-general2018-05-1518-46-41_2021-05-02_16-12-32.jpg&lang=en&title=DOJ%3A%20Solgen%27s%20office%20looking%20into%20reported%20data%20breach&url=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk%26_hsmi%3D88974744&emotesEnabled=true&d=false&l_d=false&totWideImg=false&link=https%3A%2F%2F%5Burl%5D&hideArticles=false&maxChars=3000&gr=false&hideCommentBox=false&hideCommentBoxWithButton=false&hideCommentsWidget=false&wpSync=false&isCustomText=false
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d65f6f55c2c499218627e41eba6e81e5cb3d92c5aa0e5e348dae473ff695deb

Request headers

:method: GET
:authority: cdn.vuukle.com
:scheme: https
:path: /widgets/index.html?amp=false&apiKey=75f932c6-b01d-490e-bae9-2a145b13e07d&host=philstar.com&articleId=2095356&globalLang=en&img=https%3A%2F%2Fmedia.philstar.com%2Fphotos%2F2021%2F05%2F02%2Fjose-calida-solicitor-general2018-05-1518-46-41_2021-05-02_16-12-32.jpg&lang=en&title=DOJ%3A%20Solgen%27s%20office%20looking%20into%20reported%20data%20breach&url=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk%26_hsmi%3D88974744&emotesEnabled=true&d=false&l_d=false&totWideImg=false&link=https%3A%2F%2F%5Burl%5D&hideArticles=false&maxChars=3000&gr=false&hideCommentBox=false&hideCommentBoxWithButton=false&hideCommentsWidget=false&wpSync=false&isCustomText=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:27 GMT
content-type: text/html
set-cookie: __cfduid=daf09f4fd4e0cd292f04a435d972eb6df1619954307; expires=Tue, 01-Jun-21 11:18:27 GMT; path=/; domain=.vuukle.com; HttpOnly; SameSite=Lax
last-modified: Wed, 28 Apr 2021 11:21:27 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=259200
cf-cache-status: MISS
cf-request-id: 09ce662a78000096da1fbd5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6490d95729a496da-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK loader.gif
www.philstar.com/images/Home/ 54 KB
55 KB 318ms
301ms Image
image/gif 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.philstar.com/images/Home/loader.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

2177facbb4a68594d9eefff6fb10f48f03f19fb90dcc1e2f69edf90889f4b109

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; cookies=cook; visitor=y; _ga=GA1.2.706397866.1619954304; _gid=GA1.2.1685062422.1619954304; _gat=1; uid-s=53d4d0d-2384-4f58-9c93-206ad481545b; vsid=cb9f2384-cc17-4e84-a09d-0be1a134c23e
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:25 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 55605
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:12 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
ETag: "5ac5ba04-d935"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:25 GMT

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 49 KB
20 KB 2689ms
0ms Script
text/javascript 185.59.220.199
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: BunnyCDN-DE1-722 /
Resource Hash: 4f65c38ed3681b49cf4f86c0e1fcd4143fa78015121b20e69e11c1c422dd0bfa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:28 GMT
content-encoding: br
cdn-edgestorageid: 632
cdn-cachedat: 2021-05-02 13:07:04
cdn-pullzone: 62714
cheq_headers_order: Content-Type Cache-Control Expires Etag Date Connection Content-Length
server: BunnyCDN-DE1-722
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: 2642aeaf-0ebf-4c43-9f87-c153981605b2
cache-control: public, max-age=43200
cdn-requestid: 954049015b94e63481aecc25040fd9e8
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
313 B 63ms
26ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.philstar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 62ms
26ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.philstar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 213 KB
32 KB 806ms
801ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1031249435209966&correlator=2352716153739453&output=ldjh&impl=fifs&eid=31060923%2C31060939&vrg=2021042801&ptt=17&sc=1&sfv=1-0-38&ecs=20210502&iu_parts=1015401%2CPStar_Headlines_LeaderboardAd_728x90%2CPStar_Headlines_Medallion1_300x250%2CPStar_Headlines_Medallion_300x250%2CHeadlines_Skinning_Left%2CHeadlines_Skinning_Right%2CMobile_Interstitial%2Cpstar_headlines%2CPStar_Headlines_Article_300x250%2CPSTAR_Headlines_Leaderboard-InArticle%2CPSTAR_Outstream_Headlines&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10&prev_iu_szs=970x250%7C970x90%7C728x90%2C300x600%7C300x250%7C160x600%2C300x600%7C300x250%7C160x600%2C160x600%2C160x600%2C1x1%2C300x250%7C336x280%2C600x250%7C600x100%7C468x60%7C336x280%7C300x250%2C300x250%7C336x280%7C1x1&cookie_enabled=1&bc=31&abxe=1&lmt=1619954306&dt=1619954306011&dlt=1619954299521&idt=6233&frm=20&biw=1600&bih=1200&oid=3&adxs=273%2C650%2C650%2C-985%2C0%2C800%2C650%2C500%2C650&adys=1349%2C7268%2C8576%2C20%2C620%2C11163%2C2767%2C3585%2C2425&adks=1363492021%2C1770137171%2C631293762%2C3851023446%2C868786206%2C3311988707%2C2236800450%2C2941060358%2C548491182&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1055x280%7C1600x600%7C1600x600%7C2585x600%7C2585x600%7C1600x11163%7C1600x250%7C1600x250%7C1600x250&msz=1055x250%7C1600x600%7C1600x600%7C2585x600%7C2585x600%7C1600x1%7C1600x250%7C1600x250%7C1600x250&ga_vid=706397866.1619954304&ga_sid=1619954306&ga_hid=516027297&ga_fc=false&fws=1024%2C1024%2C1024%2C1024%2C1024%2C1024%2C1024%2C1024%2C1024&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

21ea39dd7c25c2f3ee69f870533bd3a26ad860dc10118b16f0b20f585712c020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33130
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,5677270987,5677905968,5382498872,5313385148,5381166958,4748033170
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,138347630280,138348058849,138312557955,138326579498,138312849691,138326005020
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.philstar.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
3c737d6f5a7d38bc7f689be660bd9ec1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 1127ms
40ms Other
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3c737d6f5a7d38bc7f689be660bd9ec1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 808ms
56ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 uuid.min.js Show response
cdnjs.cloudflare.com/ajax/libs/node-uuid/1.4.8/ 2 KB
1 KB 51ms
2ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/node-uuid/1.4.8/uuid.min.js

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=73376741

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87b3e2271b71b1fefe56400637a37ef3fd2a66b84aee860973fa60b839d8262e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1746054
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1095
cf-request-id: 09ce6624b900004d844017b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1wKUCUg2aQKfid3Bb028bEUEaHEVdmwpMupuTCJ8vpX136wfZeeYSiz2W9P%2BMTGUteROZWrddpw5a34mmpEoe1EWXI%2F6F3UqatKudfg6t0vcnbGy2eP71rZvLWhzM5rswA%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6490d94deac94d84-FRA
expires: Fri, 22 Apr 2022 11:18:26 GMT

GET
H/1.1 200
OK burger.png
www.philstar.com/images/ 107 B
920 B 161ms
160ms Image
image/png 184.95.61.50
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.philstar.com/images/burger.png

Requested by

Host: www.philstar.com
URL: https://www.philstar.com/css/style.min_202008-20.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.95.61.50 , United States, ASN20454 (SSASN2, US),

Reverse DNS

Software

nginx /

Resource Hash

4e8f73a3f8ef501451c378907d4817b002845b355e8d666d6c4e73d067339671

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.philstar.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Cookie: PHPSESSID=9eq3hpq54v67o290sgpoc20ll5; oreo=efyrrhbu41yyfj5qf3p8wvhkjbc9nxeilx82p7vhyjpvlv2ti; cookies=cook; visitor=y; _ga=GA1.2.706397866.1619954304; _gid=GA1.2.1685062422.1619954304; _gat=1; uid-s=53d4d0d-2384-4f58-9c93-206ad481545b; vsid=cb9f2384-cc17-4e84-a09d-0be1a134c23e
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:26 GMT
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 107
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Apr 2018 05:54:24 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://cms.philstar.com/ ALLOW-FROM https://www.philstar.com/ ALLOW-FROM http://www.interaksyon.com/
ETag: "5ac5ba10-6b"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/png
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: max-age=21600, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=2
Expires: Sun, 02 May 2021 17:18:26 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
15 KB 20ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: www.philstar.com
URL: https://www.philstar.com/css/fonts.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.philstar.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 03:56:49 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:55 GMT
server: sffe
age: 199297
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15784
x-xss-protection: 0
expires: Sat, 30 Apr 2022 03:56:49 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
15 KB 19ms
13ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: www.philstar.com
URL: https://www.philstar.com/css/fonts.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.philstar.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 4488
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Mon, 02 May 2022 10:03:38 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
15 KB 19ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.philstar.com
URL: https://www.philstar.com/css/fonts.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.philstar.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 03:57:03 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 199283
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Sat, 30 Apr 2022 03:57:03 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 16 KB
16 KB 45ms
10ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.philstar.com
URL: https://www.philstar.com/css/fonts.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.philstar.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 4488
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Mon, 02 May 2022 10:03:38 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 1682ms
101ms XHR
application/json 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1619954306781&sessionId=32d6e1af-d252-e3e3-f175-03156fd02640&url=www.philstar.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 May 2021 11:18:28 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: d5aee16afeb06492df27424e4b5e4727
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 26 KB
10 KB 1676ms
249ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk%26_hsmi%3D88974744&idx=0&rand=97127&key=NANOWDGT01&widgetJSId=GS_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=32d6e1af-d252-e3e3-f175-03156fd02640&fdu=www.philstar.com&px=309&py=4761&vpd=3561&cw=638&settings=true&recs=true&version=2000324&sig=G5Ws7TiA&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 938b7a54d31bdd7eabc658b883fdff30caffbec4b3525d42e2272db3ed802d3a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:28 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, FRA, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.75.39
x-cache-hits: 0, 0
x-traceid: f3b81bd8abb3cf438b1a1b8ee007bda2
content-encoding: gzip
content-length: 9695
x-served-by: cache-mdw17339-MDW, cache-fra19151-FRA
x-timer: S1619954308.243359,VS0,VE339
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 29A6 513 B
636 B 87ms
42ms Document
text/html 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa146c857e44f47f2a55d02494c4f766db5d906ef1fc403cd30c070c01a4d7b0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7fxJjVSJJ0IxFUdog/jrdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=214=qq1D2UNb5kenYK1Psf-RQA4VhepRHLX3Cii2qlruuHTfSJsqXYAIiyu3eY6z4XJ4DgwUv6JbO83mUkcGGVYla6JRHGcuP_ApJreX_jhRQEPeHhQ3iCfT7yjihuudyg8p1rX_UUCBq3AkAihII6UgfZ06QIAaEmbSnmo54TyVFGk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 02 May 2021 11:18:27 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-7fxJjVSJJ0IxFUdog/jrdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amang-rodriguez-hospital-marikina_2021-03-30_21-26-4828_tn.jpg
media.philstar.com/photos/2021/03/30/ 24 KB
24 KB 756ms
755ms Image
image/jpeg 104.126.37.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.philstar.com/photos/2021/03/30/amang-rodriguez-hospital-marikina_2021-03-30_21-26-4828_tn.jpg
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiGHost /
Resource Hash: 231cd86d1cf917a85fbfc28b15641400cacb665cf96fc1961d6ea53c1b405c7e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:27 GMT
last-modified: Tue, 30 Mar 2021 13:27:48 GMT
server: AkamaiGHost
etag: "1ca30f50739e34a37a03ef89f4aaa143:1617110868.410428"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-credentials: false
content-length: 24266
accept-ranges: bytes
access-control-allow-headers: *
mime-version: 1.0
expires: Sun, 02 May 2021 11:18:27 GMT

GET
H2 200 hospital_2021-03-17_22-06-07261_tn.jpg
media.philstar.com/photos/2021/03/17/ 16 KB
16 KB 43ms
42ms Image
image/jpeg 104.126.37.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.philstar.com/photos/2021/03/17/hospital_2021-03-17_22-06-07261_tn.jpg
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiGHost /
Resource Hash: e2e79eaef827a5b999616cdf1ae3e9a6c946f8c8c566fea2a66c1d8b8b52a9cd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:27 GMT
last-modified: Wed, 17 Mar 2021 14:07:54 GMT
server: AkamaiGHost
etag: "4f495e24540938f122ea8d35209f36bc:1615990074.049164"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-credentials: false
content-length: 16026
accept-ranges: bytes
access-control-allow-headers: *
mime-version: 1.0
expires: Sun, 02 May 2021 11:18:27 GMT

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
680 B 1083ms
0ms Image
image/svg+xml 2600:9000:20c8:ca00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/facebook.svg
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:ca00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 10 Apr 2021 10:28:41 GMT
via: 1.1 a72068a5d77ecba7daccda339a668499.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1903788
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
content-length: 301
x-amz-cf-id: FhTvQvLMEqeTFXVqp7f1dmkxWtzTNw5hfaAXaHHlQI-CNk0xNFOyWA==

GET
H2 200 messenger.svg
platform-cdn.sharethis.com/img/ 372 B
751 B 1126ms
0ms Image
image/svg+xml 2600:9000:20c8:ca00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/messenger.svg
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:ca00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 06 Apr 2021 22:47:03 GMT
via: 1.1 a72068a5d77ecba7daccda339a668499.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2205086
etag: "a5aa43fa302867d3e888ac2f69b7b288"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
content-length: 372
x-amz-cf-id: ev9by47HEiGjIoj_YPjy71yJu1tNOa5om4hvsckZvQ84FJAJQmSRug==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 1126ms
0ms Image
image/svg+xml 2600:9000:20c8:ca00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/twitter.svg
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:ca00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 18 Apr 2021 08:42:39 GMT
via: 1.1 a72068a5d77ecba7daccda339a668499.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1218950
etag: "0af2fb38987598376c99e21af17ade45"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
content-length: 731
x-amz-cf-id: g_b5d5-sVYqRMxGhHKVUgHxetK0TPUsLuSefx0ZJe5tGHyzrp00jxA==

OPTIONS
H3-29 204 philstar.com.json
cdn.vuukle.com/ads/ Frame 0
0 3148ms
292ms Preflight 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/ads/philstar.com.json
Protocol: H3-29
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.philstar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 02 May 2021 11:18:28 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-request-id: 09ce662c20000007460c3e2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6490d959cfcb0746-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 19ms
17ms XHR
text/plain 2a00:1450:400c:c02::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-42723673-1&cid=706397866.1619954304&jid=535372243&gjid=823314784&_gid=1685062422.1619954304&_u=IEBAAEAAAAAAAC~&z=1034074918

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 02 May 2021 11:18:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.philstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 37ms
19ms Image
image/gif 2a03:2880:f150:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1894659447519136&ev=PageView&dl=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&rl=&if=false&ts=1619954307673&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1619954307669.13105419&it=1619954304990&coo=false&rqm=GET

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f150:82:face:b00c:0:25de Hamburg, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 02 May 2021 11:18:27 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame 665A 190 KB
55 KB 608ms
0ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 420479
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 665A 12 KB
5 KB 668ms
122ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 420479
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 665A 87 KB
27 KB 524ms
4ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 420479
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 665A 27 KB
9 KB 591ms
71ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 420479
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 665A 40 KB
13 KB 600ms
82ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 420479
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
DATA 200
OK truncated
/ Frame 665A 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7adb4550aebd815ad2191c2d641a1786ef17b0df38b0d0504b568859751d43c0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 15568870889694092240
tpc.googlesyndication.com/daca_images/simgad/ Frame 665A 130 KB
130 KB 358ms
0ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15568870889694092240

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1533bdcee401a95b88bb993db9eb843f5bfbf205e0c849216a7cf21a763713a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 03:07:50 GMT
x-content-type-options: nosniff
age: 288638
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132819
x-xss-protection: 0
last-modified: Sat, 13 Feb 2021 19:25:12 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 03:07:50 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 665A 2 KB
3 KB 324ms
0ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 26352
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 03 May 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 665A 295 B
319 B 270ms
56ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 22471
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 03 May 2021 05:03:57 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 665A 0
0 382ms
0ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRajRt2ZRZoxkNAUP-s_bax7fyk5_wrXj5jDNXw3e7lM02-hzfKC-DmdiA6g-HAkXkJYN291TJ8TPOeUzudM3_izpaDtg
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 665A 0
0 362ms
121ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CL62VgoqOYKH5Dcirx_APlpWEqAnWtrS3YoX7wJyGDb_hHhABIMOF_i1gkYSThfwXoAHtxYvhA8gBAqkCDkyD0ocqtD7gAgCoAwHIAwiqBNcDT9A3C-xxOfstSCqdtGXG_cRcCRGih-a1QRHJ-TUUf26wCBOsp133XyaNI3caX8JQe4VDvqGJ61mzMItNzarNU5yyjVfRuUN_5h95MWFM1pqNIIhapMftyAMAPUzD2UYaxZ0NB9oeaRL7cLPmq1lVFw0F3_StGqdvasmZDij25eA7hutfmf77w82RPJHo51uLDUbXnjOQHbozxsKBpQ_UHKtVb-J7CpMtAPv5hoT6h2G4CweirCIacsHu_hulKatSrorBEoIv2FhDeytaoyNrdGrXmex03ZldgVCbblfnyVCnUUP_Czsu42B0fN3lSU9vIlN9Gq6ytaZ-m1MpgO-TMgGgX84yVAoHYoSNFyEdZ6j5aJfC_ex9gFZkaOWhWUQ5u8rw-dJ8Mf9cypE3NQAdQrjYk2FoHk5IUazNo4QvSiBMFReyJbtzPKtuJ6Oge2o8GF0iUjUcIv50DCQFWhi-KO0xsNoBaSqgepjp2mUsERRXWpDIcQ5lIJFH9183LPpwT1mz4lbzF4AUIz9XRzVqnjh0hEofJwONqLK3SxVE_iPPMZt3O9FhUfipXRMx-3iOhdGjxsSoy3fGJUZiiugtqQ1P1vve4gZknYmjv2-3znovxIpymah6wATG_vTnkAPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH89GZL6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDqyBbSCAkIgOGAEBABGB2ACgPICwHYEwyyFxoKGAgAEhRwdWItMjE1ODU5MDIzMjY1MTYzMw&sigh=vu8yUOt2GUQ
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 396ms
19ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-42723673-1&cid=706397866.1619954304&jid=535372243&_u=IEBAAEAAAAAAAC~&z=1334171430

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 11:18:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 324ms
31ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-42723673-1&cid=706397866.1619954304&jid=535372243&_u=IEBAAEAAAAAAAC~&z=1334171430

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 11:18:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

rd
l.sharethis.mgr.consensu.org/
Redirect Chain

https://l.sharethis.com/pview?event=pview&hostname=www.philstar.com&location=%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach&product=inline-share-buttons&u...
https://l.sharethis.mgr.consensu.org/rd?rurl=https%3A%2F%2Fl.sharethis.com%2Fpview%3Fcms%3Dsop%26description%3DThe%2BOffice%2Bof%2Bthe%2BSolicitor%2BGeneral%2Bis%2Blooking%2Binto%2Ba%2Breported%2Bd...

0
0

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 8F37 610 B
992 B 301ms
23ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/test.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1619954163.618632"
last-modified: Sun, 02 May 2021 10:54:42 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Sun, 02 May 2021 11:18:28 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1619954308~rv=26~id=fea639ddc5a61cd4cbed163f24f71c2e; path=/; Expires=Sun, 02 May 2021 11:18:28 GMT; Secure; SameSite=None

GET
H2 200 geo.json Show response
get.geojs.io/v1/ip/ 377 B
1 KB 75ms
28ms Fetch
application/json 2606:4700:20::ac43:46e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get.geojs.io/v1/ip/geo.json

Requested by

Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:46e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc90a3635fbad206033aece40586372df3885b9288665c3bce9dcae328a9c1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ce66310000004eaac7bf3000000001
x-request-id: 176ed2eccac34b79dd4cb9ba00a624ea-AMS
x-geojs-location: AMS
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z8QwJ59zmUTvNARGergzRxi9jVKEcr%2BHruCh51tBGeMPTA%2F6tT07i4Fenm%2Bptxc6fu7BuNl2gO4J9kEVMtxLssJW2JE2bvLGtBUj2fUM547tJ6MhaQaVYSU%3D"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
cf-ray: 6490d9619dc74eaa-FRA

GET
H3-29 200 philstar.com.json Show response
cdn.vuukle.com/ads/ 16 KB
2 KB 201ms
193ms Fetch
application/json 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/ads/philstar.com.json
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88e69708d67f5eb17d71a92f6ef0f56e96bd2e29b3040cc2db5902c3199d6c31

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 01 May 2021 15:50:02 GMT
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
etag: W/"608d78aa-418c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cf-ray: 6490d96169760746-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ce6630dd00000746c72c7000000001

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame 1612 190 KB
54 KB 126ms
54ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 420480
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 1612 12 KB
4 KB 82ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 420480
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 1612 87 KB
27 KB 80ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 420480
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 1612 27 KB
9 KB 164ms
100ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 420480
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 1612 40 KB
13 KB 197ms
139ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 420480
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1612 2 KB
2 KB 66ms
29ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 26353
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 03 May 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1612 295 B
319 B 130ms
75ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 22472
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 03 May 2021 05:03:57 GMT

GET
DATA 200
OK truncated
/ Frame 1612 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d295cbe94c0eae1608d31cffcfb60da6a4d4dfde42f1f71b251f7cc265c5055

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame D650 190 KB
54 KB 84ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 420480
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D650 12 KB
4 KB 80ms
48ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 420480
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D650 87 KB
27 KB 81ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 420480
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D650 27 KB
9 KB 93ms
60ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 420480
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D650 40 KB
13 KB 93ms
61ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 420480
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D650 4 KB
695 B 4159ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=nl

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 May 2021 11:08:11 GMT
server: ESF
date: Sun, 02 May 2021 11:18:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 May 2021 11:18:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D650 4 KB
695 B 4157ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 May 2021 10:12:41 GMT
server: ESF
date: Sun, 02 May 2021 11:18:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 May 2021 11:18:34 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D650 2 KB
2 KB 170ms
61ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 26353
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 03 May 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D650 295 B
319 B 87ms
59ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 22472
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 03 May 2021 05:03:57 GMT

GET
DATA 200
OK truncated
/ Frame D650 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55df090dcb693f9306078ca11fc84514a5f487fedfd8534dfa0f7121b36f5190

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D3F5 0
0 298ms
146ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0KZUvah_ieoRbQiTJSp_rEjxgcRzqSvBcwlussb8ui5Pb1cIx7GeJBY0ejmPBXWHUZeKSLzDf0YK50RBXTohLJ-aobJSWwBFha0jf4UskJFJHrCN8QWtODT6LfkwIkFcHDa5x41o9_SGIObTtci5WZgXIt9Y9WUxHHiSvd87Ng59sIq6T8nCBL6E7BhQ9RcIfSZLM_MfcS3xi8G-M80_KuI6Py1Eqip-jJ0eE0t6SYbdHsQPg70s463RY1Z300-mTPONwCDPM6ipV82VbBvKh6D8aeH7MnL3-NkXeFCcxMejI090lflMecCxy&sig=Cg0ArKJSzEDkl9tnusVoEAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame D3F5 2 KB
1 KB 275ms
101ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 May 2021 11:13:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D3F5 116 KB
35 KB 4231ms
0ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:34 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame D3F5 0
0 274ms
74ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRP26s5uqlLul7uXoqavxXOUSEYDz8o6JxkLYhnC1bccud6AQlg3cUHav-kSQTZz5iL8AVk4Iwv9P9fHNoM8VzfN0oIPA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 13022900363265684164
tpc.googlesyndication.com/simgad/ Frame D3F5 142 KB
142 KB 372ms
172ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13022900363265684164

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e66cb323ba822e8ba3b18981d3acf5395b581528bc15e62695d0aa060fb5bbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 08:14:07 GMT
x-content-type-options: nosniff
age: 443063
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145266
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 06:44:59 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 08:14:07 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame BCDF 0
0 249ms
120ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstw_vkJw-HfNnitEQQ2LTqtmTImkN_x_CwEvn0GyaMbFH_KrE-cl0QzNIiuDfBV5jLgQXBpb2wLz5ImcSyMcIFVcnW0g6ijTSkvNbNnp0o4v2xSFVPTg2x0PSuax4_fn9ejq8tZaoGbTOVSzcwC-95FE6FTOeS8_OG3oERk0YxfMZDhKu_MJf_xG3N9YKQnft3_K7XlzqYjR4PW_Ms_BXJrY9ilfmPwjRsktwthteaXItu_7dI8WYTakY0b1YqiQDNyUwJwj-tMaP-UysMTztfjJ-Hc12ykNtFDKa9DDZiYSTU9TJxCKEIyHDLaTw&sig=Cg0ArKJSzBgL_kA6RuLSEAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame BCDF 2 KB
1 KB 270ms
167ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 May 2021 11:13:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BCDF 116 KB
35 KB 4185ms
27ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:34 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame BCDF 0
0 571ms
303ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQr3vOc0HA7gTagKLOxt0Giy44Jal7BEMInl1tMG2DYEyA8A4FXqb6QoGxer3-x1p8snd2xPRI4cZdRuLdExI0Dpjl_Lw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 7735008920498140779
tpc.googlesyndication.com/simgad/ Frame BCDF 147 KB
147 KB 598ms
169ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7735008920498140779

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8392718463558d3409df1ba47a9a37fa8fe45b437ca1a06f4bdc3d99a77c4bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 08:14:07 GMT
x-content-type-options: nosniff
age: 443063
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150136
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 06:49:12 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 08:14:07 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8B85 0
0 401ms
244ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPEp5_eB5RDjKIJFCGLbgp0C8_oTrU8-edCj2s36vYW5g-_Crqci8DTv1r_L-Joax80ckTZjtjTtIcWAMBhmmCdRB4xiEPOnGissLChVk87O4BmeWsyeOIDbWe8PVmu_ckEENC1WYSD5ZeyU128rQ0b0P7ENhaUDiQ2ZyxmcqvMBEI_cmnPiKLsg4XEuhD1i_ZLTEHoOwi2lxSnVDgczVB7pdCZms_c_ku8w8x9rFutBqybOjJ54DRsVutKzH3E1zlHyu9ZqrUoW45cfuEybtwlRxyILkOAoWkANxFJl4cfVMRbDEH4mAqUajRZqH4KsXXqTVxeje5q__zfGIvP6lD0FYnI2HrcJ_iYhDGv3Kp0k7WZ_y_Ew&sig=Cg0ArKJSzFNJF6gcE9gKEAE&urlfix=1&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ftags.php Show response
adsuite.adsparc.net/includes/ads/ 12 KB
4 KB 9510ms
110ms Script
application/javascript 3.208.237.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adsuite.adsparc.net/includes/ads/ftags.php?pubId=23&tagId=341
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVxHVd7tj0GZW2y9nkp8ksYxZW8XrjSc4r4MC8MhPPSr2-HwrV1-WJV7CgQrxW6R1FRm8KLPtZW5xZC4s5S2X6FVGx85n30skMKW5Lkd3s5g62MfW6N0TyR5v7VM6W97T-fp2S1d6YW8qHFW46j-cKrW97pXqW812fjgW1NJ8SD37vbM1W5Ns28j2VZ_1SV6DnhS2mrLZJVKZdS97ZN8j9W4j2hgg5Jt9LSN7xkxPV6lN5wW5T36Lf4Q_KwyW7nlwSr5P51SfW7kZs6w6FSqpmW4GQ3Q32J9Y7kW7h591n3NpQ3_W2BtfV53KCJLRW26MGHm4cZ_djW53QhNw8rl4V-W2Fnhq815Gg8bN3vMsDQNjFyjW1fPD9p8jq_QCN1496wq_0P2t369N1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.237.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-237-232.compute-1.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 177db5b813032e959e473481e7f39c2c98acb9ea6f0612d75180bfd0a58dae53

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 11:18:39 GMT
content-encoding: gzip
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-length: 3452
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B85 116 KB
35 KB 4117ms
35ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:34 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame EA81 0
0 517ms
354ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWl4pjdCrE4-jCH70415cYmb0_d6dCA98co6PZ-9AWCCNDqGyTTxwlk2MnjtaCZNU0ApEspupUSPshTdih_PCAhj06OE2bkiq_1lF1-CDUTLiMXGuK_5Sz8FaxAbcuqxRHhoBM_xptCiac32R9rpiMqdZR9FhewG0QAULnJ76-gSdTn0UCOQdYievNLiMk3XVVwNvxUeLZidxtYu3ojsz5pYTbMfvZhWz1x8JOvQygIvRfJSRTl8DPKVZGRul6liwYvVZsEzkojDCctjSkubHuNGv4vMsLZMYZPpV8rCTkmMR8VbfOoclgGMN87wRN5KoSuuYTV8c4QIehAyRlKev_ZxHhZg&sig=Cg0ArKJSzE2RMoCaLwtdEAE&urlfix=1&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK Philstar.com_Desktop_IBV_336x280_DFP_Rev70_0410_18.Js Show response
play.vidcrunch.com/5b59760c073ef46a2e6b8f13/5d970b5328a06104341b4d17/ Frame EA81 5 KB
3 KB 7969ms
131ms Script
text/javascript 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://play.vidcrunch.com/5b59760c073ef46a2e6b8f13/5d970b5328a06104341b4d17/Philstar.com_Desktop_IBV_336x280_DFP_Rev70_0410_18.Js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: dbc1397125f8ae876f3b740d568ce55631c623131e0018581e96b06bfbf2117b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:38 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ABg5-UxfWs25nL2lsfxrABdjdvp_5vhOT8EI7m8D3WqaSkqCnV6ODBCGTRLs1W9kTLQOUNi1NKUKZcQ7YLpMZtxeE3JOEeXXog
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 2028
Last-Modified: Wed, 21 Apr 2021 08:39:08 GMT
Server: UploadServer
ETag: "8d77163ed56807c7b8a23537b8925f08"
Vary: Accept-Encoding
x-goog-hash: crc32c=ZgDV6A==
x-goog-generation: 1618994348466153
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=1800
x-goog-stored-content-length: 5588
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Sun, 02 May 2021 11:48:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA81 116 KB
35 KB 4093ms
28ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:34 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0A23 0
0 503ms
288ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKHITE3qFZ03WHU0YXjwRug7wSdfj1nLn-bNqD2baWoDHyqjvr3Rag7LyRRKB4AACjsKfX9uwYpi8ihAJzzdDEphwki2bRZwg8KciqjZOSbDs_pCzZjvWumovHKSHJLrChmXOaNrv_cJxdtTrrKyQ3cMhgsLjd68FZVMYlhb3IZndKEZbpxW9A_BM7jbCFZ8yZynKvMzgZWmPCVLsaymPifDOXybBbibnkZGDf34bRYqOfKJNKR1R_aEd5wwOtm-NFwyyYfjYWb_9HkuQXuBFI-hRzSUp592F6nXGDMS8XVvZfAiahfsKFGJ31KKAC9QbdnHfsUF0o2wlThN__q4w1OglTR8vhVaf0HM9uHzkYRbSzsTYq2LXS&sig=Cg0ArKJSzPe3FEc667ulEAE&urlfix=1&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 1588580435555250.js Show response
adsparc.bbvms.com/p/philstar_com_instream/l/ Frame 0A23 157 KB
26 KB 9773ms
463ms Script
text/javascript 65.9.84.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adsparc.bbvms.com/p/philstar_com_instream/l/1588580435555250.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 4fd7cb3a575d35bf5192fce123f8936011a270848b3ecab277d441ff8f66c316

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ovp-host: vms-prod-frontend-spot-10-1-19-22
date: Sun, 02 May 2021 11:18:39 GMT
content-encoding: gzip
server: Apache
x-amz-cf-pop: AMS1-C1
vary: Host,Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: public,max-age=90
content-type: text/javascript;charset=UTF-8
content-length: 26353
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
x-amz-cf-id: DHfkmr75xoljRUIiR6ICGhypWEprNZbipC35F1Q3E4P5_FdXL6tgPw==
expires: Sun, 02 May 2021 11:20:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A23 116 KB
35 KB 4051ms
36ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:34 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A64B 0
0 507ms
190ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOPeV6lcVI0aEl4LZ36gFRT1UW6ZfAvQtc09IIzEQBrOjMGJFYI8bZQHpkb4fV_4WXwOF7Cy6Ja6subO6oDVOsI1xU4dkPvgUDMcB9TAAjnCRcG6emgiBlrlmjRVDkHvAOibTgjH0QMuq2iQGM1NM08V6tiN2HshYgHVopW9QsECSn2i2kjye8rzUmDCNYUhbZdUA-S2yExMoZtO7jzVdidDycX1gX6bc-X4zaQoCuB26ZU89sIZ5AFfh1Kgz9KdZNLXtCLOUGRGxT4-rFBTK3UFY7DDTTlsIKsQY9MI0yD-MxWuGgA2xOTJItPm_gXP_P5NnQQRjLvwlLkA&sig=Cg0ArKJSzFjJ5uSrgnh9EAE&urlfix=1&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 tag Show response
a.teads.tv/page/31589/ Frame A64B 5 KB
1 KB 9309ms
94ms Script
application/javascript 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/31589/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 164e58d92ad3bce30a426090d0e62461519b7966b683882cefaf6c09055bdba9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:39 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 1143
expires: Sun, 02 May 2021 12:18:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A64B 116 KB
35 KB 4029ms
34ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:34 GMT

GET
H3-29 200 15815992080929626402
tpc.googlesyndication.com/simgad/ Frame 1612 103 KB
103 KB 613ms
70ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15815992080929626402?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmBCJbYo1CWf4qgvSoaLRIHGxLFUQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0bf71e8784085e97670dcd2b61ba4e1a1ee30495be5259614823dda1181a6f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:57:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 11:22:08 GMT
server: sffe
age: 242468
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105054
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:57:22 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 1612 0
0 585ms
63ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR8hjzzbOWeJo-O41vse926hvcNxNTTk0ROy31D3-XQvdJ6JA1GOZq6hVMMfx7305rC3PgOfTGyBDEdmujrHiDXpYFmIQ
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1612 0
0 764ms
243ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3s4YgoqOYKL5Dcirx_APlpWEqAnI24vAYsbFlPe3DYfgor3AARABIMOF_i1gkYSThfwXoAGHoqncAsgBAuACAKgDAcgDCKoE2QNP0HOAerlP2w24IoQg84AkC9AmGdGtPQ12HHdEpyQdbI4AKT80QgROnMy-6-ABrb_gz1qKxDqZV5cIn4lEP8qlPp_WwLgo6QsRQqAxt-Z1-y5hTji8e6ZXucIEjZ4jXKpXCXnLFCMkWcNBQ3CC5P5a8-PIuYTzoyZYPCQl2IDW1cRGoRxyWQEtxUswNz-qOGJsDVrT4NpI_E7HcJfaHsDjFQ2Hr8R4aDYEltokbOrpgATM1ddHeWLJYpwQXxcXSq7Aj8h8Wz6xy-OmTFKUp-Uu6_eJ7Xs_RDe52O6DURYFwPsRVI0BwIJS56xGIs363rsuE_i102mQRMqwfTe6esczSSUkQEMsS-9kz0mfSl_4bk8Ce-DYxIB3hM0jwfMgIoHtbGxgXqmESlC_YSbt1JmMj-W_in6Iuj3seC8fomZcug_r_poPcBtTLW1z9NC0zDXmLIOR5U5AKTadfZtURH27ITnuHzsWxIAcPke101Q-9QIadrfqyYY5o44ZVAe3Eueaw1V__Bgx0-3c2bXRdlMeS4zvJAqPEBaQOWT7RAi1FGFxyByQC0ryV_aiHj47zeCn3uAv_MJccqQqr-MmuzwrcMyS0yvVf_X_8CPzVhZ_kW3wwbG8lY7iTcAEyN3zzsAD4AQBkgUECAQYAZIFBAgFGASgBgKAB8Tnv94BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEImAJdIICQiA4YAQEAEYHYAKA8gLAdgTDLIXGgoYCAASFHB1Yi0yMTU4NTkwMjMyNjUxNjMz&sigh=-WnNo12RAS0
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6748083974789115151/ Frame D650 48 KB
48 KB 613ms
70ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6748083974789115151/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQqgIYASABLQAAAD8wqgI4qgJFAACAPw&rs=AOga4ql8PO7MW0gbHuT2Jfl_7hZlARKxHg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46202ea7f0c1c84d97ee305aa96bce96bfeb7e3a2a286ff714e4c774fc98323b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 03:10:40 GMT
x-content-type-options: nosniff
last-modified: Fri, 29 Jan 2021 11:29:04 GMT
server: sffe
age: 288470
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49349
x-xss-protection: 0
expires: Fri, 29 Apr 2022 03:10:40 GMT

GET
H3-29 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame D650 1 KB
755 B 776ms
254ms Image
image/svg+xml 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 21:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222102
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 21:36:48 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D650 0
0 768ms
247ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ClglCgoqOYKP5Dcirx_APlpWEqAmQ5t2VYtKMrPvrDbndkfeBIxABIMOF_i1gkYSThfwXoAHpituaAsgBBqkCDkyD0ocqtD7gAgCoAwHIAwqqBNwDT9AIdVfzxrXxYtwAwyT0ifeRqiNCnZfuI6Z1a3xEJ_gM-nls6Mc-mBLbNpnK3PxuDzZY43IfJKj6e3Z3ktst-gpB_-aj_791IUpb4QAkI58xpWkw4I4H9gbbQIrZ1Ar9PhGW83Mz7tKvjIy5sWTbf-A_n5FiOPi-DPmqmfyFmBYcFSR4JdGISPn1ls55yrGvwR-pwNKx6WGRqbSXGRRHdzeSt0PqODkCQVFWTqab5wpKaTR_4FgSlyApLfQJ7eT0PL03v_wroU8DlCKwQ1Gtm7TtoClgl5fqTQkX-CJzNWyux-kw5FPFBxpK43TRF3nSSNMUkokrbQf3xrxXcymb79HLpL9ntpmO6UUctEHIanc7EAHBBZgfs95aJIlOJ7mJNtwvophJDeOZN7Pb35vf4yF9U74TDNSBEHUvoJwl25HIwZ5i4WFzDn5jaBM3OF6RUmEpixTNZJZ14O6Ly5ZucX0Foovt5WaiOt_87a99STrAOZdVcF-77bLBW8SgcbEPM9XbbgNp8Xw8rZCClwShC9ivhiv2iEBQYd8jmmWfuJSr0Qgu6qIoL3o0R-8DI65I2wk9BN31fFdhK3udZA3GjR-nOl5YD_C6JlKVFN1a4Zz2-7_pcKTHiKkLejvABP7Pi4G1A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAf_9KTlAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCptRHSCAkIgOGAEBABGB2ACgPICwHYEwyYFgGyFxoKGAgAEhRwdWItMjE1ODU5MDIzMjY1MTYzMw&sigh=6yPZT_Gq8-k&template_id=492
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 3926ms
0ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782026698183"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27954
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:34 GMT

GET
H2 200 zoomd.widget.logger.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/ 9 KB
4 KB 295ms
0ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/zoomd.widget.logger.min.js?ver=4.0.v20210429050410.54719
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=73376741
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FE4) / ASP.NET
Resource Hash: c75f65c26c8627f92d561c1574e598ce07ccfae2f3f19cb24b59437f95658259

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:30 GMT
content-encoding: gzip
etag: "0ff41db53cd71:0"
last-modified: Thu, 29 Apr 2021 05:04:22 GMT
server: ECAcc (frc/8FE4)
age: 279052
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 4104

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 259ms
76ms Ping
text/plain 2a03:2880:f150:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f150:82:face:b00c:0:25de Hamburg, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarysNmipZtoPvhuhTWe

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sun, 02 May 2021 11:18:30 GMT
content-type: text/plain
access-control-allow-origin: https://www.philstar.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 status
www.facebook.com/x/oauth/ 0
0 184ms
87ms Fetch
text/plain 2a03:2880:f150:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1775905922621109&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4a0f2cdd0992e30f9d0f3da18a33797f&ua=modern_es6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f150:82:face:b00c:0:25de Hamburg, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: ZJWcAXXa/z0JZtwX4GIcysC6CNzS5QOo+Dx4WYJBuQYUHhMySkbAJeyqoNnt2+Ak6yPdq41U1SmpTQSoVDUMuA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 02 May 2021 11:18:31 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.philstar.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 comments.modern.js Show response
cdn.vuukle.com/widgets/ Frame 8686 718 KB
189 KB 58ms
49ms Script
application/javascript 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/widgets/comments.modern.js
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/widgets/index.html?amp=false&apiKey=75f932c6-b01d-490e-bae9-2a145b13e07d&host=philstar.com&articleId=2095356&globalLang=en&img=https%3A%2F%2Fmedia.philstar.com%2Fphotos%2F2021%2F05%2F02%2Fjose-calida-solicitor-general2018-05-1518-46-41_2021-05-02_16-12-32.jpg&lang=en&title=DOJ%3A%20Solgen%27s%20office%20looking%20into%20reported%20data%20breach&url=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk%26_hsmi%3D88974744&emotesEnabled=true&d=false&l_d=false&totWideImg=false&link=https%3A%2F%2F%5Burl%5D&hideArticles=false&maxChars=3000&gr=false&hideCommentBox=false&hideCommentBoxWithButton=false&hideCommentsWidget=false&wpSync=false&isCustomText=false
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fc3092c551df3236769b4a8b0a98769a776a66b573e28b4607731ba0c0f5ee6

Request headers

Origin: https://cdn.vuukle.com
Referer: https://cdn.vuukle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 162564
cf-polished: origSize=735285
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ce6638730000c2b8621d7000000001
last-modified: Wed, 28 Apr 2021 11:21:35 GMT
server: cloudflare
etag: W/"6089453f-b3835"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=259200
cf-ray: 6490d96d8d0fc2b8-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj: minify

GET
H2 200 1582218480-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame 29A6 111 KB
39 KB 8054ms
16ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1582218480-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bef1ba9be99379579241fd01dffc3927cc8151de55c1ac3d084ead11356cbb92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 19:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 02:52:21 GMT
server: sffe
age: 489591
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39129
x-xss-protection: 0
expires: Tue, 26 Apr 2022 19:18:48 GMT

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 3 KB
2 KB 6752ms
112ms Script
text/javascript 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=132651171941927819016211392591125382700819871050226124708260677907&nc=0&tsf=0&tsfmi=&pv=0&cb=1619954312784&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2826626440&at=&bid=e30%3D&di=W1siZWYiLDY3Nl0sWzEyLCJ7XCJlXCI6MCxcIndnbFwiOjF9Il0sWy0xLCItIl0sWy0yLCI0NCxY%0D%0ASHhnMWowekVsQVF3SjFRRWNrdnpvdmJjQUlaU0VFakFoSklRUUJ3Z2w5RjRDQkFnUVdnaWQwTEhC%0D%0AQmVPR2pidlgzcVl5TTYvK3Z6dlM3R29YR3doLytiTWxqYlR5YW83T1BmIl0sWy0zLCJbXSJdLFst%0D%0ANCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcImdhcGlcIixcIl9fX2pzbFwiLFwi%0D%0AJFwiLFwialF1ZXJ5XCIsXCJHb29nbGVBbmFseXRpY3NPYmplY3RcIixcImdhXCIsXCJfY29tc2Nv%0D%0AcmVcIixcImdvb2dsZXRhZ1wiLFwiQk9PTVJfbHN0YXJ0XCIsXCJmYnFcIixcIl9mYnFcIixcIl9p%0D%0AenFcIixcImNvbnRhaW5lclwiLFwiX2l6QWx0XCIsXCJfaXpcIixcIml6Q29uZmlnXCIsXCJzbWFy%0D%0AdGxvb2tcIixcInN0YXR1c0NoYW5nZUNhbGxiYWNrXCIsXCJjaGVja0xvZ2luU3RhdGVcIixcInRl%0D%0Ac3RBUElcIixcImZiX3NoYXJlXCIsXCJmYkFzeW5jSW5pdFwiLFwibW5cIixcInNwYXJ3clwiLFwi%0D%0Ac3BhcnRpXCIsXCJCT09NUlwiLFwiQk9PTVJfbXFcIixcIlZVVUtMRV9DT05GSUdcIixcImdnZWFj%0D%0AXCIsXCJnb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlXCIsXCJfaXpvb3RvXCIsXCJvc2FwaVwiLFwi%0D%0AZ2FwaXhcIixcImdhZGdldHNcIixcImlmcmFtZXJcIixcIl9fZ2FwaV9qc3RpbWluZ19fXCIsXCJz%0D%0AaGluZGlnXCIsXCJUb29sYmFyQXBpXCIsXCJpZnJhbWVzXCIsXCJJZnJhbWVCYXNlXCIsXCJJZnJh%0D%0AbWVcIixcIklmcmFtZVByb3h5XCIsXCJJZnJhbWVXaW5kb3dcIixcImdvb2dsZWFwaXNcIixcIk91%0D%0AdGJyYWluU2NyaXB0UmlnaHRTaWRlXCIsXCJzY3JpcHRUYWdSaWdodFNpZGVcIixcImRldGFjaF9v%0D%0AdXRicmFpbl93aWRnZXRcIixcImRldGFjaF9hcnRpY2xlX2xlYWRlcmJvYXJkXCIsXCJuZXdNYWlu%0D%0AXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiLSJdLFstMTAs%0D%0AIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJrZXl3b3Jkc1wiLFwiZGVzY3JpcHRpb25c%0D%0AIixcIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjpkZXNjcmlwdGlvblwi%0D%0ALFwidHdpdHRlcjp0aXRsZVwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIntcIm9c%0D%0AIjowLjAwNjUwNzU5MjE5MDg4OTM3MX0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjE2Il0s%0D%0AWy0xOCwiWzAsMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwx%0D%0AMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCJdIl0s%0D%0AWy0yMCwiNzA2Mzk3ODY2LjE2MTk5NTQzMDQiXSxbLTIxLCJHNVdzN1RpQSJdLFstMjIsIltcIm5c%0D%0AIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wi%0D%0AOjEwMDAwMDAwLFwidWpoc1wiOjEwMDAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywi%0D%0AWzAsOS40LDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMiXSxbLTI5LCJ7XCJ2XCI6WzIsMiwy%0D%0ALDIsMCwwLDAsMiwwLDIsMCwyLDAsMCwyLDIsMiwyLDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFst%0D%0AMzEsInRydWUiXSxbLTMyLCIyIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTYxOTk1NDMx%0D%0AMTc4NSwtMl0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzcsIi0iXSxbLTM4LCJpLC0x%0D%0ALC0xLDQxNCwwLDYwLDAsMzAsNDgwLDQ5OSwzODg0LDAsMjUzNS43MSw0NzExLjkwNSwxMzY4Mywx%0D%0AMzY4NCJdLFstMzksIltcIjIwMDMwMTA3XCIsMCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96%0D%0AaWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwwXSJdLFstNDAsIjMzIl0sWy00MSwi%0D%0ALSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDEwMDAwMTAwMDAwMDAwMDAxMTEwMTEwMCJd%0D%0ALFstNDQsIjAsMCwwLDUiXSxbLTQ1LCI2MjAsMCwwLDAsMCwwLDc2MiwwLDY0OCwwLDAsMCwwLDAs%0D%0AMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiRXVy%0D%0Ab3BlL0Jlcmxpbixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJi%0D%0AbmNoIiwxMzk1XV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A309%2C%22y%22%3A4374%2C%22w%22%3A638%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=oB5rM4uhSv&sdd=%7B%7D&pto=14685
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 8e6dc8944ee7cb345da2d44ebe60eceb0b1df7a17b4907763cd746703bb0a692

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 11:18:39 GMT
content-encoding: gzip
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cheq_headers_order: Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length: 1608
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 39ms
32ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:32 GMT
last-modified: Wed, 17 Feb 2021 13:51:00 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1613570903.586246"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Tue, 01 Jun 2021 11:18:32 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 39ms
21ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:32 GMT
last-modified: Wed, 17 Feb 2021 13:51:00 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Tue, 01 Jun 2021 11:18:32 GMT

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 6634ms
118ms Fetch
text/plain 64.74.236.63
INTERNAP-BLK5

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=bc30c015ba80c98a3402ed5ceb7ca16e_3357_1619954308519&tm=9117&eT=0&widgetWidth=638&widgetHeight=893&widgetX=309&widgetY=4375&tpcs=3&wRV=2000324&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.63 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 May 2021 11:18:39 GMT
content-encoding: gzip
X-TraceId: baccc66395a40577e3fbdc5932fd0ee2
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame E427 16 KB
6 KB 54ms
22ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 73298c8f5a6114815ba00b891f7f36b6030d6817c12c7c160c039b277ea725b6

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
content-type: text/html
etag: "afdd3785c80ed9c7965597d8e9141a6b:1617802737.514459"
last-modified: Wed, 07 Apr 2021 13:38:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Mon, 03 May 2021 11:18:37 GMT
date: Sun, 02 May 2021 11:18:37 GMT
content-length: 5464
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1619954317~rv=71~id=b6c9287c3d54851218961e46afb5ba55; path=/; Expires=Sun, 02 May 2021 11:18:37 GMT; Secure; SameSite=None

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000324/module/ 50 KB
16 KB 121ms
22ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000324/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f5071efb00dd6c32bf9836ddd9907e7d1c44b388f0f3e79ae44027aa435d152a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:33 GMT
content-encoding: gzip
last-modified: Sun, 02 May 2021 10:54:42 GMT
server: AkamaiNetStorage
etag: "af21afef7487b5230875581b1889cc89:1619954082.979172"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 16439

GET
H2 200 get Show response
odb.outbrain.com/utils/ 27 KB
10 KB 351ms
287ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&idx=1&rand=42967&key=NANOWDGT01&widgetJSId=AR_6&va=true&et=true&format=html&pdobuid=-1&t=YmMzMGMwMTViYTgwYzk4YTM0MDJlZDVjZWI3Y2ExNmU=&adblck=false&abwl=false&clss=SERVER326FUIDz0q9CR49icSq2lxbChbmiiUV0GhrfZgOmulF8HO%252BC9ZL9vpjlaHYiYfak20ne81ogOj&px=987&py=3264&vpd=2064&cw=299&settings=true&recs=true&version=2000324&sig=G5Ws7TiA&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b99e85c3d43883c595937ca860722d6dcbaa166658dbf1687bf5cdd60f1c55fe

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:33 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, FRA, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.75.74
x-cache-hits: 0, 0
x-traceid: 7043efe5726a37f028ec71d7d257cbbc
content-encoding: gzip
content-length: 10103
x-served-by: cache-mdw17374-MDW, cache-fra19151-FRA
x-timer: S1619954313.146802,VS0,VE264
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjoyODYsImgiOjIxNSwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 64 KB
64 KB 6371ms
59ms Image
video/mp4 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjoyODYsImgiOjIxNSwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:39 GMT
cache-control: max-age=2358443
last-modified: Wed, 10 Mar 2021 13:54:35 GMT
x-traceid: a9f1da9ed6ed2f98c32391fe2e271520
timing-allow-origin: *
content-length: 79499
content-type: video/mp4

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/RNw7xiqRu-6_97G1pl1Hr7_2fbE/gpt_and_prebid/ 77 KB
18 KB 6125ms
22ms Script
text/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/RNw7xiqRu-6_97G1pl1Hr7_2fbE/gpt_and_prebid/config.js
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9049d913dc2472c356da1b009158175829f49639001166d2ac7efc6666372c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:39 GMT
Content-Encoding: gzip
Age: 3001
X-Cache: HIT
Connection: keep-alive
Content-Length: 18033
x-amz-id-2: y6w/KyeAaXy8StW301x8LN9mTFBunuCntHDjfLb0vZodL88xHWm3TqyKFugLTiHSmq9439OGjnY=
X-Served-By: cache-fra19147-FRA
Last-Modified: Sun, 02 May 2021 10:28:16 GMT
Server: AmazonS3
X-Timer: S1619954319.437664,VS0,VE0
ETag: "cdc947b4ac5159b33848e2a58db6bc71"
x-amz-request-id: 7HAJM80X5F3630JE
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 10

GET
H2 206 eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjoyODYsImgiOjIxNSwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 78 KB
78 KB 5984ms
26ms Media
video/mp4 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjoyODYsImgiOjIxNSwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d1a6350a8f7999c8bd20941fe027ff76402ae6087c1123c7e39d0ad7fe581b5

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 02 May 2021 11:18:39 GMT
last-modified: Wed, 10 Mar 2021 13:54:35 GMT
content-type: video/mp4
Content-Range: bytes 0-79498/79499
cache-control: max-age=2358443
x-traceid: a9f1da9ed6ed2f98c32391fe2e271520
timing-allow-origin: *
Content-Length: 79499

GET
H2 206 eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjoyODYsImgiOjIxNSwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 64 KB
0 6007ms
60ms Media
video/mp4 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjoyODYsImgiOjIxNSwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 02 May 2021 11:18:39 GMT
last-modified: Wed, 10 Mar 2021 13:54:35 GMT
content-type: video/mp4
Content-Range: bytes 0-79498/79499
cache-control: max-age=2358443
x-traceid: a9f1da9ed6ed2f98c32391fe2e271520
timing-allow-origin: *
Content-Length: 79499

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 665A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

18ms
17ms

Image
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sun, 02 May 2021 11:18:33 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 15568870889694092240
tpc.googlesyndication.com/daca_images/simgad/ Frame 665A 130 KB
130 KB 15ms
14ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15568870889694092240

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1533bdcee401a95b88bb993db9eb843f5bfbf205e0c849216a7cf21a763713a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 03:07:50 GMT
x-content-type-options: nosniff
age: 288643
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132819
x-xss-protection: 0
last-modified: Sat, 13 Feb 2021 19:25:12 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 03:07:50 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 665A 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 26357
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 03 May 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 665A 295 B
319 B 8ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 22476
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 03 May 2021 05:03:57 GMT

POST
H/1.1 200
OK GetToken Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 226 B
953 B 5826ms
27ms XHR
application/json 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/GetToken
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1f797f01bafac3ef83b87c9614a40be2a78e3150e691b1ca157dccc5cf9c0d3

Request headers

Accept: */*
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 02 May 2021 11:18:39 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: application/json; charset=utf-8
Content-Length: 324

GET
H2 200 jquery.dfp.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/extra_content/ 289 B
424 B 18ms
12ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/extra_content/jquery.dfp.min.js?ver=4.0.v20210429050410.54719
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=73376741
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E98) / ASP.NET
Resource Hash: 823686237069918cffd8537c4a5a77c27cd84451bef4b07624f44d7e5456c226

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:33 GMT
content-encoding: gzip
etag: "05f7098b43cd71:0"
last-modified: Thu, 29 Apr 2021 05:00:38 GMT
server: ECAcc (frc/8E98)
age: 279055
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 327

GET
H2 200 css
fonts.googleapis.com/ 2 KB
645 B 375ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=73376741

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 May 2021 10:14:54 GMT
server: ESF
date: Sun, 02 May 2021 11:18:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 May 2021 11:18:34 GMT

GET
H2 200 icon
fonts.googleapis.com/ 568 B
444 B 378ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=73376741

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

011f65213dcc2dc9464f07a61c75125c3ef8061f37ca3921c4b6771421b4235b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 May 2021 11:18:34 GMT
server: ESF
date: Sun, 02 May 2021 11:18:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 May 2021 11:18:34 GMT

GET
H2 200 masonry.pkgd.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/ 25 KB
10 KB 73ms
18ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/masonry.pkgd.min.js?v=4.0.v201807040945
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=73376741
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FDC) / ASP.NET
Resource Hash: b4ab3afc167a24f795563b7a51fae8dfbe6efc232ccb2e2add52dacc59cec3e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:33 GMT
content-encoding: gzip
etag: "048c04943ad71:0"
last-modified: Mon, 26 Apr 2021 12:02:24 GMT
server: ECAcc (frc/8FDC)
age: 513909
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 10202

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
5 KB 72ms
19ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: www.philstar.com
URL: https://www.philstar.com/js/jquery-1.10.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 3507395
cdn-cachedat: 2021-03-11 11:57:55
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ce6641f700001f2da1125000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a9f1136dc57a7605179530d5ffb85493
cf-ray: 6490d97cbd6a1f2d-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 core.min.js Show response
cdnjs.cloudflare.com/ajax/libs/core-js/2.5.1/ 86 KB
26 KB 82ms
30ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/core-js/2.5.1/core.min.js

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=73376741

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c062e44ef26a7b57ee5e158af4af360561ed6f3d18d96e4c1faa9b69097add0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 840409
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25572
cf-request-id: 09ce6641f70000c2c7c1b4d000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-156f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iJrQFa7oUw64oiZQ8DCTVDKVOCCrbnPYXVrKbQLCI8Hb%2B7u0CvafEGJk7lxxb3b2XfXM%2Br6clhyogeBcOk4SA1%2BOI86fmEKzugA8Xl3SbCgdISfoVIldHEVzKySJ3ef17A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6490d97cbd6ec2c7-FRA
expires: Fri, 22 Apr 2022 11:18:33 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 1612
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

52ms
51ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sun, 02 May 2021 11:18:33 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 15815992080929626402
tpc.googlesyndication.com/simgad/ Frame 1612 103 KB
103 KB 34ms
26ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15815992080929626402?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmBCJbYo1CWf4qgvSoaLRIHGxLFUQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0bf71e8784085e97670dcd2b61ba4e1a1ee30495be5259614823dda1181a6f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:57:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 11:22:08 GMT
server: sffe
age: 242471
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105054
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:57:22 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1612 2 KB
2 KB 29ms
25ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 26357
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 03 May 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1612 295 B
319 B 29ms
25ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 22476
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 03 May 2021 05:03:57 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D650
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

206ms
205ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sun, 02 May 2021 11:18:33 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D650 2 KB
2 KB 28ms
10ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 26357
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 03 May 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D650 295 B
319 B 27ms
11ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 22476
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 03 May 2021 05:03:57 GMT

POST
H/1.1 200
OK GetToken Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 226 B
953 B 4550ms
29ms XHR
application/json 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/GetToken
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1f797f01bafac3ef83b87c9614a40be2a78e3150e691b1ca157dccc5cf9c0d3

Request headers

Accept: */*
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 02 May 2021 11:18:38 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: application/json; charset=utf-8
Content-Length: 324

GET
H2 200 zd_top.searches.css
60a6ae725fca.bitsngo.net/Content/3.0/widget-css/ 16 KB
3 KB 10ms
9ms Stylesheet
text/css 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/Content/3.0/widget-css/zd_top.searches.css?ver=4.0.v20210429050410.54719
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=73376741
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F0D) / ASP.NET
Resource Hash: 176f3ca1ee7b655aa9f2c16e71c09dc548d315c9b77ff39d637eebb931d70d81

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:34 GMT
content-encoding: gzip
etag: "0323f97b43cd71:0"
last-modified: Thu, 29 Apr 2021 05:00:36 GMT
server: ECAcc (frc/8F0D)
age: 279056
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 2799

GET
H2 200 zd_top.searches.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/extra_content/ 17 KB
7 KB 17ms
7ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/extra_content/zd_top.searches.min.js?ver=4.0.v20210429050410.54719
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=73376741
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F69) / ASP.NET
Resource Hash: 1426c56748e464a4c9a1dae580dc73acf291663684aa701711537d8709329014

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:34 GMT
content-encoding: gzip
etag: "0695620b53cd71:0"
last-modified: Thu, 29 Apr 2021 05:04:26 GMT
server: ECAcc (frc/8F69)
age: 279056
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 6909

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame D650 16 KB
16 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.philstar.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 19:15:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 403390
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Wed, 27 Apr 2022 19:15:25 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame D650 15 KB
15 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.philstar.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 482595
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 26 Apr 2022 21:15:20 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D3F5 0
0 75ms
74ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDYxY2FpbiIiH4DZ0GiuIIE2E23FS7fg8iHJkXUmHuHz7zkR8rKMrKUrgAKFU3Qv9bxhO4fXH9_gilWMvWDkSZLyMrg-d78qYP18_kLTo_5cmOgEs2yQhctMjI5E62QhnK6L7XO57jahD51Fy_UeACQHpDpaCGeINLPdHZSHthoVFZPuW2u-uMmHvZci4DwGHl6gO2C_JJwPvEVVqcPKHj0TXdN7U1g3TwdD0srmBpEC0NDmZv6bipfWCJElxjt67ssaUUyuzKq0FkkEJz3J-1OpHdraZ4N5fmic6T_ZetzBm8E3QPw2w4Rgn2tJE&sig=Cg0ArKJSzMj1ni4BM4cmEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 02 May 2021 11:18:35 GMT

GET
DATA 200
OK truncated
/ Frame D3F5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d63c5da5d885fafa78591047230f77d2db177434b30fd3256a39db578ce22560

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame BCDF 0
0 63ms
63ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssC0fkpb4dWE0HOwJlxDHQUt6CbaobEjgIySMDrNfywDLASOUWZ0b87TmlOcVLKaglmPn_2RWXjXv6hlXLX8Mdj_hiFNMzXLinVrqCOTC7-4wsOew8JcxRpXqGXNyJjbj_Q6R98e7zM8Xl6TIe6NoWnqcmdQvCe8isVTz5vOeyKPlHP1bR-61RhzFybmleULuvkMuC6z7RIxstE35iRF8cYhgON1Q89gR4jKZSLLZE1vticCeMu0hqL0asMs6Xan9FDO2qG1Ou4JRYOqdOJD9zeIz3OptMB5T73z9lQvi1o7Y5YR27fnESR6ACkX-_&sig=Cg0ArKJSzGcnCD26wYb9EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 02 May 2021 11:18:35 GMT

GET
DATA 200
OK truncated
/ Frame BCDF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 542bff3179d45d1dc3c09df95b9d57e7777c3bd2ac2d9b46387fcd8a30d60d38

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8B85 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6165d6273910b8bc7c8f600c0b2b62eefb1b39e21c9982ebf9274e6e48e587e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8B85 0
0 67ms
64ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3EcVtQbZp7A5EH9QanhqU-Ewdcf6zJZJRuyViZXsPEnLnbm7kagZ2WSiKk9IKKolNk8BmuoudgNNunndDxpaS47c_DVNoW0kQVruJhpNn26gEUTKXa0E7Gv5mM0XUOc3BMKFbAC9iAcZFEUmIVGQg3VGuZwNJBAx2TnxLIo1Ua6GXwFydlrC5yaa2Ub6gdzprDpY9eCnkpwweE-wBtcHEJXnbgPFggOoaPy2KKJXMgTdq47bSKF9DPftilxxhIpNhL7QRcjLlu4oiphdkbA2md1xSGnjdyGe80ZHLZlbEqgjuwCFdFoWDtvzIAHukJHcljcDlmk1vQrjwgnc&sig=Cg0ArKJSzI_oqMyDMmWpEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 02 May 2021 11:18:35 GMT

GET
DATA 200
OK truncated
/ Frame A64B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6428652822593a327bf682d70ef1630f14387208987ed024e7a0edfd22e4ada5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0A23 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e454baa9db613ae0e90d52790476a1775d693c347ae72632930ead3d5eac567

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EA81 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afae47011544db565deb96428c7a9bf3f7b783a75791382379d009371475a576

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 665A 42 B
501 B 69ms
47ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIhwbEO28SVbQ8rokw-AnpbcA1D_qWfChjBNFlrk4X0paozmXDFk2PFV6Zq86kh57AZ70HHdU2lIJUxY3XkjSVf9afClLuOX9hzDV0Z6VhnBJHD1FYAWRaPo3jMq22bgyhq3WnY80Yd5WHWmkbVN_c&sai=AMfl-YRXEwXcnEpoT85kwoao5e4qwSso08pq2iYakQjkgtMUyxlAGTB4M-onKD7xZDqLuBCRTKj2jMYf_veuY3x2LVt5HZslAzPlsFSMVh-aG8wfy0jZWe7nVTEB4Lo&sig=Cg0ArKJSzKbvD2zNXTBPEAE&cid=CAASF-RoDgvKJcoPROHA1W9e2jtQ9QoAANix&id=ampim&o=315,117&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1310&mtos=0,0,0,1310,1310&tos=0,0,0,1310,0&tfs=1766&tls=3076&g=100&h=100&tt=3076&r=v&avms=ampa&adk=1363492021

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 11:18:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1612 42 B
108 B 50ms
46ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQuYYKYtG4aeRD66QmIzF3QtT3Sp2SkwxBsV0rWbav1Gu7PCK6vR8QzOlPNyRwOkSgjMroypwJT2G9dO4hZ2fPm5ivCs6P139BeSlQRCmInf-mA7Cq5wCGoHp2bg&sai=AMfl-YRJ4Gz5S6SAcL6NHGV4XIE8gJSePRIE4KkIJozMb9Wd1Y38Sv7JfEfWK22TYK5GUCE9qTzFY3Ygnbkdvm-AzuqRqzu6CYLXC37J65ukR6U3TP_wH7wPrrj-jCQ&sig=Cg0ArKJSzP2moZA13IbeEAE&cid=CAASF-Rocasn3cDf42hHPEjvr6Zqj1VGAFwK&id=ampim&o=987,382&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1253&mtos=0,0,1253,1253,1253&tos=0,0,1253,0,0&tfs=1699&tls=2952&g=100&h=100&tt=2952&r=v&avms=ampa&adk=1770137171

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.philstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 11:18:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BCDF 42 B
64 B 56ms
52ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4xSvTWafQ82qMiy82vhY5dGoOTWR6LzlkVTbp_QIxT47t47PiM77yW2reg1UaJeB8jla65vmrqGZBl10Y20nJhzTNWdj7gYQ-yaIOP1c&sig=Cg0ArKJSzKxOr-ur23DsEAE&id=lidar2&mcvt=1009&p=100,1325,1180,1770&mtos=0,0,1009,1009,1009&tos=0,0,1009,0,0&v=20210430&bin=7&avms=nio&bs=1600,1200&mc=0.62&app=0&itpl=3&adk=868786206&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1619954310160&dlt=0&rpt=6021&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 11:18:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D3F5 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzADteRMm0TZIwsdOXmAhAkBGI0bCuzOv576EhslrAdnDyEmPz_UsfgW6y6MBpVQ0hZMqXrtjKf9H3iJZ_7jtlauJUvA3XpFlkqBEvm08&sig=Cg0ArKJSzCLahOH0hrI-EAE&id=lidar2&mcvt=1012&p=0,0,1080,445&mtos=0,0,1012,1012,1012&tos=0,0,1012,0,0&v=20210430&bin=7&avms=nio&bs=1600,1200&mc=0.62&app=0&itpl=3&adk=3851023446&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1619954310158&dlt=0&rpt=5961&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 11:18:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
311 B 164ms
113ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: www.philstar.com
URL: https://www.philstar.com/js/jquery-1.10.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=OF0TWT%2B3drLpn7HF4sYz672U8afh7FLekTo7kxpPEag%3D&se=1619955976&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: pageView
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
clientId: "73376741"

Response headers

Access-Control-Allow-Origin: https://www.philstar.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 02 May 2021 11:18:40 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
311 B 114ms
111ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: www.philstar.com
URL: https://www.philstar.com/js/jquery-1.10.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=OF0TWT%2B3drLpn7HF4sYz672U8afh7FLekTo7kxpPEag%3D&se=1619955976&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: AdBlockDetected
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
clientId: "73376741"

Response headers

Access-Control-Allow-Origin: https://www.philstar.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 02 May 2021 11:18:41 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

GET
H2 200 aniview.js Show response
player.aniview.com/script/6.1/ Frame EA81 25 KB
9 KB 746ms
0ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/aniview.js
Requested by: Host: play.vidcrunch.com
URL: https://play.vidcrunch.com/5b59760c073ef46a2e6b8f13/5d970b5328a06104341b4d17/Philstar.com_Desktop_IBV_336x280_DFP_Rev70_0410_18.Js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 802623eab5c9680f74e2fd71b8e79d6b28ba24a5b48c6f00fd556bb82b147eea

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:41 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UycRjZ5cYMA3zVYXrE2gmeMp3u7ML_X1RI8JCQBtVjzV2S1Rl0B0wK9iA4pHb9sBMOugTbU3KjDs3T0AYk53rl5SBOBnA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 9068
last-modified: Sun, 02 May 2021 06:47:51 GMT
server: UploadServer
etag: "4f0de72c32c1bf6ab521a1e76e6605a2"
vary: Accept-Encoding
x-goog-hash: crc32c=34A3wA==, md5=Tw3nLDLBv2q1IaHnbmYFog==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1619938070960563
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9068
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 02 May 2021 11:23:41 GMT

GET
H2 200 track
track1.aniview.com/ Frame EA81 0
71 B 896ms
115ms Image
text/plain 54.89.48.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5d0a162d28a06106f038a1c1&cid=5d9708a028a061666e462fd1&e=playerLoaded&cb=1619954320256
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.89.48.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:41 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 1208ms
107ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.philstar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.philstar.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Sun, 02 May 2021 11:18:40 GMT

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 1193ms
130ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.philstar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.philstar.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Sun, 02 May 2021 11:18:40 GMT

GET
H2 200 clip.js Show response
widgets.outbrain.com/nanoWidget/2000324/module/ 1 KB
1 KB 195ms
0ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000324/module/clip.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3b76f777e5dfd5ac951576a64ce912afeb823e74d6c45b13a0afaf8e131a2f4e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:41 GMT
content-encoding: gzip
last-modified: Sun, 02 May 2021 10:54:42 GMT
server: AkamaiNetStorage
etag: "e1416939addce1f287c79f0da8c15a8f:1619954062.452214"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 613

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 46 KB
13 KB 684ms
492ms Script
application/json 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk%26_hsmi%3D88974744&settings=true&recs=true&widgetJSId=GS_1&key=NANOWDGT01&version=2000324&apv=true&sig=G5Ws7TiA&format=html&rand=66351&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=YmMzMGMwMTViYTgwYzk4YTM0MDJlZDVjZWI3Y2ExNmU=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=2&lastCardIdx=0&fAB=11387-0&layeredTestInfo=11387-0-&clss=SERVER326FUIDz0q9CR49icSq2lxbChbmiiUV0GhrfZgOmulF8HO%252BC9ZL9vpjlaHYiYfak20ne81ogOj&pcer=p%3D6zGrg2kbXFVEF0sQGnLRt7wpgb6fg1BvTDFIiygDzJ4%26c%3Da5aaa317%26v%3D3&dpr=1&cw=638&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000324/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 940e9209cde776376f723f39648f9f49bba212b19b587fc5f1a17190b0695c41

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:41 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, FRA, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.75.39
x-cache-hits: 0, 0
x-traceid: 5a58574da209aed8c9981cdc13b0c9c9
content-encoding: gzip
content-length: 13252
x-served-by: cache-mdw17339-MDW, cache-fra19151-FRA
x-timer: S1619954321.294629,VS0,VE487
vary: Accept-Encoding, User-Agent
content-type: application/json; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 72ms
28ms Image
image/png 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:41 GMT
last-modified: Wed, 17 Feb 2021 13:51:00 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1613570897.992119"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Tue, 01 Jun 2021 11:18:41 GMT

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 526ms
134ms Fetch
text/plain 64.74.236.63
INTERNAP-BLK5

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=ad7e687a693ee76e50d3618daf5a3734_3357_1619954313347&tm=17795&eT=0&widgetWidth=299&widgetHeight=481&widgetX=987&widgetY=3264&wRV=2000324&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.63 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 May 2021 11:18:42 GMT
content-encoding: gzip
X-TraceId: c426b745507312633346a91667555b1f
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 get Show response
odb.outbrain.com/utils/ 2 KB
1 KB 174ms
143ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk%26_hsmi%3D88974744&idx=2&rand=5286&key=NANOWDGT01&widgetJSId=MB_1&va=true&et=true&format=html&pdobuid=-1&t=YmMzMGMwMTViYTgwYzk4YTM0MDJlZDVjZWI3Y2ExNmU=&adblck=false&abwl=false&clss=SERVER326FUIDz0q9CR49icSq2lxbChbmiiUV0GhrfZgOmulF8HO%252BC9ZL9vpjlaHYiYfak20ne81ogOj&px=160&py=1200&vpd=0&settings=true&recs=true&version=2000324&sig=G5Ws7TiA&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 582b376227b1bd7dc7afd939df860262610afaad0749abab2ca34038f185bf45

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:41 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, FRA, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.75.59
x-cache-hits: 0, 0
x-traceid: 5dc25eb96cf71d1000afb9825b039b00
content-encoding: gzip
content-length: 966
x-served-by: cache-mdw17359-MDW, cache-fra19151-FRA
x-timer: S1619954322.735275,VS0,VE123
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjoyLCJmIjo1fQ.mp4
images.outbrainimg.com/transform/v3/ 22 KB
22 KB 58ms
28ms Image
video/mp4 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjoyLCJmIjo1fQ.mp4
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:41 GMT
cache-control: max-age=2286065
last-modified: Tue, 23 Feb 2021 19:47:11 GMT
x-traceid: 16ab53ece480da8b618c6747a8913db2
timing-allow-origin: *
content-length: 22958
content-type: video/mp4

GET
H2 200 eyJpdSI6Ijg4YzliMTE3ZWQ5M2I5NjQ0ZDFmMzdkMzllOWJmNmNhZmZkYmVjYzk1NDRkMDA3NzkxYTQ2Y2FhMjc3ODFlMTciLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 2 KB
2 KB 27ms
21ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg4YzliMTE3ZWQ5M2I5NjQ0ZDFmMzdkMzllOWJmNmNhZmZkYmVjYzk1NDRkMDA3NzkxYTQ2Y2FhMjc3ODFlMTciLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 985dc002fdee7369ccf9bb303fc13fe4a26bdafa9a27d3489c033eaee9b517e4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:41 GMT
cache-control: max-age=2210149
last-modified: Fri, 16 Apr 2021 06:52:28 GMT
x-traceid: c37455e612873a9c012d72e5e153f0ed
timing-allow-origin: *
content-length: 2108
content-type: image/webp

GET
H2 200 eyJpdSI6ImZlNjc3YWE3ZDRmYmJjZGEzNWFjYjQ0ZDE1MzE4ZDBiMGYzODNjYjY5MTI0ZTFmZWEyNTMxZWYyYTQwYzQ1NTciLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 8 KB
9 KB 128ms
127ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZlNjc3YWE3ZDRmYmJjZGEzNWFjYjQ0ZDE1MzE4ZDBiMGYzODNjYjY5MTI0ZTFmZWEyNTMxZWYyYTQwYzQ1NTciLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bccef62724140ac10f1bd9972154286998b0befbfe26112f2a7b780234fa4f29

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:41 GMT
cache-control: max-age=2462400
last-modified: Tue, 13 Apr 2021 18:20:17 GMT
x-traceid: e735cf9950031eeb6e0eec0ead5369c7
timing-allow-origin: *
content-length: 8616
content-type: image/webp

GET
H2 200 eyJpdSI6ImNhOGZmNDU5OTUxNTYwZjRkNTQ3Y2M3ZTI1NTM3ZmU3MzE4MmUxMGU3NDY0MTA2MDZhYjU3MmE0YTYwMmM4NmYiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 8 KB
8 KB 26ms
25ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNhOGZmNDU5OTUxNTYwZjRkNTQ3Y2M3ZTI1NTM3ZmU3MzE4MmUxMGU3NDY0MTA2MDZhYjU3MmE0YTYwMmM4NmYiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53ddfd5cf1030496c969ff1ae2403f395effaf0bd05c9c46135dca6725408523

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:41 GMT
cache-control: max-age=2308039
last-modified: Mon, 05 Apr 2021 16:55:20 GMT
x-traceid: 8cd1cd6a5a442b90e6df7795019c9602
timing-allow-origin: *
content-length: 8194
content-type: image/webp

GET
H2 200 zoomd.widget.externalcontent.loader.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/extra_content/ 15 KB
5 KB 9ms
9ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/extra_content/zoomd.widget.externalcontent.loader.min.js?ver=4.0.v20210429050410.54719
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=73376741
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E8F) / ASP.NET
Resource Hash: 34d2701c293a921dbbaf7b206c1f4ffb541a7223c1ab3c5c6ff2b1fa011a85a0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:41 GMT
content-encoding: gzip
etag: "0968721b53cd71:0+gzip"
last-modified: Thu, 29 Apr 2021 05:04:28 GMT
server: ECAcc (frc/8E8F)
age: 279063
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
content-length: 5185

GET
H2 200 runtime.js Show response
60a6ae725fca.bitsngo.net/content/4.0/js/ 3 KB
2 KB 182ms
0ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/4.0/js/runtime.js?v=4.0.v20210429050410.54719
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=73376741
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1B) / ASP.NET
Resource Hash: 6b8265b5511d8b5505f4855257a67348676f542422026245e83e5cca67f291b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:42 GMT
content-encoding: gzip
etag: "03dd7e3b53cd71:0"
last-modified: Thu, 29 Apr 2021 05:09:54 GMT
server: ECAcc (frc/8F1B)
age: 279064
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 1988

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 606 KB
132 KB 821ms
10ms Script
text/javascript 2a02:26f0:6c00:191::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/31589/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:191::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1fed12443af85bad1688918cf55e0acd5205d90f1f47acdc4687958d6c7e0d2c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:43 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: XV2JC18SFDXW9Y54
content-length: 134883
x-amz-id-2: mNrJReqMADgfbGzxCC4p4MOsOMSYhTF3PoUwglCSJ4FA7mTQud67728zn163fvO2wnclJAElcIg=
last-modified: Fri, 30 Apr 2021 15:13:36 GMT
etag: "a24f6fcb5700a78d19fa039d703b21bb"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 8
accept-ranges: bytes
access-control-allow-headers: *
expires: Sun, 02 May 2021 11:48:43 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/202104291546/ 86 KB
29 KB 794ms
26ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202104291546/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/RNw7xiqRu-6_97G1pl1Hr7_2fbE/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6eb572bc6895eb21783b802485b91b4f98ea649b18905a22e38f8524240a99e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 11:18:43 GMT
Content-Encoding: gzip
Age: 761
X-Cache: HIT
Connection: keep-alive
Content-Length: 28804
x-amz-id-2: DXe+gcaVhZ84tj94BoYNBSG6Hyf9x82TKF/sB+ap5tFLLdSHAvdfQN6OqN2kpZi4LeuUp0XuFY4=
X-Served-By: cache-fra19145-FRA
Last-Modified: Thu, 29 Apr 2021 19:47:46 GMT
Server: AmazonS3
X-Timer: S1619954323.453762,VS0,VE0
ETag: "d69f6e8db133ce03b70c6166c7052b7f"
x-amz-request-id: S20J5J4MN0SPAW0T
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 719

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 21ms
19ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.philstar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 19ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.philstar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
5 KB 252ms
252ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1031249435209966&correlator=2352716153739453&output=ldjh&impl=fifs&eid=31060923%2C31060939&vrg=2021042801&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20210502&iu_parts=213794966%2Cvuukle-widget%2Cphilstar.com&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C88x31%7C120x30%7C120x60%7C120x90%7C160x60%7C250x250%7C272x391%7C272x360%7C300x250%7C300x50%7C320x50%7C320x250%7C320x320%7C320x100%7C335x250%7C336x280%7C360x360%7C360x250%7C364x303%7C364x373%7C366x375%7C366x359%7C372x250%7C374x250%7C375x375%7C387x359%7C400x300%7C400x250%7C414x414%7C468x60%7C480x300&prev_scp=refreshIteration%3D0&eri=4&cust_params=url%3Dhttps%253A%252F%252Fwww.philstar.com%252Fheadlines%252F2021%252F05%252F02%252F2095356%252Fdoj-solgens-office-looking-reported-data-breach%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk%26words%3Dheadlines%252C2021%252C05%252C02%252C2095356%252Cdoj-solgens-office-looking-reported-data-breach%26CMP_accepted%3D0%26api_key%3D75f932c6-b01d-490e-bae9-2a145b13e07d&cookie_enabled=1&bc=31&abxe=1&dt=1619954322744&dlt=1619954299521&idt=6233&frm=20&biw=1600&bih=1200&oid=3&adxs=628&adys=5372&adks=1752444679&ucis=a&ifi=10&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&vis=1&dmc=8&scr_x=0&scr_y=0&psz=638x330&msz=638x1&ga_vid=706397866.1619954304&ga_sid=1619954306&ga_hid=516027297&ga_fc=false&fws=4&ohw=638&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

807edcbf2a090806add3c0df7d5bbfec44b1c6ede1f8d0c307cd8cb91ab56291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4658
x-xss-protection: 0
google-lineitem-id: 5653857814
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138344835970
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.philstar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
5 KB 436ms
435ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1031249435209966&correlator=2352716153739453&output=ldjh&impl=fifs&eid=31060923%2C31060939&vrg=2021042801&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20210502&iu_parts=213794966%2Cvuukle-widget%2Cphilstar.com-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C88x31%7C120x30%7C120x60%7C120x90%7C160x60%7C250x250%7C272x391%7C272x360%7C300x250%7C300x50%7C320x50%7C320x250%7C320x320%7C320x100%7C335x250%7C336x280%7C360x360%7C360x250%7C364x303%7C364x373%7C366x375%7C366x359%7C372x250%7C374x250%7C375x375%7C387x359%7C400x300%7C400x250%7C414x414%7C468x60%7C480x300&prev_scp=refreshIteration%3D0&eri=4&cust_params=url%3Dhttps%253A%252F%252Fwww.philstar.com%252Fheadlines%252F2021%252F05%252F02%252F2095356%252Fdoj-solgens-office-looking-reported-data-breach%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk%26words%3Dheadlines%252C2021%252C05%252C02%252C2095356%252Cdoj-solgens-office-looking-reported-data-breach%26CMP_accepted%3D0%26api_key%3D75f932c6-b01d-490e-bae9-2a145b13e07d&cookie_enabled=1&bc=31&abxe=1&dt=1619954322759&dlt=1619954299521&idt=6233&frm=20&biw=1600&bih=1200&oid=3&adxs=628&adys=5702&adks=2057847925&ucis=b&ifi=11&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&vis=1&dmc=8&scr_x=0&scr_y=0&psz=638x330&msz=638x1&ga_vid=706397866.1619954304&ga_sid=1619954306&ga_hid=516027297&ga_fc=false&fws=4&ohw=638&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

c2dee571d42dc4c09dc0478f253e1d9654411c77566df33e9e9ff0a5940033dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4601
x-xss-protection: 0
google-lineitem-id: 5680545759
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138348150806
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.philstar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame D5FF 61 KB
21 KB 49ms
49ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: adsuite.adsparc.net
URL: https://adsuite.adsparc.net/includes/ads/ftags.php?pubId=23&tagId=341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

2c50dbf44e2e4f5ab55fc065d56caac9e82e06682fbff7409b9b13c63ef7d606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "859 / 595 of 1000 / last-modified: 1619820675"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21209
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:42 GMT

GET
H2 200 sa-script.js Show response
cdn.bidder.dev/clients/98948493/philstar_com_footad/ Frame D5FF 119 KB
119 KB 656ms
15ms Script
text/javascript 34.96.69.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidder.dev/clients/98948493/philstar_com_footad/sa-script.js
Requested by: Host: adsuite.adsparc.net
URL: https://adsuite.adsparc.net/includes/ads/ftags.php?pubId=23&tagId=341
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.69.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: aac4064e4ab99c5b90ac9bacf374212bf4e10ff1b43334652def715f2eada7ba

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 10:36:30 GMT
via: 1.1 google
age: 2533
etag: CIq/muqHjfACEAE=
content-type: text/javascript
cache-control: public,max-age=3600
alt-svc: clear
content-length: 121390

GET
H2 200 adsparc-icon_20x20_white_transparent.png
adsuite.adsparc.net/images/ 1 KB
1 KB 125ms
124ms Image
image/png 3.208.237.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adsuite.adsparc.net/images/adsparc-icon_20x20_white_transparent.png
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.237.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-237-232.compute-1.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 4e8d62dee31922c08c5d935130b39116bcd161e5d1da18c34e04252a67913c4a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:42 GMT
last-modified: Wed, 03 Feb 2021 15:25:35 GMT
server: Apache/2.4.18 (Ubuntu)
accept-ranges: bytes
etag: "4be-5ba7032cea33f"
content-length: 1214
content-type: image/png

GET
H2 200 x_20x20_transparent.png
adsuite.adsparc.net/images/ 1 KB
1 KB 123ms
123ms Image
image/png 3.208.237.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adsuite.adsparc.net/images/x_20x20_transparent.png
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.237.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-237-232.compute-1.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 5df8cc499cebf3b8613c5dc408457fad0da80753b18936bdb3174b6bffe0b67b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:42 GMT
last-modified: Wed, 03 Feb 2021 15:25:35 GMT
server: Apache/2.4.18 (Ubuntu)
accept-ranges: bytes
etag: "474-5ba7032cea33f"
content-length: 1140
content-type: image/png

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 842ms
106ms XHR
application/json 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1619954322824&sessionId=32d6e1af-d252-e3e3-f175-03156fd02640&url=www.philstar.com&cheqSource=1&cheqEvent=2&responseTime=17231
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 May 2021 11:18:43 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: e13f5e9f497537d873a1e5a6bff5d563
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
158 B 108ms
107ms Image
image/gif 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136be7ce30ee448b949225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60632fd78afe7dfe1474ab9488bbd39e821da61c45085052aae2d05f91e46042cc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c1250616e9656ca0990a63ecc89825d957bd1fad811bc551c8c96dd82a77c3d835d27795d2e0a58ce6e4117cf22ce0b9af285161b9873194e742e740450486095a80d4c38681eb923bce6a88deee8878bc2e7d34d1787bc595964d7084e977fb5be7c74b9720ae28421b539e62ff439cd0be71f8df78d209f2c3ced16c8048526eed12155e710474c0af65ba4ed8cb9669f5cc35aedd7e8dcfbbae30dfe2bc083729dca45849d3f818570cf1ebee25b965ccbc05bcb533ee23ff6acc0d830995fd7c985863b1fa8f326e7b311e78490946f9b99e70c056e257444235eaf61a8edb4752ecb2dca6ae2e9effee9785e4acf14e533ffb4e9ab55b689f5e631bd17f5e706fea66a97619def6c7638b7cca238baf30d0bb0b996712272000110f8e93f6d12e0f20880457c7c1d3baacd816548cbab961848c26399e87504f36bccf9d0f7fe0358f1bdd5fb62389519bda19f8f7&cb=1619954322823&cri=oB5rM4uhSv
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 11:18:42 GMT
cache-control: no-cache, no-store, must-revalidate
cheq_headers_order: Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type: image/gif
content-length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjoyLCJmIjo1fQ.mp4
images.outbrainimg.com/transform/v3/ 22 KB
23 KB 21ms
20ms Media
video/mp4 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjoyLCJmIjo1fQ.mp4
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44fa7ef50d1ae2feeeead6b13dfd2a15b9c479b392fb0f1514a15d9a39d95680

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 02 May 2021 11:18:42 GMT
last-modified: Tue, 23 Feb 2021 19:47:11 GMT
content-type: video/mp4
Content-Range: bytes 0-22957/22958
cache-control: max-age=2286064
x-traceid: 16ab53ece480da8b618c6747a8913db2
timing-allow-origin: *
Content-Length: 22958

GET
H2 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 29A6 14 B
172 B 18ms
17ms XHR
application/json 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.philstar.com&client_id=901299274787-uhltbpsq076q893g1pbfe765frnelm5j.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1582218480-idpiframe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XmlHttpRequest

Response headers

date: Sun, 02 May 2021 11:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 02 May 2021 12:18:43 GMT

OPTIONS
H2 204 loadVuukle
api.vuukle.com/api/v1/Comments/ Frame 0
0 338ms
198ms Preflight 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vuukle.com/api/v1/Comments/loadVuukle?apiKey=75f932c6-b01d-490e-bae9-2a145b13e07d&articleId=2095356&globalRecommendation=false&host=philstar.com&start=0&uri=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk%26_hsmi%3D88974744
Protocol: H2
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://cdn.vuukle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 02 May 2021 11:18:43 GMT
access-control-allow-credentials: true
x-varnish: 524213245
age: 0
via: 1.1 varnish (Varnish/6.2)
access-control-allow-origin: https://cdn.vuukle.com
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-credentiails: true
cf-cache-status: DYNAMIC
cf-request-id: 09ce6668e7000005ccc08b0000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6490d9bb0a4e05cc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 loadVuukle Show response
api.vuukle.com/api/v1/Comments/ Frame 8686 11 KB
3 KB 188ms
182ms XHR
application/json 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vuukle.com/api/v1/Comments/loadVuukle?apiKey=75f932c6-b01d-490e-bae9-2a145b13e07d&articleId=2095356&globalRecommendation=false&host=philstar.com&start=0&uri=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk%26_hsmi%3D88974744

Requested by

Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/widgets/comments.modern.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe8476e8ed0a702924f9f9261bab5717dafd188ef8268789afb2d8ec6b734ac

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://cdn.vuukle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 May 2021 11:18:44 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: DYNAMIC
age: 0
access-control-allow-credentiails: true
content-type: application/json; charset=utf-8
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ce6669b7000007461a3ba000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-varnish: 525538915
access-control-allow-origin: https://cdn.vuukle.com
x-xss-protection: 1
cache-control: no-store,no-cache
access-control-allow-credentials: true
cf-ray: 6490d9bc5fb00746-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 bluebillywig_pbjs.js Show response
cdn.bluebillywig.com/scripts/prebid/ Frame 0A23 494 KB
155 KB 34ms
8ms Script
application/javascript 2600:9000:214f:6000:1d:47ad:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluebillywig.com/scripts/prebid/bluebillywig_pbjs.js
Requested by: Host: adsparc.bbvms.com
URL: https://adsparc.bbvms.com/p/philstar_com_instream/l/1588580435555250.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6000:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8572bff3fc6c5d160fa45f66ae04461f0c932a3fa3c2a39d5234aaf3924f3d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:05:16 GMT
content-encoding: gzip
age: 1216
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
access-control-allow-origin: *
last-modified: Mon, 22 Feb 2021 11:58:17 GMT
server: AmazonS3
etag: W/"50d30deabbbf7cb6754f71f0af47d89b"
vary: Accept-Encoding
access-control-allow-methods: PUT, GET, POST
content-type: application/javascript
via: 1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: NqeXTOIKGHfyQ7NXjEl4gkvotGBUNXl9tXUVROlcvrVNTm10gSOQdw==

GET
H2 200 philstar_com_instream.js Show response
adsparc.bbvms.com/b/ Frame 0A23 19 KB
6 KB 188ms
155ms Script
text/javascript 65.9.84.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adsparc.bbvms.com/b/philstar_com_instream.js
Requested by: Host: adsparc.bbvms.com
URL: https://adsparc.bbvms.com/p/philstar_com_instream/l/1588580435555250.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: f4534fca22e53b1ec3346fbfec5df2adb2360ea9d9d299a6c4a4d077cb669850

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ovp-host: vms-prod-frontend-spot-10-1-19-247
date: Sun, 02 May 2021 11:18:44 GMT
content-encoding: gzip
server: Apache
x-amz-cf-pop: AMS1-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: public,max-age=90
content-type: text/javascript;charset=UTF-8
content-length: 5950
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
x-amz-cf-id: VHkEEwGkYcAgal-PirEOmWLx8xT8AZJ9G5DXRF9GpIufwxUVmGUVTA==
expires: Sun, 02 May 2021 11:20:14 GMT

GET
H2 200 player.js Show response
cdn.bluebillywig.com/apps/player/20210428.082554/ Frame 0A23 929 KB
297 KB 26ms
8ms Script
application/javascript 2600:9000:214f:6000:1d:47ad:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluebillywig.com/apps/player/20210428.082554/player.js
Requested by: Host: adsparc.bbvms.com
URL: https://adsparc.bbvms.com/p/philstar_com_instream/l/1588580435555250.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6000:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb1349ef3e6413f29bcace687484420ee0679fa9c5eb58d2b9da64120cc67d66

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 10:56:34 GMT
content-encoding: gzip
age: 1333
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 28 Apr 2021 08:26:28 GMT
server: AmazonS3
etag: W/"adae61d05c045cd6fedc2379f083df12"
vary: Accept-Encoding
access-control-allow-methods: PUT, GET, POST
content-type: application/javascript
via: 1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: public,max-age=1209600
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: zO2su79W_qE4FuQSkHG2j9s4Ax3u7h-QOSY7Qy86kTDV6t7JVIwjvg==

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A64B 0
0 109ms
109ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuS0cohFMdBR8Fu4Uk1D97DKGBgqOqGntiM15gvSpyW2M8_lI31f40lN6KIYVyjumt7ce57_BCmeDoKDRlVs4BpYTJdctXI-1XmfNIDa_WxtBUxKeXqXZLAp6rdbp3Xzv_ykq-G1nzVxaZw7gFn9G4N4tWhBVZS-xxR2oTzDFYTvPZyGet3HUc8sE_D6wLjgTHbro-Jswis9IBH_UsQMY6jQb8kDn4-tE5aGwcMNPaqTbzxZaTzOqnF-Sctw9mV8Y0fwAg6817LqQ_OLe_NHQrbzDx2fSsqHjmCYNqMej7udKPcV71eSyEevxKEjN_udQ&sig=Cg0ArKJSzLcVJGAItu1dEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 02 May 2021 11:18:44 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame E427 1 KB
2 KB 132ms
40ms Script
application/javascript 13.224.106.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-54.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 10:58:57 GMT
via: 1.1 e9e9ef2b004f5c4a430ab05e0f919051.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1188
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: VYv6Ix6cXny60zniR4CTgFPECueBjNJAh-zyEiQN46aalyo2PHOEnQ==

GET
H2 200 0ebd624e-e581-4346-9d46-c0c3c036e146
image.vuukle.com/ Frame 8686 4 KB
4 KB 44ms
21ms Image
image/jpeg 2606:4700:10::ac43:1695
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.vuukle.com/0ebd624e-e581-4346-9d46-c0c3c036e146
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1695 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b796cf6fbdc223d236f957ff02edc3f3e1551c010878d6c3ce35b314577b75a

Request headers

Referer: https://cdn.vuukle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
cf-cache-status: HIT
age: 3780
cf-polished: origSize=4006, status=webp_bigger
x-guploader-uploadid: ABg5-UwRj9puPMp_abfgBtLXoDlXm6AA-3zP2ZfsiyI4910vOOfmAAk2PFMGDvu-Ws5oLf8MhYVlTvaT31VXujTy4FdRoI3kfA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3714
cf-request-id: 09ce666eab000005dc5dba5000000001
last-modified: Sun, 02 May 2021 10:14:20 GMT
server: cloudflare
etag: "b0b14a0cc36f673d78536585c21a1dc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=VN4rCQ==, md5=sLFKDMNvZz14U2WFwhodxA==
x-goog-generation: 1619663509459435
content-type: image/jpeg
expires: Sun, 02 May 2021 11:15:45 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4006
accept-ranges: bytes
cf-ray: 6490d9c449be05dc-FRA
cf-bgj: imgq:100,h2pri

GET
H2 403 13173657_10208322319593422_7915642314961096449_n.jpg
scontent.xx.fbcdn.net/v/t1.0-1/p50x50/ Frame 8686 17 B
17 B 25ms
9ms Image
text/plain 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.0-1/p50x50/13173657_10208322319593422_7915642314961096449_n.jpg?oh=e02cfccb1c0470f787484d145755f084
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 9159e43e890a4ef44c1936b55f781bb043d0beaac3261dc526f0fc18358cacf9

Request headers

Referer: https://cdn.vuukle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
x-fb-trip-id: 686109401
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 17

GET
H3-29 200 image-philstar.com-2094639
image.vuukle.com/ Frame 8686 7 KB
7 KB 56ms
25ms Image
image/jpeg 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.vuukle.com/image-philstar.com-2094639
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad36e95d9ec52d821de6e7d935301430625673e704a25a57e9244848103385af

Request headers

Referer: https://cdn.vuukle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
cf-cache-status: HIT
age: 162565
cf-polished: origSize=7218, status=webp_bigger
x-guploader-uploadid: ABg5-UyvJLRh_0tbfTr2zG9leFZ8fQ8MR8cxqxkQhhdPwwjshAwa44Ga6TBJznla6I4ZB29gxa5T3jUmMgBv0d17thU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6820
cf-request-id: 09ce666f240000c2b82cbd2000000001
last-modified: Thu, 29 Apr 2021 04:59:25 GMT
server: cloudflare
etag: "7427ab65650d7a1218002aa38d713c67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=ufffzA==, md5=dCerZWUNehIYACqjjXE8Zw==
x-goog-generation: 1619672365047884
content-type: image/jpeg
expires: Fri, 30 Apr 2021 15:09:20 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 7218
accept-ranges: bytes
cf-ray: 6490d9c50ea5c2b8-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 image-philstar.com-2094906
image.vuukle.com/ Frame 8686 8 KB
9 KB 89ms
62ms Image
image/jpeg 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.vuukle.com/image-philstar.com-2094906
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d35ade336ada76584f91f0d2ef91cd3ad6c2189d30af21ce1c1681bc638b44e

Request headers

Referer: https://cdn.vuukle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
cf-cache-status: HIT
age: 162565
cf-polished: origSize=8521, status=webp_bigger
x-guploader-uploadid: ABg5-UxeRm0vBHAN-c8jCtYciYXgIwNmvGUDuzEZzFDI5zrbKhZa12k6qm0rG9Dwts48scN1mWDZxKq_MtZVYdImskI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7937
cf-request-id: 09ce666f240000c2b8710fa000000001
last-modified: Fri, 30 Apr 2021 07:52:23 GMT
server: cloudflare
etag: "7cd75de449e8857c788597fab47ea0de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=bgIGiQ==, md5=fNdd5EnohXx4hZf6tH6g3g==
x-goog-generation: 1619769143123212
content-type: image/jpeg
expires: Fri, 30 Apr 2021 15:09:20 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 8521
accept-ranges: bytes
cf-ray: 6490d9c50ea6c2b8-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 image-philstar.com-2094231
image.vuukle.com/ Frame 8686 2 KB
3 KB 66ms
41ms Image
image/jpeg 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.vuukle.com/image-philstar.com-2094231
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 623edc55aa74b16fe97b9124285f97b1a975661d82d42b5c7b8e77365b54ec01

Request headers

Referer: https://cdn.vuukle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
cf-cache-status: HIT
age: 162565
cf-polished: origSize=2388, status=webp_bigger
x-guploader-uploadid: ABg5-UxogkAUjisk1iASwIWDyvRqOVneA9ouc-AFoegcwQx4G0SaJGI2W7PhNj--aIQMNtJlxwGpzr9x3_-wStAEl__id74rUQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1978
cf-request-id: 09ce666f250000c2b83b929000000001
last-modified: Tue, 27 Apr 2021 16:10:36 GMT
server: cloudflare
etag: "b77cbbb032cc598217b8f0a62d999ecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=7wh/qQ==, md5=t3y7sDLMWYIXuPCmLZmezQ==
x-goog-generation: 1619539836952170
content-type: image/jpeg
expires: Fri, 30 Apr 2021 15:09:20 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 2388
accept-ranges: bytes
cf-ray: 6490d9c50ea8c2b8-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 image-philstar.com-2094386
image.vuukle.com/ Frame 8686 5 KB
6 KB 87ms
62ms Image
image/jpeg 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.vuukle.com/image-philstar.com-2094386
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e91dec2ff14351b0d8bdebc878cab1e8b1763a9b967974bf87cbc9a2267055c

Request headers

Referer: https://cdn.vuukle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
cf-cache-status: HIT
age: 162565
cf-polished: origSize=5988, status=webp_bigger
x-guploader-uploadid: ABg5-Ux_vyyf6yQNQxYDI9NH-YOet5yBe5hBOjWdDQ1A-ok0BXLqFp_g2cFyOZPKLb_b2gOdwj4KPcde_L23A0ckTL_px1qx3A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5625
cf-request-id: 09ce666f250000c2b875966000000001
last-modified: Wed, 28 Apr 2021 05:04:04 GMT
server: cloudflare
etag: "6a51f519330ba2847c33eeabcc190184"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=4sxvOg==, md5=alH1GTMLooR8M+6rzBkBhA==
x-goog-generation: 1619586244926403
content-type: image/jpeg
expires: Fri, 30 Apr 2021 15:09:20 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 5988
accept-ranges: bytes
cf-ray: 6490d9c50eaac2b8-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 image-philstar.com-2095313
image.vuukle.com/ Frame 8686 4 KB
5 KB 54ms
38ms Image
image/jpeg 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.vuukle.com/image-philstar.com-2095313
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc1e2c0fa1a126e57a570f594b2ce8c552a3ca5b250f5045478701dc7fffbb3d

Request headers

Referer: https://cdn.vuukle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
cf-cache-status: HIT
age: 50687
cf-polished: origSize=4913, status=webp_bigger
x-guploader-uploadid: ABg5-Uw1dZvR2_aVuT7D7HWBpm8KbRpAL-7RsJjzgTKtJmjH0HrammuiQl94XqXu4zI2wVheoxPICMMRO1JSPnHope8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4546
cf-request-id: 09ce666f260000c2b80fa8e000000001
last-modified: Sat, 01 May 2021 16:50:05 GMT
server: cloudflare
etag: "3ecb3088f25644f4fe40ad35938144a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=u2DXQw==, md5=PsswiPJWRPT+QK01k4FEog==
x-goog-generation: 1619887805960541
content-type: image/jpeg
expires: Sat, 01 May 2021 22:13:58 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4913
accept-ranges: bytes
cf-ray: 6490d9c50eabc2b8-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 image-philstar.com-2094130
image.vuukle.com/ Frame 8686 6 KB
7 KB 31ms
15ms Image
image/jpeg 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.vuukle.com/image-philstar.com-2094130
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe00434ab732b75eb8b5f35f3ee171c96151a228fce0a80a1b475ab4ccf06ce4

Request headers

Referer: https://cdn.vuukle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
cf-cache-status: HIT
age: 162446
cf-polished: origSize=6743, status=webp_bigger
x-guploader-uploadid: ABg5-UwgH5RSDytHw-FNiyMZPAuqMU5QDbZTy0bZPtt7osmV9SBi4Z1-ORPNCZdox69gcFCSAQFufoqfwV4b1z4bR1Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6327
cf-request-id: 09ce666f260000c2b834899000000001
last-modified: Tue, 27 Apr 2021 05:02:28 GMT
server: cloudflare
etag: "de15707b39625f205b4884b01dfee1d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=4pSAPw==, md5=3hVwezliXyBbSISwHf7h0A==
x-goog-generation: 1619499748102613
content-type: image/jpeg
expires: Fri, 30 Apr 2021 15:11:19 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 6743
accept-ranges: bytes
cf-ray: 6490d9c50eacc2b8-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 image-philstar.com-2094665
image.vuukle.com/ Frame 8686 6 KB
7 KB 54ms
38ms Image
image/jpeg 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.vuukle.com/image-philstar.com-2094665
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8816cb4a7171fe38b2b9361f50651ab03b167452fa0ed4080e575cf77ae930f

Request headers

Referer: https://cdn.vuukle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
cf-cache-status: HIT
age: 162565
cf-polished: origSize=6478, status=webp_bigger
x-guploader-uploadid: ABg5-UwX7Uw-JJ1pEzkU2hSxN0sjuNgpwxvj0MvDAxyas7h5fVBvEXRHfURzYqABNV2eFw6hoqoQe_MEN1LDiKlZDew
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6103
cf-request-id: 09ce666f260000c2b86c073000000001
last-modified: Thu, 29 Apr 2021 10:52:10 GMT
server: cloudflare
etag: "28298405eb174335957e686da9350a0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Q/kkZg==, md5=KCmEBesXQzWVfmhtqTUKDw==
x-goog-generation: 1619693530603057
content-type: image/jpeg
expires: Fri, 30 Apr 2021 15:09:20 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 6478
accept-ranges: bytes
cf-ray: 6490d9c50eaec2b8-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 image-philstar.com-2094133
image.vuukle.com/ Frame 8686 4 KB
5 KB 57ms
42ms Image
image/jpeg 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.vuukle.com/image-philstar.com-2094133
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0ce424c7288360782df3ad9ec7095496b60fecab490974863b627d39aa04f8a

Request headers

Referer: https://cdn.vuukle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
cf-cache-status: HIT
age: 162446
cf-polished: origSize=4555, status=webp_bigger
x-guploader-uploadid: ABg5-Uy50NCqNsUhbViaLXm5TRC1cEzvq1wehp-GkkTHKYG74OBUEN1tvtWIC7aAWzS0_TJkiGGWgAn3F2vm9TVvLKM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4242
cf-request-id: 09ce666f270000c2b8178af000000001
last-modified: Tue, 27 Apr 2021 06:11:51 GMT
server: cloudflare
etag: "7a5e8b4f7f104bd2178175d6fdb3cf14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=zqT7pA==, md5=el6LT38QS9IXgXXW/bPPFA==
x-goog-generation: 1619503911611512
content-type: image/jpeg
expires: Fri, 30 Apr 2021 15:11:19 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4555
accept-ranges: bytes
cf-ray: 6490d9c50eafc2b8-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 image-philstar.com-2093841
image.vuukle.com/ Frame 8686 6 KB
7 KB 49ms
42ms Image
image/jpeg 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.vuukle.com/image-philstar.com-2093841
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0dc238278b7bdf2ce071b5bacc67c4d2662066059d2101eeedd792a99cf101f

Request headers

Referer: https://cdn.vuukle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
cf-cache-status: HIT
age: 162446
cf-polished: origSize=6677, status=webp_bigger
x-guploader-uploadid: ABg5-UyB02-tO3LAeP6jdJDofWzamN4aUlfy9IWAvdCb5qWzMQh2bLYdCocQAVq30I7LFgkHWerMS48jJKMp8Bhq1hzrljSJFQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6296
cf-request-id: 09ce666f270000c2b875218000000001
last-modified: Sun, 25 Apr 2021 16:17:59 GMT
server: cloudflare
etag: "5bdcc232e2cffd7fa4dc4b276960dddc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=oIeOkA==, md5=W9zCMuLP/X+k3EsnaWDd3A==
x-goog-generation: 1619367479580233
content-type: image/jpeg
expires: Fri, 30 Apr 2021 15:11:19 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 6677
accept-ranges: bytes
cf-ray: 6490d9c50eb1c2b8-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 image-philstar.com-2094363
image.vuukle.com/ Frame 8686 7 KB
7 KB 42ms
36ms Image
image/jpeg 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.vuukle.com/image-philstar.com-2094363
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93ff09865a992aa8911c7bf6ff55aa4bb41da68c52924b2b689f6f6ee251f2a8

Request headers

Referer: https://cdn.vuukle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
cf-cache-status: HIT
age: 162565
cf-polished: origSize=7316, status=webp_bigger
x-guploader-uploadid: ABg5-Uz94Zt77xn0tlgNiYbs6crbWBdqS4sH1nKG8sYp-TDdLtus_f3QdempYhwLXtPNBWdpH8-1GFbjukq2o7HIja8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6812
cf-request-id: 09ce666f270000c2b842876000000001
last-modified: Wed, 28 Apr 2021 00:15:12 GMT
server: cloudflare
etag: "35b7157464eac244a44e0de98d3ea391"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=p5+qiA==, md5=NbcVdGTqwkSkTg3pjT6jkQ==
x-goog-generation: 1619568912966397
content-type: image/jpeg
expires: Fri, 30 Apr 2021 15:09:20 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 7316
accept-ranges: bytes
cf-ray: 6490d9c50eb3c2b8-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 8E70 335 KB
95 KB 26ms
9ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d0a162d28a06106f038a1c1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 34bcaf7c0514ae4b7a37c2bcd201d707b82488434dce6962802bc6e671710184

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UwS9-EV3VoNkoyPBUskjhRtEnfNbDYmI_jOqNRbuuCBAhaYH51J9SDIduC94ruMdbZAwgkP1He09Qhv-CVJo4U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 96867
last-modified: Sun, 02 May 2021 06:47:25 GMT
server: UploadServer
etag: "4a93930f0ece2792b76a8dfcebe4401d"
vary: Accept-Encoding
x-goog-hash: crc32c=bR0nDg==, md5=SpOTDw7OJ5K3ao386+RAHQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1619938045172692
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 96867
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 02 May 2021 11:23:45 GMT

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 459ms
116ms Fetch
text/plain 64.74.236.63
INTERNAP-BLK5

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=ee088c7a9b94f20edba74cd98285060a_3357_1619954321522&tm=21707&eT=0&widgetWidth=638&widgetHeight=649&widgetX=309&widgetY=5278&wRV=2000324&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.63 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 May 2021 11:18:45 GMT
content-encoding: gzip
X-TraceId: f7ad7f0ec78241c18dcc9d1f2a3fbb68
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 459ms
116ms Fetch
text/plain 64.74.236.63
INTERNAP-BLK5

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=3102bc8c9d8d6f3c21fdcca9ead5634e_3357_1619954321716&tm=21734&eT=0&widgetWidth=638&widgetHeight=649&widgetX=309&widgetY=5937&wRV=2000324&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.63 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 May 2021 11:18:45 GMT
content-encoding: gzip
X-TraceId: 51fd7b07b3d414f3833a50db8941dd68
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 467ms
117ms Fetch
text/plain 64.74.236.63
INTERNAP-BLK5

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=5eaf69b02f6f9edd00042d7955583660_3357_1619954321801&tm=21738&eT=0&widgetWidth=0&widgetHeight=0&widgetX=160&widgetY=1200&wRV=2000324&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.63 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 May 2021 11:18:45 GMT
content-encoding: gzip
X-TraceId: 69967cbe1f353c6ddd020587b07b84e2
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 topBox.js Show response
widgets.outbrain.com/nanoWidget/2000324/module/ 82 KB
21 KB 277ms
26ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000324/module/topBox.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3a49e28711888e7c418630d3f8cff5ac92cb81d2343825bab8ebcfb1a4a071d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
content-encoding: gzip
last-modified: Sun, 02 May 2021 10:54:42 GMT
server: AkamaiNetStorage
etag: "caa251751930f7ad85ec15a330b71a4c:1619954085.32303"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 21149

GET
H2 200 jquery.dfp.min.js Show response
60a6ae725fca.bitsngo.net//common-scripts/ 7 KB
3 KB 46ms
8ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net//common-scripts/jquery.dfp.min.js?v=4.0.v201807040945
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=73376741
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E93) / ASP.NET
Resource Hash: 9d566d5a66973cf49495579c828f81361d994a2b2e42690b5824ef1fd7803227

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
content-encoding: gzip
etag: "0963258943ad71:0"
last-modified: Mon, 26 Apr 2021 12:04:44 GMT
server: ECAcc (frc/8E93)
age: 513917
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 3225

GET
H2 200 vendor.js Show response
60a6ae725fca.bitsngo.net/content/4.0/js/ 451 KB
154 KB 11ms
8ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/4.0/js/vendor.js?v=4.0.v20210429050410.54719
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=73376741
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E9A) / ASP.NET
Resource Hash: 43a3180bf543501f3c010d886d652d3da0997798bd88b071de838fa876560c8d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
content-encoding: gzip
etag: "03dd7e3b53cd71:0"
last-modified: Thu, 29 Apr 2021 05:09:54 GMT
server: ECAcc (frc/8E9A)
age: 279067
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 157759

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8918 0
0 75ms
66ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYXlWOPpzrNol_h7ldN35n38vIEbet6mIt7WTnc1YdCZdlamxn9yJ_qEob49pIhsb69iL0045PjSyg9Q7NVD4Bu2ECc1N1lSqVFRRNlmuSa7vtzJJjuu29zHVKaBwpMqWOxKYhn1PH6tmV2oxvqCIifpjiPUYg_0lzLBQBfJUHiLycNqDLBffAf4GCgcJYGpgDwbg2hm-zxUpjpHKQaaSmSqCTa7hsEcg0u7jMV2BiYMJ8OKuUR2WXeshPhjhuYlHbFD6-h4OH5R-xF1qdGOGVwLnQr4lCuRu3svCcRQSANZQes4Qd-34JxU29WetJL8L89w&sai=AMfl-YQ9bB0JQEMkVNcJ3GIkQ1ahYukSdoUVaAcE-LnJdgZj7d2E6cx38mdmMxxRR5IJW5Z22eUXOrtfpee-9u3GZMIQwzWqHTJtMmPXsfzoZYKEiuj0kYTZDxGDyfHmbsvp&sig=Cg0ArKJSzJzvePKlHQ4eEAE&urlfix=1&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 GetAfpftpJs Show response
adgebra.co.in/afpf/ Frame 8918 10 KB
3 KB 395ms
363ms Script
text/javascript 2606:4700::6812:c6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adgebra.co.in/afpf/GetAfpftpJs?parentAttribute=afpftpPixel_27_1619954325671
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVxHVd7tj0GZW2y9nkp8ksYxZW8XrjSc4r4MC8MhPPSr2-HwrV1-WJV7CgQrxW6R1FRm8KLPtZW5xZC4s5S2X6FVGx85n30skMKW5Lkd3s5g62MfW6N0TyR5v7VM6W97T-fp2S1d6YW8qHFW46j-cKrW97pXqW812fjgW1NJ8SD37vbM1W5Ns28j2VZ_1SV6DnhS2mrLZJVKZdS97ZN8j9W4j2hgg5Jt9LSN7xkxPV6lN5wW5T36Lf4Q_KwyW7nlwSr5P51SfW7kZs6w6FSqpmW4GQ3Q32J9Y7kW7h591n3NpQ3_W2BtfV53KCJLRW26MGHm4cZ_djW53QhNw8rl4V-W2Fnhq815Gg8bN3vMsDQNjFyjW1fPD9p8jq_QCN1496wq_0P2t369N1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70798be1e72609824ee48e05422f8eeb09a2e395dc44556c5179281ef5491e36

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sun, 02 May 2021 11:18:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=ISO-8859-1
cache-control: no-cache, public, no-cache
access-control-allow-credentials: true
cf-ray: 6490d9c7ae5418e5-FRA
cf-request-id: 09ce6670cf000018e5ef345000000001
expires: Sun, 02 May 2021 11:18:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8918 116 KB
35 KB 42ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:45 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 25A4 0
0 68ms
66ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2uF71Gqxce68-Uca3b_lvEcTaOBd2_fcDid6lXQ8qf-_tSpH0ZvLlo4YfJZgLw10-4T3WyZ58L15GqC_cQu9Ws6c9vsKLPmo1mVdUYPfXCeE2tvSzPh3ohgPXxebzAH_TFG3Il39mL0gLYLHdDNi6N8cOuTQAitYPnKSSu1v1ZEq_oCyUa6gH9A3YoMen0Pw5yhy6S9QBV6mhJia0d1HG1-EpAUGZkTWLqSXD_bv1xO5TaWte92lYjV1qWHQ7ez4Bw3IbTmUDK20o6_yyMDgVr5fWQ2Rvl0PY08Oviq2gyprN21b1gHvNXG-PVssnd5s8LbVA&sai=AMfl-YSLN3EQD1cv8v_drSJXX2N-GyT0nxX-cDt4bRJVVc20bBPmS4vU_YDmn9cMqGWFK3nOj3txsHDFsa09avbERrnKJ9FHM38gbBHgByd78sP9OwQfxv3osyK1I18l33c&sig=Cg0ArKJSzGoxuk6xKqxTEAE&urlfix=1&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 trafficexchange.js Show response
cdn.vuukle.com/widgets/ Frame 25A4 175 KB
54 KB 24ms
23ms Script
application/javascript 2606:4700:10::ac43:1695
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/widgets/trafficexchange.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVxHVd7tj0GZW2y9nkp8ksYxZW8XrjSc4r4MC8MhPPSr2-HwrV1-WJV7CgQrxW6R1FRm8KLPtZW5xZC4s5S2X6FVGx85n30skMKW5Lkd3s5g62MfW6N0TyR5v7VM6W97T-fp2S1d6YW8qHFW46j-cKrW97pXqW812fjgW1NJ8SD37vbM1W5Ns28j2VZ_1SV6DnhS2mrLZJVKZdS97ZN8j9W4j2hgg5Jt9LSN7xkxPV6lN5wW5T36Lf4Q_KwyW7nlwSr5P51SfW7kZs6w6FSqpmW4GQ3Q32J9Y7kW7h591n3NpQ3_W2BtfV53KCJLRW26MGHm4cZ_djW53QhNw8rl4V-W2Fnhq815Gg8bN3vMsDQNjFyjW1fPD9p8jq_QCN1496wq_0P2t369N1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1695 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbcd47cf05b57738d274250a22482f850e472111608387b3eda2f7cc5e520067

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
content-encoding: br
cf-cache-status: HIT
age: 162525
cf-polished: origSize=179486
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ce6670f8000005dcbfa1d000000001
last-modified: Wed, 17 Feb 2021 08:05:07 GMT
server: cloudflare
etag: W/"602cce33-2bd1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=259200
cf-ray: 6490d9c7fa0d05dc-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj: minify

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25A4 116 KB
35 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:45 GMT

GET
H2 200 prebid-4.8.0.js Show response
cdn.jsdelivr.net/gh/bidder-dev/prebid@master/ Frame D5FF 345 KB
109 KB 34ms
11ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/prebid-4.8.0.js

Requested by

Host: cdn.bidder.dev
URL: https://cdn.bidder.dev/clients/98948493/philstar_com_footad/sa-script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

41127b21dacb1a82ea917908bea924f66a2ae1da8620b1b375da94ff2a5b5848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 31293
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 111100
etag: W/"563e9-0gFeVKq+qBkGJsNd/3MQP+JTBmI"
x-served-by: cache-fra19123-FRA
date: Sun, 02 May 2021 11:18:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame EA81 0
0 66ms
65ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssE7D7Q4gozhAUVX3baUKbgQ8sdfgjJzEZcZG3FnX4dhNexgkbcxGNCnfIuJmw9hyB_jhRriNfrtJl_z1kBnIJKJoW0VGMqMITHa-3sUTJSXY4W_XBQ_9Arcce63gPKhCB5EQ7affYx1OfqrJXokQim4aiZrTGKvPqFF0CEKgrWCXDzdSyEP48J7UakNSIBFeLRrmYG41PXCxPdChtp-fTqUbuWF_hnR9b_SVBJ5bSIbqBedK_vXT-6gOuA6HRvulBqxGof24NTbMJ1Ub7cUxJCpnnug8bqM2OFi1dTgQ709IqakOJkQ_C9HCgCvLiFz8yENYlu6QPDUg&sig=Cg0ArKJSzN5ieRqpLCr1EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 02 May 2021 11:18:45 GMT

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 123ms
120ms Fetch
application/json 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=5eaf69b02f6f9edd00042d7955583660&pvId=bc30c015ba80c98a3402ed5ceb7ca16e&sid=4856955&pid=3357&idx=2&wId=113&pad=0&org=0&tm=22142&eT=3&cnsnt=no_consent&wRV=2000324&pVis=0&lsd=-1&eIdx=0&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 May 2021 11:18:45 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: e0a19278c26982fd9447ca72c181fcf3
Content-Length: 4
Expires: 0

GET
H2 200 track
t.teads.tv/ 23 B
143 B 128ms
57ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=debug-bts&fv=734&ts=1619954326140&env=js-web&pageId=31589&pid=40694&auctid=058bac79-e3d1-4447-aeb7-c971e98e2b24&f=1&debug_metadata=wb&referer=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:46 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
113 B 134ms
64ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=058bac79-e3d1-4447-aeb7-c971e98e2b24&pageId=31589&pid=40694&debug_metadata=zI9W2xQF1g&fv=734&ts=1619954326144&f=1&referer=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:46 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 140ms
70ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=058bac79-e3d1-4447-aeb7-c971e98e2b24&pageId=31589&pid=40694&slot=native&fv=734&ts=1619954326159&f=1&referer=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:46 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 140ms
71ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=debug-bts&fv=734&ts=1619954326195&env=js-web&pageId=31589&pid=101238&auctid=fb4e938e-371f-4e4c-898d-431b0a014500&f=1&debug_metadata=wb&referer=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:46 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
113 B 136ms
73ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=fb4e938e-371f-4e4c-898d-431b0a014500&pageId=31589&pid=101238&debug_metadata=8vX8Mkkn6v&fv=734&ts=1619954326196&f=1&referer=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:46 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 138ms
80ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=fb4e938e-371f-4e4c-898d-431b0a014500&pageId=31589&pid=101238&slot=multislot&fv=734&ts=1619954326228&f=1&referer=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:46 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1619954326246&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1619954326246&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...

64 B
329 B

95ms
93ms

Image
image/gif

13.224.106.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1619954326246&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=13795396&cs_ucfr=
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-54.mad50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
via: 1.1 e9e9ef2b004f5c4a430ab05e0f919051.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 6Mo6tPF-6zDM6XPuJmg4vg45I_RmJ1XUrLkZM10Inej5hbXDt0epsg==

Redirect headers

date: Sun, 02 May 2021 11:18:46 GMT
via: 1.1 e9e9ef2b004f5c4a430ab05e0f919051.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1619954326246&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=13795396&cs_ucfr=
content-length: 302
x-amz-cf-id: Equ9TMhRlDpUsvWikah-QMeghaSmHZUULsLteyNrfNaIKHxSgswTAQ==

GET
H2 200 ad Show response
a.teads.tv/page/31589/ 493 B
545 B 1154ms
68ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/31589/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&page=%7B%22id%22%3A31589%2C%22placements%22%3A%5B%7B%22id%22%3A40694%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A638%2C%22height%22%3A359%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%7D&auctid=058bac79-e3d1-4447-aeb7-c971e98e2b24&formatVersion=734&env=js-web&netBw=9.4&ttfb=367
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3f9e0747d414537dcba0dede156daed5fd0a898b16a7f2d7e2ad3ae008514c24

Request headers

Accept: application/json; charset=UTF-8
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 11:18:47 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.philstar.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 337
expires: Sun, 02 May 2021 11:18:47 GMT

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1619954326248&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1619954326248&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...

64 B
328 B

95ms
94ms

Image
image/gif

13.224.106.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1619954326248&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=24473453&cs_ucfr=
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-54.mad50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
via: 1.1 e9e9ef2b004f5c4a430ab05e0f919051.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 1SuykvYAb2OlpuV8lr9T2OrNSwhMBMqMbtoS9-S6ef9-DdVIjt223w==

Redirect headers

date: Sun, 02 May 2021 11:18:46 GMT
via: 1.1 e9e9ef2b004f5c4a430ab05e0f919051.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1619954326248&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=24473453&cs_ucfr=
content-length: 302
x-amz-cf-id: 3062iX375GTfFehj39Da2uX4QSyBPWzmB3EtgpjgzxGSBo_WlxxZGA==

GET
H2 200 ad Show response
a.teads.tv/page/31589/ 495 B
548 B 1142ms
59ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/31589/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&page=%7B%22id%22%3A31589%2C%22placements%22%3A%5B%7B%22id%22%3A101238%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A638%2C%22height%22%3A359%7D%2C%22slotType%22%3A%22multislot%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%7D&auctid=fb4e938e-371f-4e4c-898d-431b0a014500&formatVersion=734&env=js-web&netBw=9.4&ttfb=367
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 891ebcbf3e4aa5e19f4a33807e1c387a0e8b64903f65ad6bbbe9ffcb5d5d4c54

Request headers

Accept: application/json; charset=UTF-8
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 11:18:47 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.philstar.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 340
expires: Sun, 02 May 2021 11:18:47 GMT

GET
H2 200 eyJpdSI6ImNhOGZmNDU5OTUxNTYwZjRkNTQ3Y2M3ZTI1NTM3ZmU3MzE4MmUxMGU3NDY0MTA2MDZhYjU3MmE0YTYwMmM4NmYiLCJ3IjoyODYsImgiOjIxNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 38 KB
39 KB 311ms
21ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNhOGZmNDU5OTUxNTYwZjRkNTQ3Y2M3ZTI1NTM3ZmU3MzE4MmUxMGU3NDY0MTA2MDZhYjU3MmE0YTYwMmM4NmYiLCJ3IjoyODYsImgiOjIxNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 109667bae925ceacad5b2df510649093d44cffea37c2568002c7b7c4a6848a47

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:46 GMT
cache-control: max-age=2289556
last-modified: Mon, 22 Feb 2021 14:58:50 GMT
x-traceid: 1f90fbfebe7139b2be1bb3f902c30412
timing-allow-origin: *
content-length: 39360
content-type: image/webp

GET
H2 200 search Show response
adsparc.bbvms.com/json/ Frame 0A23 8 KB
2 KB 123ms
93ms XHR
application/json 65.9.84.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adsparc.bbvms.com/json/search?limit=10&fq%5B%5D=typeSort%3A%22MediaClip%22%20AND%20(((typeSort%3AMediaClip%20AND%20(catSort%3A%22Philstar0407%22))))&query=(headlines%20solgens%20office%20looking%20reported%20data%20breach)%5E15%20OR%20*%3A*%5E1
Requested by: Host: cdn.bluebillywig.com
URL: https://cdn.bluebillywig.com/apps/player/20210428.082554/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 024c54187484393cc7ef56c4ee65856bbf332554cd2f9414be8d6c44b259e3e8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:46 GMT
content-encoding: gzip
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-ovp-host: vms-prod-frontend-spot-10-1-17-35
pragma: no-cache
access-control-allow-origin: *
server: Apache
vary: Accept-Encoding
content-type: application/json; charset="utf-8"
via: 1.1 5e828cc6ff056cb59ec35c3467ec45f5.cloudfront.net (CloudFront)
cache-control: no-store, no-cache, must-revalidate
content-length: 1623
x-amz-cf-id: fQHae-RmjTUGrQnEyph4ZyMVM-cpOPsfkgp2QoibJv1JeOKpyCXvBw==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-29 200 pubads_impl_2021042801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D5FF 300 KB
106 KB 43ms
38ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 08:37:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108145
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:46 GMT

GET
DATA 200
OK truncated
/ Frame 8918 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbb376892a60a74f25fe24215073b4d9a30921f482bdd8007b160f7fadece604

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 25A4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92e46adbdbbef1bf8f76b7a55f91fc524e785c2b425c3f7f688587f93c607e1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 0A23 2 KB
1 KB 35ms
11ms XHR
application/json 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210502

Requested by

Host: cdn.bluebillywig.com
URL: https://cdn.bluebillywig.com/scripts/prebid/bluebillywig_pbjs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b27050349267addb4321d5cc3f308f8ff112c47a67724082fd20abbadc101b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 29855
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 931
etag: W/"676-7MS5knvmcu11GqT5cxo8yprUYvQ"
x-served-by: cache-fra19177-FRA
date: Sun, 02 May 2021 11:18:47 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 204 b
sb.scorecardresearch.com/ Frame E427 0
336 B 64ms
63ms Image
text/plain 13.224.106.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=3357&cs_ucfr=1&ns__t=1619954327071&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D3357%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DNL&c9=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-54.mad50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
via: 1.1 e9e9ef2b004f5c4a430ab05e0f919051.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: oOfbQ_t4hXq4ZNBTkzEYHfpkyYHXBkxaghm8uy5LQ6pdevgwGFqsow==
x-cache: Miss from cloudfront

GET
H2 200 track
track1.aniview.com/ 0
71 B 567ms
106ms Image
text/plain 54.89.48.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.philstar.com&sn=&ic=0&tgt=0&app=&wi=336&he=280&test=&apppkg=&fv=3&proto=https&pid=5d0a162d28a06106f038a1c1&cid=5d9708a028a061666e462fd1&e=inventory&vi=0&cb=1619954327118
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.89.48.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 200
OK GetToken Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 228 B
954 B 1398ms
23ms XHR
application/json 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/GetToken
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 006808e7561e56e9b6640ee5adc19db30016c993f95414a8e8045b33a244a64e

Request headers

Accept: */*
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 02 May 2021 11:18:48 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: application/json; charset=utf-8
Content-Length: 325

GET
H2 200 1588580435555250.js Show response
adsparc.bbvms.com/p/philstar_com_instream/l/ 157 KB
26 KB 57ms
52ms Script
text/javascript 65.9.84.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adsparc.bbvms.com/p/philstar_com_instream/l/1588580435555250.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202104291546/wrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 4fd7cb3a575d35bf5192fce123f8936011a270848b3ecab277d441ff8f66c316

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:39 GMT
content-encoding: gzip
age: 8
x-cache: Hit from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-ovp-host: vms-prod-frontend-spot-10-1-19-22
access-control-allow-origin: *
server: Apache
vary: Host,Accept-Encoding
content-type: text/javascript;charset=UTF-8
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
cache-control: public,max-age=90
x-amz-cf-pop: AMS1-C1
content-length: 26353
x-amz-cf-id: VkLBMD4cjw6okVDSjtGvpdwuXOVkeXNQtXJVIu3hp-3EGcWBgEPPww==
expires: Sun, 02 May 2021 11:20:09 GMT

OPTIONS
H3-29 204 getStories
api.vuukle.com/api/v1/Articles/ Frame 0
0 186ms
186ms Preflight 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vuukle.com/api/v1/Articles/getStories?host=wegotthiscovered.com
Protocol: H3-29
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.philstar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
access-control-allow-credentials: true
x-varnish: 524700075
age: 0
via: 1.1 varnish (Varnish/6.2)
access-control-allow-origin: https://www.philstar.com
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-credentiails: true
cf-cache-status: DYNAMIC
cf-request-id: 09ce66773c000007466e04d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6490d9d1ffa90746-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 getStories Show response
api.vuukle.com/api/v1/Articles/ Frame 25A4 648 B
1001 B 176ms
175ms XHR
application/json 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vuukle.com/api/v1/Articles/getStories?host=wegotthiscovered.com

Requested by

Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/widgets/trafficexchange.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31f83a7c8d2dbb9c5c6554625637bc6480076da9eae101084e84eb9f4de3debb

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: DYNAMIC
age: 24
access-control-allow-credentiails: true
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ce6677f4000007466e05e000000001
x-varnish: 525637115 525571048
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.philstar.com
x-xss-protection: 1
access-control-allow-credentials: true
cf-ray: 6490d9d31a420746-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 conversion-rates.json Show response
static.amp.services/currency/ Frame D5FF 154 B
1 KB 117ms
80ms XHR
binary/octet-stream 2606:4700:3030::6815:2045
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.amp.services/currency/conversion-rates.json
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/prebid-4.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2045 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b35582db90b0fd9190b329a325bffe96ea1e0cd94d926b3e985defb6fd41ea5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4QX2J6NE82739HY1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 154
x-amz-id-2: Put9+1Bt3n7fAjFsoXkzY07u6l75Yfj2PwCaPIUcLO/+BCVt8WMsCIQjIfIgnTFdIhGWDlMtJPU=
last-modified: Sun, 02 May 2021 06:06:16 GMT
server: cloudflare
etag: "27ecbad97060205f3c2a01669fc67ebb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tFBS5QerAtsbI09rKglawuTxOuGLNY7gggwfeOMGrrkf1Rn2BXD0S%2BugZxtqFtBRUhtt17Srglq5h2yzSHTMd3KF5Tdce85dV%2Fvf9yFTYDfNZrssJCMpwprBLQOXQ%2F4v"}]}
content-type: binary/octet-stream
access-control-allow-origin: *
cf-request-id: 09ce6677ae000005e9e4beb000000001
cf-ray: 6490d9d2bfd005e9-FRA

GET
H2 200 / Show response
adx.adform.net/adx/ Frame D5FF 10 B
548 B 417ms
78ms XHR
application/json 37.157.6.252
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTk0MzQ5MiZ0cmFuc2FjdGlvbklkPWFkZmE5MjQ5LWJiMmMtNGIyNC04MTk1LWE4MjFlZmE3ZjE4MCZyY3VyPVVTRA%3D%3D&bWlkPTk0MzQ5MSZ0cmFuc2FjdGlvbklkPWFkZmE5MjQ5LWJiMmMtNGIyNC04MTk1LWE4MjFlZmE3ZjE4MCZyY3VyPVVTRA%3D%3D&pt=gross&stid=7fa2e939-0897-4091-a4f3-7b808f8b4108&eids=eyJwdWJjaWQub3JnIjp7IjJhY2U5Mjk3LWRmZGMtNDZjZC05ZGQ2LTVlMWU1NDJlOTUyZiI6WzFdfX0%3D&fd=1

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/prebid-4.8.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 May 2021 11:18:47 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.philstar.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 10
expires: -1

GET arj
adsparc-d.openx.net/w/1.0/ Frame D5FF 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D5FF 260 B
1 KB 48ms
47ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/prebid-4.8.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a6d25f5b253516aa806d92678860f90d07282892204cb5d7d7769c97b0803d21

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 02 May 2021 11:18:47 GMT
X-Proxy-Origin: 195.181.173.201; 195.181.173.201; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.240:80
AN-X-Request-Uuid: edd347ec-50ea-4806-bd5c-e0b27b79c499
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.philstar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 hb Show response
ice.360yield.com/ Frame D5FF 99 B
516 B 1366ms
47ms XHR
application/json 3.127.73.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%222169514f2855bf5%22%2C%22version%22%3A%227.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22streamamp.com%22%2C%22sid%22%3A%22%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2211648a64217546a%22%2C%22currency%22%3A%22USD%22%2C%22pid%22%3A22420444%2C%22tid%22%3A%22adfa9249-bb2c-4b24-8195-a821efa7f180%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/prebid-4.8.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.73.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e9befeb197e5da15bd9c88d9ad8dee9522a42d90cc8755c0852d1675bd397825

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.philstar.com
date: Sun, 02 May 2021 11:18:48 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 99
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 hb Show response
ice.360yield.com/ Frame D5FF 95 B
512 B 1343ms
24ms XHR
application/json 3.127.73.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%222203afddb6ef821%22%2C%22version%22%3A%227.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22streamamp.com%22%2C%22sid%22%3A%22%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212fd568e0559a27%22%2C%22currency%22%3A%22USD%22%2C%22pid%22%3A22420442%2C%22tid%22%3A%22adfa9249-bb2c-4b24-8195-a821efa7f180%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/prebid-4.8.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.73.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ec0de40d49e1e7f738a67dadf6ed83fa09848704ecd0dedcdc6d7aaf72763bf2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.philstar.com
date: Sun, 02 May 2021 11:18:48 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 95
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame D5FF 0
324 B 336ms
26ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/prebid-4.8.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 May 2021 11:18:47 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.philstar.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame D5FF 0
324 B 363ms
25ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/prebid-4.8.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 May 2021 11:18:46 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.philstar.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame D5FF 0
117 B 1382ms
65ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/prebid-4.8.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.philstar.com
date: Sun, 02 May 2021 11:18:48 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET /
go1.aniview.com/api/adserver/tag/ 0
0

GET
H2 200 main.js Show response
60a6ae725fca.bitsngo.net/content/4.0/js/ 78 KB
25 KB 9ms
9ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/4.0/js/main.js?v=4.0.v20210429050410.54719
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202104291546/wrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F35) / ASP.NET
Resource Hash: aa643aca8d5fa444b863a9ddb8ab5b4451637ee4cab23b668455e2ad4530b02a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
content-encoding: gzip
etag: "03dd7e3b53cd71:0"
last-modified: Thu, 29 Apr 2021 05:09:54 GMT
server: ECAcc (frc/8F35)
age: 279069
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 25517

GET
H2 200 bwcheck.jpg
adsparc.bbvms.com/player/common/ Frame 0A23 31 KB
31 KB 18ms
18ms Image
image/jpeg 65.9.84.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adsparc.bbvms.com/player/common/bwcheck.jpg?1619954327495
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 3d84266328f1d7697858c57b90580a31d14880698ee486e37b3293daafd1bfe5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 19:30:48 GMT
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 11:00:18 GMT
server: Apache
age: 56879
etag: "7a4d-5c0513c2cb480"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 31309
x-amz-cf-id: GGrNObxqr0o--v73waukHH2faE57YpjIpUqaELaCONRY4o7csfAncg==

GET
H2 200 afphChild.js Show response
adgebra.co.in/afph/ Frame 8918 6 KB
3 KB 326ms
324ms Script
application/javascript 2606:4700::6812:c6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adgebra.co.in/afph/afphChild.js?p1=191&p2=0&p3=0&rnd=21050213
Requested by: Host: adgebra.co.in
URL: https://adgebra.co.in/afpf/GetAfpftpJs?parentAttribute=afpftpPixel_27_1619954325671
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c45cb6b32d493725c1165e6e82f714fc3a6eca6b492e939c34ecc7410a9ec4e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 23 Oct 2020 07:45:15 GMT
server: cloudflare
etag: W/"6354-1603439115000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=7200
cf-ray: 6490d9d3097618e5-FRA
cf-request-id: 09ce6677e2000018e51b8c9000000001
expires: Sun, 02 May 2021 13:18:47 GMT

GET
H2 200 GetMetaDetails Show response
adgebra.co.in/Adg_Analytics/ Frame 8918 0
411 B 427ms
398ms XHR
application/json 2606:4700::6812:c6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adgebra.co.in/Adg_Analytics/GetMetaDetails?docurl=vuukle-philstar.com&rand=24
Requested by: Host: adgebra.co.in
URL: https://adgebra.co.in/afpf/GetAfpftpJs?parentAttribute=afpftpPixel_27_1619954325671
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.philstar.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 6490d9d33a684a92-FRA
content-length: 0
cf-request-id: 09ce6677fe00004a92522ec000000001
expires: Sun, 02 May 2021 11:18:46 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 25A4 0
0 68ms
66ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstup-UqnkZyYaY38tkVpRXvW9yMlADnZK3epYxr8XOPvRr6J6sMA-Okms2ivNLGvcgdfCPlTWuM7nZqi9a-Y4Yt-04aNMnTqUjHQVmyrRr__ZYGAbM8uUwk1cbPJceWTrWFyFMAIhM5QuI_VhOaqezNoKGL29YwCidks9XBCI-G4Szq0Ik680yK5F_UNmL7wTT9zInN1qVWB7yzQ3MTMmbyQi5q3HcVrpE5StG-i-9jafDtkFqjCPmcthylM-HcvBXccPT3gGuzVOWA9ByqkXnjUhU3D85bIT6DlJCOswz6qPu4q_y7QY4Ut6cK_Ruk8gmEZiN_EhQ&sai=AMfl-YS4u6xvwLoPdSXgfXqsAZ5AMyf-wU6AHRYZt-a3xf-bztShvZae3Tw7a2QiMfUYmICA4MnFEhFOBz1VCbKwMwXM361NqlR8kU6yzLNEFWTDQdNK3Y5P5j0KZ5S39mc&sig=Cg0ArKJSzKh09qgTxqbZEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 02 May 2021 11:18:47 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame F441 61 KB
21 KB 24ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: a.teads.tv
URL: https://a.teads.tv/page/31589/tag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04270931118898ee0c5a4c5dd3a5e2c5a383b45d6a41f385998fd62021403451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "859 / 487 of 1000 / last-modified: 1619820675"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21179
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:47 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 63ms
55ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=fb4e938e-371f-4e4c-898d-431b0a014500&pageId=31589&pid=101238&slot=multislot&vid=a1a71da519e5a08d4fc71e9acf7738d57954d6c7&fv=734&ts=1619954327551&f=1&referer=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 3F53 61 KB
21 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: a.teads.tv
URL: https://a.teads.tv/page/31589/tag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6885f0f9e2471215c58c630a45a4c52d421166db93b2f9388a96e122c9176ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "859 / 926 of 1000 / last-modified: 1619820605"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21191
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:47 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 59ms
59ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=058bac79-e3d1-4447-aeb7-c971e98e2b24&pageId=31589&pid=40694&slot=native&vid=a1a71da519e5a08d4fc71e9acf7738d57954d6c7&fv=734&ts=1619954327614&f=1&referer=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H/1.1 206
Partial Content 5ef8b6039749b260072caa41.mp4
cdn.vidcrunch.com/ Frame EA81 64 KB
0 105ms
19ms Media
video/mp4 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/5ef8b6039749b260072caa41.mp4?channelId=5d9708a028a061666e462fd1
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 02 May 2021 11:18:47 GMT
Last-Modified: Thu, 28 Jan 2021 11:05:25 GMT
Server: AmazonS3
x-amz-request-id: BED9BC35C0C4750C
ETag: "44c9ca40dab937ab6c748b4af3778ebd"
X-HW: 1619954327.dop210.am5.t,1619954327.cds007.am5.shn,1619954327.dop210.am5.t,1619954327.cds206.am5.c
Content-Type: video/mp4
Content-Range: bytes 0-2722508/2722509
Cache-Control: max-age=23413721
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 2722509
x-amz-id-2: BKh0WTuO8M/KS336GMgmNJ/BtSzzefh1XXf3cQFtHn9ShJUkDTj5ZUkd7/PIOJzOHGz4sXaGk18=

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ Frame D5FF 107 B
799 B 44ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.philstar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame D5FF 107 B
122 B 19ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.philstar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D5FF 8 KB
4 KB 228ms
224ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=16429070328394&correlator=1157609518794805&output=ldjh&impl=fif&eid=31060789%2C31060853%2C31060939%2C31060321%2C31060795%2C21065724&vrg=2021042801&ptt=17&sc=1&sfv=1-0-38&ecs=20210502&iu_parts=98948493%2CPhilstar_Adsuite_FootAd_HB&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C468x60%7C320x100%7C728x90&prev_scp=floors_id%3Dcontrol%26floors_noresponse%3Dno%26floors_responsetime%3Dlimit&eri=1&cookie=ID%3D192432892bf58148-22fb18c4fac700c5%3AT%3D1619954322%3AS%3DALNI_MZ6VS0IroFd5q3DDUCYbVTweTeOgg&cdm=www.philstar.com&bc=31&abxe=1&lmt=1619954327&dt=1619954327648&dlt=1619954322791&idt=4845&frm=23&biw=1600&bih=1200&isw=1600&ish=150&oid=3&adxs=640&adys=1200&adks=2980635741&ucis=8wgemu8oadlf&ifi=1&ifk=2389204924&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&top=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x50&msz=1600x50&ga_vid=894779505.1619954328&ga_sid=1619954328&ga_hid=238745100&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

b919eda1c544f287b76425e330bdea3c37af2ee1144108b2d584bd3f96af5b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4212
x-xss-protection: 0
google-lineitem-id: 5658433357
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138345116858
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.philstar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ba1ac50216168ee8aefb4809e381c37f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D5FF 0
0 69ms
16ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ba1ac50216168ee8aefb4809e381c37f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame D5FF 0
0 16ms
14ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame EA81 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0A23 0
0 69ms
67ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstl_cTQukgVZru7n8smzWV3ra43xrMisuYYfS6juL0fSQ7Hd2bEklftSTGj1_K6a6ns7dt53TFKVQDFpA2vwqIE4Wf1RZaSiCxnaNeSZU6tbknCJ_viOvwf2eLnBFjCMVaSRy7BUp8K86FFmmKQrok-ehd44I2QEtHwMftal8EmGGqbRJNlrXJILXVhCnXGCzej8GDe4H2OBpX2jiNAg5znwORx-gSzI0aDtGYTd_9jwwEzBlLjrYla_y7B9Fxh_B-srKfqOdxJFbEi5h8TMp7UtEjKeGbS_fgqtytz6eM5Iz7eV7RNGfSgCm0ys4wKuQ-hOGTkVP2mF1l8SjYwIQ&sig=Cg0ArKJSzK6SaPdedTOCEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 02 May 2021 11:18:47 GMT

GET
H2 200 bluebillywig_pbjs.js Show response
cdn.bluebillywig.com/scripts/prebid/ 494 KB
155 KB 16ms
10ms Script
application/javascript 2600:9000:214f:6000:1d:47ad:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluebillywig.com/scripts/prebid/bluebillywig_pbjs.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202104291546/wrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6000:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8572bff3fc6c5d160fa45f66ae04461f0c932a3fa3c2a39d5234aaf3924f3d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:05:16 GMT
content-encoding: gzip
age: 1219
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
access-control-allow-origin: *
last-modified: Mon, 22 Feb 2021 11:58:17 GMT
server: AmazonS3
etag: W/"50d30deabbbf7cb6754f71f0af47d89b"
vary: Accept-Encoding
access-control-allow-methods: PUT, GET, POST
content-type: application/javascript
via: 1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: iGa0MSjyQj54nn_lLMHQDKl4UHlp-iIwPjRhtIxtQAkMHGn1B0jJJQ==

GET
H2 200 philstar_com_instream.js Show response
adsparc.bbvms.com/b/ 19 KB
6 KB 158ms
153ms Script
text/javascript 65.9.84.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adsparc.bbvms.com/b/philstar_com_instream.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202104291546/wrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: f4534fca22e53b1ec3346fbfec5df2adb2360ea9d9d299a6c4a4d077cb669850

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ovp-host: vms-prod-frontend-spot-10-1-18-90
date: Sun, 02 May 2021 11:18:47 GMT
content-encoding: gzip
server: Apache
x-amz-cf-pop: AMS1-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: public,max-age=90
content-type: text/javascript;charset=UTF-8
content-length: 5950
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
x-amz-cf-id: ENohJaS4fM9MZadIDr3eRYs9H8IuY6E1JzfuGnp0q-io8KJDtHN_SQ==
expires: Sun, 02 May 2021 11:20:17 GMT

GET
H2 200 player.js Show response
cdn.bluebillywig.com/apps/player/20210428.082554/ 929 KB
297 KB 16ms
11ms Script
application/javascript 2600:9000:214f:6000:1d:47ad:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluebillywig.com/apps/player/20210428.082554/player.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202104291546/wrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6000:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb1349ef3e6413f29bcace687484420ee0679fa9c5eb58d2b9da64120cc67d66

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 10:56:34 GMT
content-encoding: gzip
age: 1336
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 28 Apr 2021 08:26:28 GMT
server: AmazonS3
etag: W/"adae61d05c045cd6fedc2379f083df12"
vary: Accept-Encoding
access-control-allow-methods: PUT, GET, POST
content-type: application/javascript
via: 1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: public,max-age=1209600
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 9KHhMsdkGpFH_IKxcgGLT1gfj3qLigfQcgEGUCPh2as9fe-EiqpMJg==

GET
H3-29 200 pubads_impl_2021042901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F441 298 KB
105 KB 52ms
42ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

52895609985ce111d4155d4874235999fde1587867d07ed2f1c6074c3aa87c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 08:40:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107611
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:47 GMT

GET
H3-29 200 image-bossip.com-2008751
image.vuukle.com/highres/ Frame 25A4 19 KB
19 KB 21ms
16ms Image
image/jpeg 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.vuukle.com/highres/image-bossip.com-2008751
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49ee1956f2cf8a744629882d3ad464b927c70a97383e4fe09deaeb3b8cc3aab7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
cf-cache-status: HIT
age: 162501
cf-polished: origSize=38986, status=webp_bigger
x-guploader-uploadid: ABg5-UzVNXWmnhafH0Vth6j3RxpThHAD3eDYMbi-IV55qVhluNYkf3T7vMvIt1I-WQ5er6x4q5pr5cxzVYhyWPP4FBwLgugQlQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18980
cf-request-id: 09ce66791d0000c2b81f28a000000001
last-modified: Tue, 20 Apr 2021 21:30:03 GMT
server: cloudflare
etag: "0ea6326b2e247242e0621509b805e20f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=p/rGJg==, md5=DqYyay4kckLgYhUJuAXiDw==
x-goog-generation: 1618954203569423
content-type: image/jpeg
expires: Fri, 30 Apr 2021 15:10:26 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 38986
accept-ranges: bytes
cf-ray: 6490d9d4fff2c2b8-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 pubads_impl_2021042701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3F53 301 KB
106 KB 53ms
40ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

2153bfd5d9e4c4a96b2e193d68e9a326dd0b568fe26df1b0805a7ca365e7a2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 08:39:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108684
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:47 GMT

GET
H2 200 zone.min.js Show response
cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/ 43 KB
13 KB 35ms
22ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202104291546/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

937fdab3409538bd4f6164b79c2caf886f7bb6170fcc37d9bb2fa3c9c010940f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 790281
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12870
cf-request-id: 09ce66797d00002c0dc6b7e000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:18:12 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04044-ac73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WIHG1m%2B7AuqhhVyZJ3jKLBbLSFslCEzfUsMvRu1Y4EVpcnCxs2AvSzNBd8S4xLorTyxF509xm0KPbs7kI8CrprF0oUTMIxuYkxgu%2FfxAa4oV93efgUDHr153GjBEw7laEA%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6490d9d59af42c0d-FRA
expires: Fri, 22 Apr 2022 11:18:47 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4FBF 0
0 69ms
66ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcNa2qe2eu9OYNjfeZkhsRYWq2vaUha8B4hbyiqFsFM0ypx1CwvVB2hQS0thsQ2aI4RIp8S7HpjSafeXzQGHnKmz0M7j3uuMHcHC9Pb3lCx_joZK-hTz0uP8YOUssEzlMPv6R-WxXTQ55TS3fbGcYa4QY1eGkUaqbgPhsBvGAbFEVPx3yODQ56yhyrbKjrNZf7bNxFWQYP3-QG90I-Uz0TyIipc_3iBzEWm1yTpnLcxvvJQRY5QMyEV0-G7-8qFgUW8ricH_xTTw2vvUFkLwzpoy-UYmoZPhVppkJJZxb-IdcsNwKi1YFBWGHiVA&sig=Cg0ArKJSzNFQNtKFoP1hEAE&urlfix=1&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4FBF 132 KB
47 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf3913065b4e4c05bbfe5b261b6227f79b5ae3b9ece80c90da9527e1b7920ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47851
x-xss-protection: 0
server: cafe
etag: 9950050495859225628
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 02 May 2021 11:18:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4FBF 116 KB
35 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:48 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5FF 72 KB
27 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782026698183"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27954
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:48 GMT

GET
H2 200 TPHtmlTemplate Show response
adgebra.co.in/afpf/ Frame 8918 0
238 B 352ms
338ms XHR
application/json 2606:4700::6812:c6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adgebra.co.in/afpf/TPHtmlTemplate?p1=191&p2=null&p3=1&p6=244&p7=0&p8=0&p4=vuukle-philstar.com
Requested by: Host: adgebra.co.in
URL: https://adgebra.co.in/afpf/GetAfpftpJs?parentAttribute=afpftpPixel_27_1619954325671
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sun, 02 May 2021 11:18:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.philstar.com
cache-control: no-cache, public, no-cache
access-control-allow-credentials: true
cf-ray: 6490d9d6fa2f4a92-FRA
content-length: 0
cf-request-id: 09ce667a5900004a9263358000000001
expires: Sun, 02 May 2021 11:18:47 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame F441 107 B
122 B 43ms
17ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.philstar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame F441 107 B
122 B 28ms
20ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.philstar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads
securepubads.g.doubleclick.net/gampad/ Frame F441 8 KB
4 KB 618ms
617ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2161844607201388&correlator=540811350379427&output=ldjh&impl=fif&eid=31060784%2C31060853%2C31060950&vrg=2021042901&ptt=17&sc=1&sfv=1-0-38&ecs=20210502&iu_parts=1015401%2CTeads_PSTAR-Passback%2Cin-article&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C300x250&eri=2&cookie=ID%3D192432892bf58148%3AT%3D1619954322%3AS%3DALNI_Mb6lyorKR2ZuAIXmpHb1A903S497A&cdm=www.philstar.com&bc=31&abxe=1&lmt=1619954328&dt=1619954328313&dlt=1619954327577&idt=614&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=3&adxs=628&adys=2234&adks=2236405036&ucis=mt45m3xp0lsn&ifi=1&ifk=680050134&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&top=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x1&msz=1x1&ga_vid=1561198091.1619954328&ga_sid=1619954328&ga_hid=936859748&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4090
x-xss-protection: 0
google-lineitem-id: 5625792361
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138340351946
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.philstar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
44e81175b4c73a1e0ed4a1744e218e4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F441 0
0 41ms
15ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://44e81175b4c73a1e0ed4a1744e218e4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame F441 0
0 7ms
6ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 search Show response
adsparc.bbvms.com/json/ 8 KB
2 KB 165ms
165ms XHR
application/json 65.9.84.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adsparc.bbvms.com/json/search?limit=10&fq%5B%5D=typeSort%3A%22MediaClip%22%20AND%20(((typeSort%3AMediaClip%20AND%20(catSort%3A%22Philstar0407%22))))&query=(department%20of%20justice%20AND%20menardo%20guevarra%20AND%20office%20of%20the%20solicitor%20general)%5E75%20OR%20(department%20of%20justice%20menardo%20guevarra%20office%20of%20the%20solicitor%20general)%5E60%20OR%20(%22doj%3A%20solgen%27s%20office%20looking%20into%20reported%20data%20breach%22)%5E45%20OR%20(solgens%20office%20looking%20reported%20data%20breach)%5E30%20OR%20(headlines%20solgens%20office%20looking%20reported%20data%20breach)%5E15%20OR%20*%3A*%5E1
Requested by: Host: cdn.bluebillywig.com
URL: https://cdn.bluebillywig.com/apps/player/20210428.082554/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 8de9b1513491545a3d4cde8339df6327b90ce90f75c887545b36ce7d31bedf2f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:48 GMT
content-encoding: gzip
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-ovp-host: vms-prod-frontend-spot-10-1-18-117
pragma: no-cache
access-control-allow-origin: *
server: Apache
vary: Accept-Encoding
content-type: application/json; charset="utf-8"
via: 1.1 5e828cc6ff056cb59ec35c3467ec45f5.cloudfront.net (CloudFront)
cache-control: no-store, no-cache, must-revalidate
content-length: 1655
x-amz-cf-id: SV5LZ_NoB3CYC0QFf-d5rok8RC4_3v_8pWaePV34cpAGv-GAQYRAwQ==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 206
Partial Content 5ef8b6039749b260072caa41.mp4
cdn.vidcrunch.com/ Frame EA81 67 KB
67 KB 1048ms
15ms Media
video/mp4 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/5ef8b6039749b260072caa41.mp4?channelId=5d9708a028a061666e462fd1
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=2654208-

Response headers

Date: Sun, 02 May 2021 11:18:49 GMT
Last-Modified: Thu, 28 Jan 2021 11:05:25 GMT
Server: AmazonS3
x-amz-request-id: BED9BC35C0C4750C
ETag: "44c9ca40dab937ab6c748b4af3778ebd"
X-HW: 1619954329.dop003.am5.shc,1619954329.dop003.am5.t,1619954329.cds206.am5.c
Content-Type: video/mp4
Content-Range: bytes 2654208-2722508/2722509
Cache-Control: max-age=23413719
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 68301
x-amz-id-2: BKh0WTuO8M/KS336GMgmNJ/BtSzzefh1XXf3cQFtHn9ShJUkDTj5ZUkd7/PIOJzOHGz4sXaGk18=

GET
H3-29 200 integrator.js
adservice.google.de/adsid/ Frame 3F53 107 B
122 B 21ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.philstar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js
adservice.google.com/adsid/ Frame 3F53 107 B
122 B 23ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.philstar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads
securepubads.g.doubleclick.net/gampad/ Frame 3F53 8 KB
4 KB 429ms
410ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3763835502989339&correlator=578789940518465&output=ldjh&impl=fif&vrg=2021042701&ptt=17&sc=1&sfv=1-0-38&ecs=20210502&iu_parts=1015401%2CTeads_PSTAR-Passback%2Cin-article&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C300x250&eri=2&cookie=ID%3D192432892bf58148%3AT%3D1619954322%3AS%3DALNI_Mb6lyorKR2ZuAIXmpHb1A903S497A&cdm=www.philstar.com&bc=31&abxe=1&lmt=1619954328&dt=1619954328642&dlt=1619954327623&idt=983&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=3&adxs=628&adys=1421&adks=2236405036&ucis=7ygo6xnhafea&ifi=1&ifk=680050134&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&top=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x1&msz=1x1&ga_vid=1587541962.1619954329&ga_sid=1619954329&ga_hid=1437231612&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4084
x-xss-protection: 0
google-lineitem-id: 5625792361
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138340351946
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.philstar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
bdf9d2fa9a03277f369eabf1dbe621f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3F53 0
0 34ms
17ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bdf9d2fa9a03277f369eabf1dbe621f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 3F53 0
0 9ms
6ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 4FBF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9950591b93d3399f75928ded2b817aaa3e9680041a672699fd611ac6058b6fcf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1000 B 12ms
7ms XHR
application/json 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210502

Requested by

Host: cdn.bluebillywig.com
URL: https://cdn.bluebillywig.com/scripts/prebid/bluebillywig_pbjs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b27050349267addb4321d5cc3f308f8ff112c47a67724082fd20abbadc101b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 29857
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 931
etag: W/"676-7MS5knvmcu11GqT5cxo8yprUYvQ"
x-served-by: cache-fra19177-FRA
date: Sun, 02 May 2021 11:18:48 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8918 0
0 64ms
63ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst18T0ek681_wlyukTmFnAej0o9K8xJCo-ecUmL3Sa-b1usz0PKGoMsI_EfHw18Q5L3g_YF5sSdGnuUcEpWcTHKy3S3DGujhtwPjLgwl8JD1h9aEmjEsJSNzKoSSld8rrmWAGqOsRL23TcV-2Lur2h6zw-QnBguRU5eSOHgzOymzE_TtKqthJoIKm8xxm-0B0y_GU4tGCoxOFxCo7-MlmBOT29LrkY5HUry0OxvrHimt2JfxQ_H1GXgchtiE2gATQseXcXDtg93xgRp_WACCSdiREyScPfcMGhpFuOJm3SKnTQzDHbPxACdO7_-2bMtsQ4gMi_-&sai=AMfl-YR6tb3XzjpdDD-rXezXtIUfURtapCr07bof9uTlDgR_M_MCNTu8PVavTiCvFe_m8NIeA_PtphNiNzs5pJdwEBnn2fpUE1yAUi5en1iajb7XzaQGMK9wAbHurJlosB2Y&sig=Cg0ArKJSzKFFQSdy9ZzuEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 02 May 2021 11:18:48 GMT

POST
H/1.1 201
Created messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
311 B 113ms
104ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: www.philstar.com
URL: https://www.philstar.com/js/jquery-1.10.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=BxPDyliwrZplk6oPa%2BJ%2BRzPI4f5QCBpjnK61daOlwEY%3D&se=1619955977&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: DFPLoaded
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
clientId: "73376741"

Response headers

Access-Control-Allow-Origin: https://www.philstar.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 02 May 2021 11:18:49 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 654ms
98ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.philstar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.philstar.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Sun, 02 May 2021 11:18:49 GMT

GET
H2 200 ima3.js
s0.2mdn.net/instream/html5/ 334 KB
115 KB 39ms
14ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/html5/ima3.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202104291546/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117045
x-xss-protection: 0
expires: Sun, 02 May 2021 11:18:49 GMT

GET
H2 200 admanager.js
cdn.bluebillywig.com/apps/player/20210428.082554/components/ 44 B
480 B 8ms
8ms Script
application/javascript 2600:9000:214f:6000:1d:47ad:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluebillywig.com/apps/player/20210428.082554/components/admanager.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202104291546/wrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6000:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:00:29 GMT
via: 1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
age: 1102
x-cache: Hit from cloudfront
content-length: 44
last-modified: Wed, 28 Apr 2021 08:26:28 GMT
server: AmazonS3
etag: "3e5a0ee4658a47e9066d1c307c5ee323"
access-control-allow-methods: PUT, GET, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: public,max-age=1209600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: sdLhyPmdrR4bXbDl5Ks7Q0QLmd_mL01YEfGJzZ9wsxA1ctVsKhJmbQ==

GET
H2 200 ubuntu.css
cdn.bluebillywig.com/fonts/ 555 B
956 B 15ms
7ms Stylesheet
text/css 2600:9000:214f:6000:1d:47ad:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluebillywig.com/fonts/ubuntu.css
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6000:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:12:30 GMT
via: 1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
last-modified: Wed, 09 Oct 2019 08:50:40 GMT
server: AmazonS3
age: 950
etag: "2a6307abebf25c55ddb0722a4b7ef277"
access-control-allow-methods: PUT, GET, POST
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: ETag
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 555
x-amz-cf-id: N9RcEKeIL5sRIr-fifINKOpoyknVvPnlDO8EBGp-HQ6VFC0fVIVXYw==

GET
H2 200 i
sps.springserve.com/ 43 B
403 B 338ms
99ms Image
image/gif 3.210.126.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sps.springserve.com/i?clid=spm&paid=sps&dvid=v&avid=Adsparc_Player&plid={{DEMAND_TAG_ID}}&caid=Philstar_AdSparc&kv1={{SIZE}}&kv2=philstar.com&publisherId=Philstar_AdSparc&kv4={{IP}}&siteId={{SUPPLY_TAG_ID}}&priceBid={{BID_PRICE}}&kv3={{UUID}}&kv9={{DURATION}}&kv11={{CACHEBUSTER}}&kv13={{CONTENT_ID}}&kv15={{COUNTRY}}&kv16={{LAT}}&kv17={{LON}}&kv18={{APP_BUNDLE}}&kv19={{DEVICE_ID}}&kv25={{APP_NAME}}&kv27={{USER_AGENT}}&kv28={{DEVICE_MODEL}}_{{DEVICE_MAKE}}&kv29=[ERRORCODE]&kv30=[CONTENTPLAYHEAD]_[ADPLAYHEAD]&kv33=[ASSETURI]&kv34=[VASTVERSIONS]&kv35=[ifa_type]&kv36=[IFA]&kv37=[CLIENTUA]&kv38=[SERVERUA]&kv39=[DEVICEUA]&kv40=[DEVICEIP]&kv41=[LATLONG]&kv42=[DOMAIN]&kv43=[PAGEURL]&kv44=[PLAYERSTATE]&kv45=[PLAYERSIZE]&kv46=[REGULATIONS]&kv47=[ADTYPE]&kv48=[TRANSACTIONID]&kv49=[BREAKPOSITION]&kv50=[APPNAME]&kv51=[PLACEMENTTYPE]&kv54=[LAT]&kv24=Desktop_Video
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.126.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 11:18:49 GMT
cache-control: no-cache
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 351.jpg
adsparc.bbvms.com/mediaclip/4190418/pthumbnail/624/ 20 KB
21 KB 136ms
136ms Image
image/jpeg 65.9.84.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adsparc.bbvms.com/mediaclip/4190418/pthumbnail/624/351.jpg
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:49 GMT
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-ovp-host: vms-prod-frontend-spot-10-1-17-121
pragma: Pragma
accept-ranges: bytes
last-modified: Sun, 02 May 2021 09:39:11 GMT
server: Apache
etag: "ab1a44b174972e69eeb7b737a14c89fc"
content-type: jpg
access-control-allow-origin: *
cache-control: max-age=300, must-revalidate
content-length: 20791
x-amz-cf-id: 0fW-v6Qem2ylzZ5xMjzbQ37oKunStVjWXayP-aZr05GKJ6K_-Kfn3w==
expires: Sun, 02 May 2021 11:23:49GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/ Frame 4FBF 223 KB
82 KB 36ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1066013786354051&plah=www.philstar.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:18:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84347
x-xss-protection: 0
server: cafe
etag: 8033165652557143678
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 02 May 2021 11:18:49 GMT

GET zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/ Frame 6270 0
0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7727 0
0 78ms
76ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBJ2iGqLtjnCtUoDI2IVnVTcSB5TEu5Lkee9kuVl23KXMenur7KbCEbdXt4tix_ToPjgCK7XnPdLLiJq-SbhWDxDhosGK_8u5WM9412lf92ejcNG0fGgSrRFqhWL8KmWe-8jCHEfezZbgqTUM4pyGU5DcsqHSM_rcfnfwIVRBOKJq-48o01LMi2hMDCnBPx8vYvoTfcQH71LZwD-ivlvv8qgrlTSRPjXKhjD6c92NLuPFIkSZVAPQ-epqAlNw9z-B9v7CL9SjFkpYWzPUis7n8GHNdJHwnzhcrQPBZe636pf8J_9a2vu0Zrg54roA0hxLVhYIea9Q&sig=Cg0ArKJSzO_UhrIL3TpdEAE&urlfix=1&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 11:18:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET Philstar.com_Desktop_floating_DFP_Rev70_1906_18.Js
play.vidcrunch.com/5b59760c073ef46a2e6b8f13/5d0a1c9e28a061420a0bc3c5/ Frame 7727 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7727 0
0

GET osd.js
www.googletagservices.com/activeview/js/current/ Frame F441 0
0

GET view
securepubads.g.doubleclick.net/pcs/ Frame F43A 0
0

GET Philstar.com_Desktop_floating_DFP_Rev70_1906_18.Js
play.vidcrunch.com/5b59760c073ef46a2e6b8f13/5d0a1c9e28a061420a0bc3c5/ Frame F43A 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F43A 0
0

GET osd.js
www.googletagservices.com/activeview/js/current/ Frame 3F53 0
0

GET
H2 200 bwcheck.jpg
adsparc.bbvms.com/player/common/ 31 KB
31 KB 23ms
19ms Image
image/jpeg 65.9.84.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adsparc.bbvms.com/player/common/bwcheck.jpg?1619954330360
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 19:30:48 GMT
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 11:00:18 GMT
server: Apache
age: 56882
etag: "7a4d-5c0513c2cb480"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 31309
x-amz-cf-id: J1zpemBjJGMzOeoGq8Gac4DZkikYqLtUlojNUWVIlPPkDHfZh5oeIw==

GET
H2 200 ubuntu.woff2
cdn.bluebillywig.com/fonts/ 33 KB
34 KB 39ms
11ms Font
font/woff2 2600:9000:214f:6000:1d:47ad:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluebillywig.com/fonts/ubuntu.woff2
Requested by: Host: cdn.bluebillywig.com
URL: https://cdn.bluebillywig.com/fonts/ubuntu.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6000:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Origin: https://www.philstar.com
Referer: https://cdn.bluebillywig.com/fonts/ubuntu.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 11:03:53 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
last-modified: Wed, 09 Oct 2019 09:28:18 GMT
server: AmazonS3
age: 973
etag: "5b23eeb3a32b30e91682d601535d2a89"
access-control-allow-methods: PUT, GET, POST
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 34260
x-amz-cf-id: EonXQsav723vXndDW4F8hFF-xqjYCSw3DTc30cXumRiXJ_WLVE2sPg==

POST events
analytics.leya.tech/ Frame D5FF 0
0

GET cookie.js
partner.googleadservices.com/gampad/ Frame 4FBF 0
0

GET integrator.js
adservice.google.de/adsid/ Frame 4FBF 0
0

GET integrator.js
adservice.google.com/adsid/ Frame 4FBF 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 7BC9 0
0

GET osd.js
www.googletagservices.com/activeview/js/current/ Frame 4FBF 0
0

GET
H/1.1 206
Partial Content 5ef8b6039749b260072caa41.mp4
cdn.vidcrunch.com/ Frame EA81 64 KB
0 15ms
15ms Media
video/mp4 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/5ef8b6039749b260072caa41.mp4?channelId=5d9708a028a061666e462fd1
Requested by: Host: www.philstar.com
URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=65536-

Response headers

Date: Sun, 02 May 2021 11:18:51 GMT
Last-Modified: Thu, 28 Jan 2021 11:05:25 GMT
Server: AmazonS3
x-amz-request-id: BED9BC35C0C4750C
ETag: "44c9ca40dab937ab6c748b4af3778ebd"
X-HW: 1619954329.dop003.am5.shc,1619954329.dop003.am5.t,1619954331.cds206.am5.c
Content-Type: video/mp4
Content-Range: bytes 65536-2722508/2722509
Cache-Control: max-age=23413717
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 2656973
x-amz-id-2: BKh0WTuO8M/KS336GMgmNJ/BtSzzefh1XXf3cQFtHn9ShJUkDTj5ZUkd7/PIOJzOHGz4sXaGk18=

OPTIONS events
analytics.leya.tech/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: l.sharethis.mgr.consensu.org
URL: https://l.sharethis.mgr.consensu.org/rd?rurl=https%3A%2F%2Fl.sharethis.com%2Fpview%3Fcms%3Dsop%26description%3DThe%2BOffice%2Bof%2Bthe%2BSolicitor%2BGeneral%2Bis%2Blooking%2Binto%2Ba%2Breported%2Bdata%2Bbreach%2Bthat%2Ballegedly%2Bexposed%2B345%252C000%2Bof%2Bits%2Bfiles.%26event%3Dpview%26fcmp%3Dfalse%26fcmpv2%3Dfalse%26has_segmentio%3Dfalse%26hostname%3Dwww.philstar.com%26lang%3Den%26location%3D%252Fheadlines%252F2021%252F05%252F02%252F2095356%252Fdoj-solgens-office-looking-reported-data-breach%26product%3Dinline-share-buttons%26publisher%3D5e1420cc68a9ad001281e737%26rd%3D0%26sop%3Dtrue%26source%3Dsharethis.js%26title%3DDOJ%253A%2BSolgen%2527s%2Boffice%2Blooking%2Binto%2Breported%2Bdata%2Bbreach%2B%257C%2BPhilstar.com%26url%3Dhttps%253A%252F%252Fwww.philstar.com%252Fheadlines%252F2021%252F05%252F02%252F2095356%252Fdoj-solgens-office-looking-reported-data-breach%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk%26version%3Dst_sop.js

Domain: adsparc-d.openx.net
URL: https://adsparc-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=adfa9249-bb2c-4b24-8195-a821efa7f180%2Cadfa9249-bb2c-4b24-8195-a821efa7f180&nocache=1619954327454&pubcid=2ace9297-dfdc-46cd-9dd6-5e1e542e952f&schain=1.0%2C1!streamamp.com%2C%2C1%2C%2C%2C&aus=728x90%2C970x90%7C728x90%2C970x90&divIds=foot-ads%2Cfoot-ads&auid=544011994%2C544011995

Domain: go1.aniview.com
URL: https://go1.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&AV_PUBLISHERID=5d0a162d28a06106f038a1c1&AV_CHANNELID=5d9708a028a061666e462fd1&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.philstar.com&AV_DADPOS=3&AV_PLACEMENT=1&v=6.1.1.243&avtoken=327117&AV_WIDTH=336&AV_HEIGHT=280&AV_DNT=0&cb=1619954327479

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html

Domain: play.vidcrunch.com
URL: https://play.vidcrunch.com/5b59760c073ef46a2e6b8f13/5d0a1c9e28a061420a0bc3c5/Philstar.com_Desktop_floating_DFP_Rev70_1906_18.Js

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzemPB8LP4ghz1ThBfZFtatApK0ehXGomcfb4RfbLvPxGZeIIVzIvJ-dN1PiYK-sCLlvb_Q6CDXbWfK7qYrtXlZV6xg3qnR1ffXjOsfYidIIDsmYpEWi5_vazlGVBeMlWgziDZ55KojwwxFVV7Ip6TF3KlehhchKTAe_vihDPs5VGH8yZvTPWEKIHJZmSYO6b7ut7Z3ekD_EcTzBYEbtQ6Qs85kMi3Oiizg3LZt-6MNtqLOeVEbw6x-fbuhDmjZm6nSYsyHGpNN0LS7RbzwJPBKFdFb1YZNkzJ5msudaaI5EELPMzCXegZ1WXkGLtBEsXBvsJOR_A&sig=Cg0ArKJSzE72kR1f7GbREAE&urlfix=1&adurl=

Domain: play.vidcrunch.com
URL: https://play.vidcrunch.com/5b59760c073ef46a2e6b8f13/5d0a1c9e28a061420a0bc3c5/Philstar.com_Desktop_floating_DFP_Rev70_1906_18.Js

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Domain: analytics.leya.tech
URL: https://analytics.leya.tech/events

Domain: partner.googleadservices.com
URL: https://partner.googleadservices.com/gampad/cookie.js?domain=www.philstar.com&callback=_gfp_s_&client=ca-pub-1066013786354051&cookie=ID%3D192432892bf58148%3AT%3D1619954322%3AS%3DALNI_Mb6lyorKR2ZuAIXmpHb1A903S497A

Domain: adservice.google.de
URL: https://adservice.google.de/adsid/integrator.js?domain=www.philstar.com

Domain: adservice.google.com
URL: https://adservice.google.com/adsid/integrator.js?domain=www.philstar.com

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1066013786354051&output=html&h=100&slotname=1356953082&adk=2886824444&adf=3171382013&pi=t.ma~as.1356953082&w=320&psa=0&format=320x100&url=https%3A%2F%2Fwww.philstar.com%2Fheadlines%2F2021%2F05%2F02%2F2095356%2Fdoj-solgens-office-looking-reported-data-breach%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619954329890&bpp=79&bdt=1807&idt=1107&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3D192432892bf58148%3AT%3D1619954322%3AS%3DALNI_Mb6lyorKR2ZuAIXmpHb1A903S497A&correlator=5450944782288&frm=23&ife=4&pv=2&ga_vid=1474717677.1619954331&ga_sid=1619954331&ga_hid=714256879&ga_fc=0&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=640&ady=1200&biw=1600&bih=1200&isw=320&ish=100&ifk=3817122160&scr_x=0&scr_y=0&eid=44739537&oid=3&pvsid=454035454307894&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.22ffrttb4h5k&fsb=1&dtd=1201

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Domain: analytics.leya.tech
URL: https://analytics.leya.tech/events

Verdicts & Comments Add Verdict or Comment

306 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://info.silobreaker.com/e2t/tc/VVxHVd7tj0GZW2y9nkp8ksYxZW8XrjSc4r4MC8MhPPSr2-HwrV1-WJV7CgQrxW6R1FRm8KLPtZW5xZC4s5S2X6FVGx85n30skMKW5Lkd3s5g62MfW6N0TyR5v7VM6W97T-fp2S1d6YW8qHFW46j-cKrW97pXqW812fjgW1NJ8SD37vbM1W5Ns28j2VZ_1SV6DnhS2mrLZJVKZdS97ZN8j9W4j2hgg5Jt9LSN7xkxPV6lN5wW5T36Lf4Q_KwyW7nlwSr5P51SfW7kZs6w6FSqpmW4GQ3Q32J9Y7kW7h591n3NpQ3_W2BtfV53KCJLRW26MGHm4cZ_djW53QhNw8rl4V-W2Fnhq815Gg8bN3vMsDQNjFyjW1fPD9p8jq_QCN1496wq_0P2t369N1(Line 13) Message: toS
console-api	log	URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk(Line 1844) Message: SignedID:0
console-api	log	URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk(Line 1845) Message: email:
console-api	log	URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk(Line 1846) Message: given_name:
console-api	log	URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk(Line 1847) Message: family_name:
console-api	log	URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk(Line 1848) Message: picture:
console-api	log	URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk(Line 2378) Message: no found ads here
console-api	log	URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk(Line 1967) Message: session: 0
console-api	log	URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk(Line 1968) Message: tracking: 1, 10.10.10.4
console-api	log	URL: https://cdn.vuukle.com/platform.js(Line 2) Message: %c[VUUKLE] platform.js version: 3.12.4. Need help? Reach us at support[at]vuukle[dot]com color:#039BE5;
console-api	log	URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk(Line 2419) Message: update views: done
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk
console-api	log	URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk(Line 259) Message: statusChangeCallback
console-api	log	URL: https://www.philstar.com/headlines/2021/05/02/2095356/doj-solgens-office-looking-reported-data-breach?_hsmi=88974744&_hsenc=p2ANqtz--bCMbdotrFF7_gJMtYSrDofbwzwHxNm-znXXi23IcjDnu2ixSCo-gJNO77wwSbjCDvlRJxBdLrHZnYXnWUm2alixDEa9wim9xPZJJSVLq1ZBLjBdk(Line 260) Message: [object Object]
console-api	log	URL: https://cdn.vuukle.com/widgets/comments.modern.js(Line 1) Message: %c[VUUKLE] Comments widget initialized! Version: 3.20.0. Need help? Reach us at support[at]vuukle[dot]com color:#039BE5;
console-api	info	URL: https://cdn.bidder.dev/clients/98948493/philstar_com_footad/sa-script.js(Line 6) Message: ⬡ Leya: Scheduled flush
console-api	info	URL: https://cdn.bidder.dev/clients/98948493/philstar_com_footad/sa-script.js(Line 6) Message: ⬡ Leya: Session Open
console-api	warning	URL: https://cdn.bluebillywig.com/scripts/prebid/bluebillywig_pbjs.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://cdn.vuukle.com/widgets/trafficexchange.js(Line 1) Message: %c[VUUKLE] Traffic Exchange widget initialized! Version: 1.0.10. Looking for support tell our team at support@vuukle.com color:#039BE5;
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://cdn.bluebillywig.com/scripts/prebid/bluebillywig_pbjs.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3c737d6f5a7d38bc7f689be660bd9ec1.safeframe.googlesyndication.com
44e81175b4c73a1e0ed4a1744e218e4e.safeframe.googlesyndication.com
60a6ae725fca.bitsngo.net
a.teads.tv
accounts.google.com
adgebra.co.in
adservice.google.com
adservice.google.de
adservice.google.nl
adsparc-d.openx.net
adsparc.bbvms.com
adsuite.adsparc.net
adx.adform.net
analytics.leya.tech
api.vuukle.com
apis.google.com
ba1ac50216168ee8aefb4809e381c37f.safeframe.googlesyndication.com
bdf9d2fa9a03277f369eabf1dbe621f4.safeframe.googlesyndication.com
buttons-config.sharethis.com
c.go-mpulse.net
c.sharethis.mgr.consensu.org
cdn.ampproject.org
cdn.bidder.dev
cdn.bluebillywig.com
cdn.izooto.com
cdn.jsdelivr.net
cdn.vidcrunch.com
cdn.vuukle.com
cdnjs.cloudflare.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
get.geojs.io
go1.aniview.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
image.vuukle.com
images.outbrainimg.com
info.silobreaker.com
l.sharethis.mgr.consensu.org
log.outbrainimg.com
maxcdn.bootstrapcdn.com
mcdp-chidc2.outbrain.com
media.philstar.com
mv.outbrain.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform-api.sharethis.com
platform-cdn.sharethis.com
play.vidcrunch.com
player.aniview.com
prg.smartadserver.com
prod-sb-appanalytics-us1.servicebus.windows.net
publish.vuukle.com
rec.smartlook.com
s.go-mpulse.net
s0.2mdn.net
s8t.teads.tv
sb.scorecardresearch.com
scontent.xx.fbcdn.net
securepubads.g.doubleclick.net
sps.springserve.com
ssl.gstatic.com
static.amp.services
stats.g.doubleclick.net
t.teads.tv
tcheck.outbrainimg.com
tpc.googlesyndication.com
track1.aniview.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.philstar.com
zdwidget3-bs.sphereup.com
adservice.google.com
adservice.google.de
adsparc-d.openx.net
analytics.leya.tech
go1.aniview.com
googleads.g.doubleclick.net
l.sharethis.mgr.consensu.org
partner.googleadservices.com
play.vidcrunch.com
securepubads.g.doubleclick.net
www.googletagservices.com
104.126.37.49
104.40.187.26
13.224.106.54
142.250.185.98
151.101.13.194
151.101.14.132
184.30.21.51
184.95.61.50
185.59.220.199
185.64.189.112
185.86.138.121
199.60.103.254
2.18.232.28
2.18.232.7
2.18.234.190
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
2600:9000:20c8:a000:1c:8a07:5e80:93a1
2600:9000:20c8:ca00:1d:85c3:6640:93a1
2600:9000:2104:8600:c:a9b7:ddc0:93a1
2600:9000:2104:d200:c:abe:f440:93a1
2600:9000:214f:6000:1d:47ad:2280:93a1
2606:2800:233:9de:380:d6:22cb:12e3
2606:4700:10::6816:3da8
2606:4700:10::ac43:1695
2606:4700:20::ac43:46e9
2606:4700:3030::6815:2045
2606:4700::6810:135e
2606:4700::6812:bcf
2606:4700::6812:c6b
2606:4700::6812:d941
2a00:1450:4001:800::2003
2a00:1450:4001:803::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2006
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2001
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200d
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c02::9a
2a00:1450:400d:804::2001
2a02:26f0:6c00:191::26e5
2a02:26f0:6c00:19a::11a6
2a02:26f0:6c00:287::11a6
2a02:26f0:6c00:2ab::2c79
2a02:26f0:6c00::210:bb90
2a02:6ea0:c700::4
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f050:f:face:b00c:0:3
2a03:2880:f150:82:face:b00c:0:25de
2a04:4e42:3::621
3.127.73.204
3.208.237.232
3.210.126.214
34.96.69.62
37.157.6.252
37.252.173.22
40.79.44.59
54.89.48.101
64.74.236.63
65.9.84.38
69.16.175.42
70.42.32.31
006808e7561e56e9b6640ee5adc19db30016c993f95414a8e8045b33a244a64e
011f65213dcc2dc9464f07a61c75125c3ef8061f37ca3921c4b6771421b4235b
01d44eadb4c56f1c1d1735bef712acc0a9991308186521788532a051cae31ab8
01f03c5798afa7efec44af882dba64daecf39ec89d83fcd76e740d4e062ad3bf
024c54187484393cc7ef56c4ee65856bbf332554cd2f9414be8d6c44b259e3e8
04270931118898ee0c5a4c5dd3a5e2c5a383b45d6a41f385998fd62021403451
06eb4d961e89f31ab44df87c04330550d19d6043ed8e3ea8af1fc7d083862fea
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0b7acf58e1ae4bb91b999bcee522af8a1d3dd58d4b5c9d40d62296dbef7ccd8f
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0d295cbe94c0eae1608d31cffcfb60da6a4d4dfde42f1f71b251f7cc265c5055
0f7c1f881dbc7ea2ca8e3259f7fb3b30bf33b2bbed61c3edcf79c60020e53273
102fc03119b10efa5dc9050ad93bcfd89fb528d8c81457fc3ca2d21bb71ce24f
107c7d3fb19c3c6f6b1b61b8466cb867b5d3b6010213a4cb8fda2a23034ab544
109667bae925ceacad5b2df510649093d44cffea37c2568002c7b7c4a6848a47
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1426c56748e464a4c9a1dae580dc73acf291663684aa701711537d8709329014
164e58d92ad3bce30a426090d0e62461519b7966b683882cefaf6c09055bdba9
176f3ca1ee7b655aa9f2c16e71c09dc548d315c9b77ff39d637eebb931d70d81
177db5b813032e959e473481e7f39c2c98acb9ea6f0612d75180bfd0a58dae53
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
1fed12443af85bad1688918cf55e0acd5205d90f1f47acdc4687958d6c7e0d2c
2153bfd5d9e4c4a96b2e193d68e9a326dd0b568fe26df1b0805a7ca365e7a2f6
2177facbb4a68594d9eefff6fb10f48f03f19fb90dcc1e2f69edf90889f4b109
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
21ea39dd7c25c2f3ee69f870533bd3a26ad860dc10118b16f0b20f585712c020
231cd86d1cf917a85fbfc28b15641400cacb665cf96fc1961d6ea53c1b405c7e
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
24e095e971bffc79594d510eedcb227b939163b57d74ee9ac0e35a667c9c8b8a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
2899158e8826d5f52a86156f4f35481ef3d32a3f2e5c504472d7f56aff65dc10
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2c50dbf44e2e4f5ab55fc065d56caac9e82e06682fbff7409b9b13c63ef7d606
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d1a6350a8f7999c8bd20941fe027ff76402ae6087c1123c7e39d0ad7fe581b5
2d35ade336ada76584f91f0d2ef91cd3ad6c2189d30af21ce1c1681bc638b44e
2d65f6f55c2c499218627e41eba6e81e5cb3d92c5aa0e5e348dae473ff695deb
2e91dec2ff14351b0d8bdebc878cab1e8b1763a9b967974bf87cbc9a2267055c
2fc3092c551df3236769b4a8b0a98769a776a66b573e28b4607731ba0c0f5ee6
2fff9d42b48b67b86f3f657418733d38176fa5eca4c13cf5f946f9ca410be4bd
30ac246c79f2c87f50d3fd478cd07006dbcc02e61f0649294c525ee0d69155b3
31f83a7c8d2dbb9c5c6554625637bc6480076da9eae101084e84eb9f4de3debb
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34bcaf7c0514ae4b7a37c2bcd201d707b82488434dce6962802bc6e671710184
34d2701c293a921dbbaf7b206c1f4ffb541a7223c1ab3c5c6ff2b1fa011a85a0
34f9d8e9a7abfc721c8fb578050e8604266feebdb3b61a1d5823db85428ae798
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36eb5acb67675e800747c6bcda0ce0f49664d91f339f51be54a3f34ac5035c55
38c288b893b166348ca23e242921ba2f260e3444cb2027e0c844304a894f0bbe
398bfa09e1e3133cc13bbb6027523913a534eed72f65d10d9cf38c9baa355075
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a04df71ae9d81d1bf3f4afb419a4a080cd4f45ac0bdb6a5ba5c8feb34197cb1
3a49e28711888e7c418630d3f8cff5ac92cb81d2343825bab8ebcfb1a4a071d2
3b22369cae5a85eb7cc8256622e6b2e5cad13c50549b7dd802d1e485ab6eb167
3b76f777e5dfd5ac951576a64ce912afeb823e74d6c45b13a0afaf8e131a2f4e
3c0bce2f4ff5da53b1e66e336f9bbd5748bdbfcc669d3b262d1aebccc73b1ecd
3ce167bbfdbff6682427d05d3c416f51e5087fe4a439902f8cb7d6ad35f1e21d
3d02c77325c7736fddb623d6729520978ef5b7fbf2d20c2b0a3cbdc2a397f56b
3d84266328f1d7697858c57b90580a31d14880698ee486e37b3293daafd1bfe5
3d9b4c1e21f076d905f1b85a541dda587ee989d1516f1465c6c6ded005cb99a8
3e454baa9db613ae0e90d52790476a1775d693c347ae72632930ead3d5eac567
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eca2f7a428c7d60d1649538e4552740ce043df021e618b32943481689a8cfaa
3f0bfcc9432f4e2490541585e32720e520b3b84b2bff0cbd2e30ab1a83d13f02
3f9e0747d414537dcba0dede156daed5fd0a898b16a7f2d7e2ad3ae008514c24
41127b21dacb1a82ea917908bea924f66a2ae1da8620b1b375da94ff2a5b5848
437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712
43a3180bf543501f3c010d886d652d3da0997798bd88b071de838fa876560c8d
44fa7ef50d1ae2feeeead6b13dfd2a15b9c479b392fb0f1514a15d9a39d95680
45e14e8bfa6b001c49d566897f6f7f4b2269740fc959fdccbd0ee4a4d6f2b6af
46202ea7f0c1c84d97ee305aa96bce96bfeb7e3a2a286ff714e4c774fc98323b
4878a0cdab26b1122b66f984ffe94634e125c1840b41713c663710de2507709c
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
49ee1956f2cf8a744629882d3ad464b927c70a97383e4fe09deaeb3b8cc3aab7
4c062e44ef26a7b57ee5e158af4af360561ed6f3d18d96e4c1faa9b69097add0
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4e8d62dee31922c08c5d935130b39116bcd161e5d1da18c34e04252a67913c4a
4e8f73a3f8ef501451c378907d4817b002845b355e8d666d6c4e73d067339671
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f65c38ed3681b49cf4f86c0e1fcd4143fa78015121b20e69e11c1c422dd0bfa
4fd7cb3a575d35bf5192fce123f8936011a270848b3ecab277d441ff8f66c316
50b09ad439ff485aba8b9d97edfa65dbbd75adfdb69912aca7337c824a78bf96
52895609985ce111d4155d4874235999fde1587867d07ed2f1c6074c3aa87c7b
53ddfd5cf1030496c969ff1ae2403f395effaf0bd05c9c46135dca6725408523
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
542bff3179d45d1dc3c09df95b9d57e7777c3bd2ac2d9b46387fcd8a30d60d38
550ceb9559bb4237527909ff21e719804f6b9df337f741f756821c0c9963392b
55df090dcb693f9306078ca11fc84514a5f487fedfd8534dfa0f7121b36f5190
57633c7d26f5a8ff45750245d8c7a21a6031e9b98b97d33cc59c88a1ef3b425d
5792732e083a2e70504c0cdc313b4ff277e1a1ea5a7f7e57bf6e0e55135ca0ff
582b376227b1bd7dc7afd939df860262610afaad0749abab2ca34038f185bf45
59117bc67cd3b680bdd88f26509d943ff9aba9204874d2b228a8f1c18d094784
5c45cb6b32d493725c1165e6e82f714fc3a6eca6b492e939c34ecc7410a9ec4e
5df8cc499cebf3b8613c5dc408457fad0da80753b18936bdb3174b6bffe0b67b
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
623edc55aa74b16fe97b9124285f97b1a975661d82d42b5c7b8e77365b54ec01
6428652822593a327bf682d70ef1630f14387208987ed024e7a0edfd22e4ada5
6598e71167cec2f5afb33005aca2185944a3a9def8be956dac43bf65b56b40ef
6885f0f9e2471215c58c630a45a4c52d421166db93b2f9388a96e122c9176ee6
6b8265b5511d8b5505f4855257a67348676f542422026245e83e5cca67f291b4
6ceb80df4a2a09a64c6506bea46609e055f2043c2960b72a82e5e2388e016a86
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6eb572bc6895eb21783b802485b91b4f98ea649b18905a22e38f8524240a99e5
70798be1e72609824ee48e05422f8eeb09a2e395dc44556c5179281ef5491e36
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73298c8f5a6114815ba00b891f7f36b6030d6817c12c7c160c039b277ea725b6
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
778505dcf5d8581d6b1f97f29b9e9687d8cbafd4e6be9d1b10cca324196a4a07
778b2f41cbafa94cbeefe4ca0ed657d018f268db474e9d78a6f8813f2d04df31
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
7adb4550aebd815ad2191c2d641a1786ef17b0df38b0d0504b568859751d43c0
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fe8476e8ed0a702924f9f9261bab5717dafd188ef8268789afb2d8ec6b734ac
802623eab5c9680f74e2fd71b8e79d6b28ba24a5b48c6f00fd556bb82b147eea
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
807edcbf2a090806add3c0df7d5bbfec44b1c6ede1f8d0c307cd8cb91ab56291
823686237069918cffd8537c4a5a77c27cd84451bef4b07624f44d7e5456c226
824a3bd54a03a9669afa5770f5d59576891eb96946ee26b339d951043ec46994
826e001a9244a754841be1c3c02b9f148a9a30858e3c6943973b39d1f4207843
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8392718463558d3409df1ba47a9a37fa8fe45b437ca1a06f4bdc3d99a77c4bc4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
860d00ed57fe71642e91d1159d67222142a25e9f64209fb47e36559e67c61ac2
87b3e2271b71b1fefe56400637a37ef3fd2a66b84aee860973fa60b839d8262e
88e69708d67f5eb17d71a92f6ef0f56e96bd2e29b3040cc2db5902c3199d6c31
891ebcbf3e4aa5e19f4a33807e1c387a0e8b64903f65ad6bbbe9ffcb5d5d4c54
8c3e99e02cad2cd57a9aab555e21ba1390e5a1f4deba308ac8a08da7b7a10f7d
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8de9b1513491545a3d4cde8339df6327b90ce90f75c887545b36ce7d31bedf2f
8e6dc8944ee7cb345da2d44ebe60eceb0b1df7a17b4907763cd746703bb0a692
8f17085748c627266cc71f5acb362c2560337d899f835d7d20452ebe237c93b4
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
9099f402f4c22e223c27850dbe7f15741fc94de10b13e71a949935b35054ed81
9159e43e890a4ef44c1936b55f781bb043d0beaac3261dc526f0fc18358cacf9
91eb25d110ad22db6ce668fbb41e4f8b6048d02e8c9936382c72efd3c3311f8f
92e46adbdbbef1bf8f76b7a55f91fc524e785c2b425c3f7f688587f93c607e1d
937fdab3409538bd4f6164b79c2caf886f7bb6170fcc37d9bb2fa3c9c010940f
938b7a54d31bdd7eabc658b883fdff30caffbec4b3525d42e2272db3ed802d3a
93ff09865a992aa8911c7bf6ff55aa4bb41da68c52924b2b689f6f6ee251f2a8
940e9209cde776376f723f39648f9f49bba212b19b587fc5f1a17190b0695c41
985dc002fdee7369ccf9bb303fc13fe4a26bdafa9a27d3489c033eaee9b517e4
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9950591b93d3399f75928ded2b817aaa3e9680041a672699fd611ac6058b6fcf
9b796cf6fbdc223d236f957ff02edc3f3e1551c010878d6c3ce35b314577b75a
9d566d5a66973cf49495579c828f81361d994a2b2e42690b5824ef1fd7803227
9dc90a3635fbad206033aece40586372df3885b9288665c3bce9dcae328a9c1f
9f397390b25fe6c222d12e0fc16e0fdb45b56c1e50eb7bcdc170f4021b329bad
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c3ed04a95a3da14a9d235c83d868bed7c0f45cf7f3faa751ee8f50598d2211
a6b21a9a9a0ce3f4b6c59d5fbc2a6938dfda97f14eedb613d8c5eb05c60f2c06
a6d25f5b253516aa806d92678860f90d07282892204cb5d7d7769c97b0803d21
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
aa146c857e44f47f2a55d02494c4f766db5d906ef1fc403cd30c070c01a4d7b0
aa643aca8d5fa444b863a9ddb8ab5b4451637ee4cab23b668455e2ad4530b02a
aac4064e4ab99c5b90ac9bacf374212bf4e10ff1b43334652def715f2eada7ba
aafaad23772ac9f01a5a506c5ad336d0bfe513eff6083e843a118b75044859f9
ab1fc6ac3f1ed1254dc59c9e4097b8f418247ec84a59be1f8fd88cf60915b101
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
acb50104c4f8c09c8bbc9d36931eb6782745d067d18460a5fd4443bd70fca92e
ad024d33b1f500f3bc9c86f48760eef99532704de3474cf012b05f834f1d852f
ad36e95d9ec52d821de6e7d935301430625673e704a25a57e9244848103385af
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afae47011544db565deb96428c7a9bf3f7b783a75791382379d009371475a576
afc03049f6330fe18cce72ed5a385629fc334b03786465e98c4690bd1d544a9b
b1f797f01bafac3ef83b87c9614a40be2a78e3150e691b1ca157dccc5cf9c0d3
b27050349267addb4321d5cc3f308f8ff112c47a67724082fd20abbadc101b58
b35582db90b0fd9190b329a325bffe96ea1e0cd94d926b3e985defb6fd41ea5f
b4ab3afc167a24f795563b7a51fae8dfbe6efc232ccb2e2add52dacc59cec3e3
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6165d6273910b8bc7c8f600c0b2b62eefb1b39e21c9982ebf9274e6e48e587e
b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331
b8572bff3fc6c5d160fa45f66ae04461f0c932a3fa3c2a39d5234aaf3924f3d7
b919eda1c544f287b76425e330bdea3c37af2ee1144108b2d584bd3f96af5b8d
b99e85c3d43883c595937ca860722d6dcbaa166658dbf1687bf5cdd60f1c55fe
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bbcd47cf05b57738d274250a22482f850e472111608387b3eda2f7cc5e520067
bc3fe977eb6e99f863fa310f7bb75f39064581d3b21f324201404dbc67800de5
bccef62724140ac10f1bd9972154286998b0befbfe26112f2a7b780234fa4f29
bef1ba9be99379579241fd01dffc3927cc8151de55c1ac3d084ead11356cbb92
bf3913065b4e4c05bbfe5b261b6227f79b5ae3b9ece80c90da9527e1b7920ac2
c0bf71e8784085e97670dcd2b61ba4e1a1ee30495be5259614823dda1181a6f5
c0ce424c7288360782df3ad9ec7095496b60fecab490974863b627d39aa04f8a
c1533bdcee401a95b88bb993db9eb843f5bfbf205e0c849216a7cf21a763713a
c2dee571d42dc4c09dc0478f253e1d9654411c77566df33e9e9ff0a5940033dc
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c347861d38ccafeceaadb49821802b7994c0807c93d9fa0eadee4e07d8da5b19
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c75f65c26c8627f92d561c1574e598ce07ccfae2f3f19cb24b59437f95658259
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0dc238278b7bdf2ce071b5bacc67c4d2662066059d2101eeedd792a99cf101f
d5c6a2191fb3cab2e8d87f2cce6602741008e96166aa9083af2f919d44f66afd
d63c5da5d885fafa78591047230f77d2db177434b30fd3256a39db578ce22560
d997e8a19831cf7b197e451253f17bcb91b73a18dd340ac2444e8d2c03387dc3
dbb376892a60a74f25fe24215073b4d9a30921f482bdd8007b160f7fadece604
dbc1397125f8ae876f3b740d568ce55631c623131e0018581e96b06bfbf2117b
dc1e2c0fa1a126e57a570f594b2ce8c552a3ca5b250f5045478701dc7fffbb3d
de1d0e6831154c892bdcaa8ee9b684df41cec69a10640a740473000d49a0e7b1
df2f130ebaf879966d5e5e8e8623f57a217befe98549db88445fea1e2e1a5797
e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
e10d995b86740b68bc0e0acb039af95a923a2b3776eb35f3b4e98024e42c2b81
e2e79eaef827a5b999616cdf1ae3e9a6c946f8c8c566fea2a66c1d8b8b52a9cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66cb323ba822e8ba3b18981d3acf5395b581528bc15e62695d0aa060fb5bbba
e8816cb4a7171fe38b2b9361f50651ab03b167452fa0ed4080e575cf77ae930f
e9049d913dc2472c356da1b009158175829f49639001166d2ac7efc6666372c1
e9befeb197e5da15bd9c88d9ad8dee9522a42d90cc8755c0852d1675bd397825
ec0de40d49e1e7f738a67dadf6ed83fa09848704ecd0dedcdc6d7aaf72763bf2
ed07c28a741c546f720a924e069b0a26753db45b581287a49a75fd075723a034
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3cc04095f6fb2b7e0dfac81b982c82be43fec209b73be42b99b8c7a314b9052
f4534fca22e53b1ec3346fbfec5df2adb2360ea9d9d299a6c4a4d077cb669850
f5071efb00dd6c32bf9836ddd9907e7d1c44b388f0f3e79ae44027aa435d152a
fb1349ef3e6413f29bcace687484420ee0679fa9c5eb58d2b9da64120cc67d66
fcf79f11ac06bf4a318d0e6e1304020fb4dded4801f8126217aa52747968ee4b
fdf0bbc36c3e367d31e61d8325ff1a69ca417b429cb48dc1d66d30ad1d831b49
fe00434ab732b75eb8b5f35f3ee171c96151a228fce0a80a1b475ab4ccf06ce4

www.philstar.com Open in urlscan Pro 184.95.61.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

375 Requests

95 %HTTPS

63 %IPv6

52 Domains

84 Subdomains

74 IPs

8 Countries

6374 kBTransfer

16315 kBSize

0 Cookies

52 Outgoing links

Page URL History

Redirected requests

375 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.philstar.com Open in urlscan Pro
184.95.61.50 Public Scan

Screenshot
Live screenshot

Full Image

375
Requests

95 %
HTTPS

63 %
IPv6

52
Domains

84
Subdomains

74
IPs

8
Countries

6374 kB
Transfer

16315 kB
Size

0
Cookies

375 HTTP transactions
13 data transactions