manilastandard.net Open in urlscan Pro
2606:4700:3035::6815:5efb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://kas.pr/ug6n
Effective URL:
https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=soci...
Submission: On July 11 via api (July 11th 2023, 11:08:14 am UTC) from SG — Scanned from SG

Summary HTTP 269 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 51 IPs in 8 countries across 51 domains to perform 269 HTTP transactions. The main IP is 2606:4700:3035::6815:5efb, located in United States and belongs to CLOUDFLARENET, US. The main domain is manilastandard.net. The Cisco Umbrella rank of the primary domain is 373997.
TLS certificate: Issued by GTS CA 1P5 on May 22nd 2023. Valid for: 3 months.

This is the only time manilastandard.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.85.15.34 185.85.15.34	200107 (KL-EXT) (KL-EXT)
39	2606:4700:303... 2606:4700:3035::6815:5efb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2404:6800:400... 2404:6800:4003:c0f::5f	15169 (GOOGLE) (GOOGLE)
19	2404:6800:401... 2404:6800:4017:800::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c05::61	15169 (GOOGLE) (GOOGLE)
3	2406:2000:98:... 2406:2000:98:804::3000	38032 (YAHOO-HK2...) (YAHOO-HK2-AP internet content provider)
11	2404:6800:401... 2404:6800:4017:803::2003	15169 (GOOGLE) (GOOGLE)
4	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
1	2404:6800:401... 2404:6800:4017:805::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c00::9a	15169 (GOOGLE) (GOOGLE)
8	2404:6800:401... 2404:6800:4017:804::2003	15169 (GOOGLE) (GOOGLE)
14	2404:6800:401... 2404:6800:4017:802::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:401... 2404:6800:4017:804::2002	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2406:2600:7:1... 2406:2600:7:100::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.192.150.110 54.192.150.110	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223b:fc00:a:e047:753:be1	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:401... 2404:6800:4017:802::2001	15169 (GOOGLE) (GOOGLE)
1 3	2406:2600:7:1... 2406:2600:7:100::9	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2404:6800:401... 2404:6800:4017:805::2002	15169 (GOOGLE) (GOOGLE)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.179.25.195 54.179.25.195	16509 (AMAZON-02) (AMAZON-02)
4	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY)
2	199.232.196.64 199.232.196.64	54113 (FASTLY) (FASTLY)
5	2404:6800:400... 2404:6800:4003:c0f::84	15169 (GOOGLE) (GOOGLE)
19	2404:6800:401... 2404:6800:4017:800::2001	15169 (GOOGLE) (GOOGLE)
3 4	2404:6800:401... 2404:6800:4017:803::2004	15169 (GOOGLE) (GOOGLE)
2 8	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
6 6	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3 3	202.241.208.52 202.241.208.52	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2 2	13.32.127.59 13.32.127.59	16509 (AMAZON-02) (AMAZON-02)
4 8	142.251.220.226 142.251.220.226	15169 (GOOGLE) (GOOGLE)
29	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
17	2600:9000:208... 2600:9000:2084:4000:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f00c:300:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2404:6800:401... 2404:6800:4017:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f10c:381:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2404:6800:401... 2404:6800:4017:805::200d	15169 (GOOGLE) (GOOGLE)
1 17	141.226.229.48 141.226.229.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	13.32.127.93 13.32.127.93	16509 (AMAZON-02) (AMAZON-02)
1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.247.143.248 34.247.143.248	16509 (AMAZON-02) (AMAZON-02)
1 3	18.136.175.78 18.136.175.78	16509 (AMAZON-02) (AMAZON-02)
3 3	2406:da18:929... 2406:da18:929:5a03:6501:163c:2f11:2df9	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1 1	13.228.126.19 13.228.126.19	16509 (AMAZON-02) (AMAZON-02)
3 3	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2 2	185.84.60.29 185.84.60.29	198622 (ADFORM) (ADFORM)
4	23.53.160.230 23.53.160.230	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6 10	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	69.173.151.100 69.173.151.100	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
1	207.65.33.82 207.65.33.82	() ()
1	23.106.127.39 23.106.127.39	() ()
1 1	182.161.73.146 182.161.73.146	() ()
1 2	35.71.178.8 35.71.178.8	() ()
269	51

1 185.85.15.34 (Germany) 1 redirects

ASN200107 (KL-EXT, CH)

kas.pr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2606:4700:3035::6815:5efb (United States)

ASN13335 (CLOUDFLARENET, US)

manilastandard.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c0f::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2404:6800:4017:800::2002 (Australia)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c05::61 (Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2406:2000:98:804::3000 (Taiwan)

ASN38032 (YAHOO-HK2-AP internet content provider, HK)

ecp.yusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4017:803::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

thestandardph.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4017:805::200e (Australia)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c00::9a (Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4017:804::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4017:802::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4017:804::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.150.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-110.sin2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223b:fc00:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4017:802::2001 (Australia)

ASN15169 (GOOGLE, US)

ea4623aa1fbc00427a66df067b84b892.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2406:2600:7:100::9 (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4017:805::2002 (Australia)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.179.25.195 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-25-195.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.64.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.196.64 (United States)

ASN54113 (FASTLY, US)

tempest.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glitter.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c0f::84 (Singapore)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2404:6800:4017:800::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4017:803::2004 (Australia) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.71.131.137 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.241.208.52 (Japan) 3 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.127.59 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-127-59.per50.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.220.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: mnl08s01-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprsgmp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:2084:4000:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00c:300:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4017:803::200e (Australia)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f10c:381:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4017:805::200d (Australia)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 141.226.229.48 (Singapore) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sg-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sg-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sg-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sg-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.127.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-127-93.per50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.143.248 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-143-248.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.136.175.78 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-175-78.ap-southeast-1.compute.amazonaws.com

io.narrative.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2406:da18:929:5a03:6501:163c:2f11:2df9 (Singapore) 3 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.228.126.19 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.213.12.39 (Tokyo, Japan) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.84.60.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.53.160.230 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-160-230.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.173.158.64 (Singapore) 6 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (None, ) 1 redirects

ASN- ()

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.33.82 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.39 (None, )

ASN- ()

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.146 (None, ) 1 redirects

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.178.8 (None, ) 1 redirects

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	taboola.com 1 redirects cdn.taboola.com — Cisco Umbrella Rank: 918 trc.taboola.com — Cisco Umbrella Rank: 634 vidstat.taboola.com — Cisco Umbrella Rank: 2607 sg-trc-events.taboola.com — Cisco Umbrella Rank: 84661 images.taboola.com — Cisco Umbrella Rank: 1902 imprsgmp.taboola.com — Cisco Umbrella Rank: 81879 sg-vid-events.taboola.com — Cisco Umbrella Rank: 71231 sg-match.taboola.com — Cisco Umbrella Rank: 79782 sg-wf.taboola.com — Cisco Umbrella Rank: 77184 sync.taboola.com — Cisco Umbrella Rank: 1091 sync-t1.taboola.com vidstatb.taboola.com pips.taboola.com cds.taboola.com Failed	2 MB
39	manilastandard.net manilastandard.net — Cisco Umbrella Rank: 373997	548 KB
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 ea4623aa1fbc00427a66df067b84b892.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	468 KB
25	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	276 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com	237 KB
17	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 4757	355 KB
15	rubiconproject.com 7 redirects eus.rubiconproject.com — Cisco Umbrella Rank: 616 token.rubiconproject.com — Cisco Umbrella Rank: 652 pixel-us-east.rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 374	29 KB
12	google.com 3 redirects analytics.google.com — Cisco Umbrella Rank: 235 adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10 apis.google.com — Cisco Umbrella Rank: 195 accounts.google.com — Cisco Umbrella Rank: 67	52 KB
10	openx.net 3 redirects oajs.openx.net — Cisco Umbrella Rank: 1385 google-bidout-d.openx.net — Cisco Umbrella Rank: 1388 us-u.openx.net — Cisco Umbrella Rank: 496 jp-u.openx.net — Cisco Umbrella Rank: 9654 u.openx.net	2 KB
10	disqus.com thestandardph.disqus.com disqus.com — Cisco Umbrella Rank: 1287 tempest.services.disqus.com — Cisco Umbrella Rank: 16050 referrer.disqus.com — Cisco Umbrella Rank: 6882 glitter.services.disqus.com — Cisco Umbrella Rank: 11898	65 KB
6	adsrvr.org 6 redirects match.adsrvr.org — Cisco Umbrella Rank: 383	3 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	6 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	110 KB
5	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102 dis.criteo.com	8 KB
4	yahoo.com 4 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481 ups.analytics.yahoo.com — Cisco Umbrella Rank: 338	2 KB
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 524	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	2 KB
3	narrative.io 1 redirects io.narrative.io — Cisco Umbrella Rank: 5233	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	169 KB
3	socdm.com 3 redirects tg.socdm.com — Cisco Umbrella Rank: 1109	3 KB
3	yusercontent.com ecp.yusercontent.com — Cisco Umbrella Rank: 5061	403 KB
2	3lift.com 1 redirects eb2.3lift.com	740 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 633	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	89 KB
2	ladsp.com 2 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 19518	1 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1002 bcp.crwdcntrl.net — Cisco Umbrella Rank: 959	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808 id5-sync.com — Cisco Umbrella Rank: 423	25 KB
1	pubmatic.com simage2.pubmatic.com	245 B
1	smartadserver.com ssbsync.smartadserver.com Failed rtb-csync.smartadserver.com	697 B
1	linkedin.com px.ads.linkedin.com	517 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com — Cisco Umbrella Rank: 35633	300 B
1	pippio.com pippio.com — Cisco Umbrella Rank: 926	98 B
1	rezync.com live.rezync.com — Cisco Umbrella Rank: 1580	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	609 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1516	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	897 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1568	8 KB
1	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 11594	408 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	84 KB
1	kas.pr 1 redirects kas.pr	1 KB
0	opera.com Failed t.adx.opera.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	mfadsrvr.com Failed rtb.mfadsrvr.com Failed
0	contextweb.com Failed bh.contextweb.com Failed
0	lijit.com Failed ce.lijit.com Failed
0	mediago.io Failed trace.mediago.io Failed
0	adscale.de Failed ih.adscale.de Failed
0	ad-m.asia Failed sync-dsp.ad-m.asia Failed
0	amazon-adsystem.com Failed aax-eu.amazon-adsystem.com Failed s.amazon-adsystem.com Failed
269	51

	Domain	Requested by
39	manilastandard.net	manilastandard.net
19	tpc.googlesyndication.com	manilastandard.net googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com
17	c.disquscdn.com	disqus.com c.disquscdn.com
14	pagead2.googlesyndication.com	manilastandard.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
11	images.taboola.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com manilastandard.net googleads.g.doubleclick.net
11	fonts.gstatic.com	fonts.googleapis.com
8	sync.taboola.com	1 redirects sg-match.taboola.com imprsgmp.taboola.com eus.rubiconproject.com
8	cdn.taboola.com	manilastandard.net cdn.taboola.com
8	cm.g.doubleclick.net	4 redirects google-bidout-d.openx.net eus.rubiconproject.com
7	www.gstatic.com	googleads.g.doubleclick.net accounts.google.com
6	match.adsrvr.org	6 redirects
6	fonts.googleapis.com	manilastandard.net securepubads.g.doubleclick.net googleads.g.doubleclick.net client
5	pixel.rubiconproject.com	2 redirects eus.rubiconproject.com
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
5	trc.taboola.com	cdn.taboola.com sg-match.taboola.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	manilastandard.net securepubads.g.doubleclick.net
4	eus.rubiconproject.com	imprsgmp.taboola.com eus.rubiconproject.com sg-match.taboola.com
4	sync-t1.taboola.com	imprsgmp.taboola.com sg-match.taboola.com
4	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
4	www.google.com	3 redirects tpc.googlesyndication.com
4	disqus.com	thestandardph.disqus.com c.disquscdn.com
3	pixel.tapad.com	2 redirects live.rezync.com
3	x.bidswitch.net	3 redirects
3	pr-bh.ybp.yahoo.com	3 redirects
3	io.narrative.io	1 redirects
3	accounts.google.com	apis.google.com manilastandard.net www.gstatic.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	tg.socdm.com	3 redirects
3	us-u.openx.net	1 redirects google-bidout-d.openx.net
3	referrer.disqus.com	manilastandard.net
3	gum.criteo.com	1 redirects static.criteo.net cdn.taboola.com
3	ecp.yusercontent.com	manilastandard.net
2	eb2.3lift.com	1 redirects
2	u.openx.net	1 redirects
2	c1.adform.net	2 redirects
2	sg-match.taboola.com	vidstat.taboola.com
2	apis.google.com	c.disquscdn.com apis.google.com
2	connect.facebook.net	c.disquscdn.com connect.facebook.net
2	cr-p3.ladsp.com	2 redirects
2	jp-u.openx.net	google-bidout-d.openx.net
2	oajs.openx.net	1 redirects manilastandard.net
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
1	pips.taboola.com	cdn.taboola.com
1	dis.criteo.com	1 redirects
1	rtb-csync.smartadserver.com
1	simage2.pubmatic.com
1	vidstatb.taboola.com
1	px.ads.linkedin.com	eus.rubiconproject.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	sg-wf.taboola.com	vidstat.taboola.com
1	sg-vid-events.taboola.com
1	imprsgmp.taboola.com	vidstat.taboola.com
1	obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com	1 redirects
1	pippio.com	c.disquscdn.com
1	live.rezync.com	c.disquscdn.com live.rezync.com
1	sg-trc-events.taboola.com
1	glitter.services.disqus.com	c.disquscdn.com
1	www.facebook.com	c.disquscdn.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	tempest.services.disqus.com	thestandardph.disqus.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	mug.criteo.com	manilastandard.net
1	id5-sync.com	cdn.id5-sync.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ea4623aa1fbc00427a66df067b84b892.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	www.google.com.sg	manilastandard.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	thestandardph.disqus.com	manilastandard.net
1	www.googletagmanager.com	manilastandard.net
1	kas.pr	1 redirects
0	cds.taboola.com Failed	cdn.taboola.com
0	t.adx.opera.com Failed
0	sync.srv.stackadapt.com Failed
0	rtb.mfadsrvr.com Failed
0	bh.contextweb.com Failed
0	ce.lijit.com Failed
0	trace.mediago.io Failed
0	ssbsync.smartadserver.com Failed
0	ih.adscale.de Failed
0	sync-dsp.ad-m.asia Failed	sg-match.taboola.com
0	s.amazon-adsystem.com Failed	eus.rubiconproject.com
0	aax-eu.amazon-adsystem.com Failed	eus.rubiconproject.com
269	92

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.linkedin.com
www.pinterest.com
www.nasdaq.com
www.techinasia.com
www.kaspersky.com
manilastandard.online
neitiviti.net

Subject Issuer	Validity	Valid
manilastandard.net GTS CA 1P5	`2023-05-22` - `2023-08-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.ec.yimg.com DigiCert SHA2 High Assurance Server CA	`2023-05-17` - `2023-08-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-13` - `2024-04-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-04` - `2023-12-06`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
a.disquscdn.com Amazon RSA 2048 M01	`2023-03-01` - `2023-10-29`	8 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-19` - `2023-07-18`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.rezync.com Amazon RSA 2048 M02	`2023-02-22` - `2023-12-23`	10 months	crt.sh
pippio.com GTS CA 1D4	`2023-05-15` - `2023-08-13`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Frame ID: 1EA068DE907AF4082B5F989E5C745B52
Requests: 79 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20190131/zrt_lookup.html
Frame ID: 6CD14E59A95FCC20C5FEE27B85D346B6
Requests: 1 HTTP requests in this frame

Frame: https://ea4623aa1fbc00427a66df067b84b892.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B369C97D7E128054C429C0CEAB01A843
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=manilastandard.net
Frame ID: 8A615BC14EF648BAE4E989C5C09AF9A4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7821547671837563&output=html&adk=1812271804&adf=3025194257&lmt=1689070881&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_r&format=0x0&url=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073687842&bpp=3&bdt=424&idt=252&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=330882364212&frm=20&pv=2&ga_vid=12579241.1689073688&ga_sid=1689073688&ga_hid=561136314&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C42532278%2C42532280%2C31075757%2C44788441%2C44792013&oid=2&pvsid=3655052158917218&tmod=1241611836&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=285
Frame ID: C3D148685C2A43FC6DCB578672DD7786
Requests: 2 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
Frame ID: 158FD110429BA879317A57A08EC7AFDC
Requests: 37 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Frame ID: 5DE34F90E1DD1EE5C3D5B7FD7234B1F0
Requests: 14 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: F8E915F6822819C73A30BE3C8EAC504B
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1
Frame ID: C6F1F49C8BA02C041017047D71FEC8F3
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1
Frame ID: D30D77C67CDA6C7A2E8816D0DA587300
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7FA4F08AE2EBE205CA75F0F2A15DF07F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C156D026583BD622578578A1DB75A911
Requests: 2 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Frame ID: 70B8F1B6AF185C0BC1899B8DE39319C0
Requests: 32 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 187FB7CD8779DA461A6E3AE480BBB291
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A601989805FEDAADC098EBA023F9DE59
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Frame ID: 938C3FADF51E35812AC17F2E65CDF4D7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Frame ID: 70820FAFD8206B11029F34D243962CEE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Frame ID: 0F4A786128F817456F5844C3DD42EC13
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5C034F8B729562AFAEFA92B1A148F31E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 18A4FE015A55BE432E0F6B5F37E9A98B
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 9A4078DC24112FE4F777F0C2057FC663
Requests: 4 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c8cvin272rsqtdt&pctry=SG&referrer=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&cache_buster=0.858785502315
Frame ID: DC287FD2F8E0C2DC73141D2ED435E175
Requests: 4 HTTP requests in this frame

Frame: https://pippio.com/api/sync?pid=1391&ref=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&it=1&iv=c8cvin272rsqtdt
Frame ID: 7DDA8D6EAD722D622253FB65E4D87700
Requests: 1 HTTP requests in this frame

Frame: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8C68CLAaEfsfjOLQBvxEI_Y7HcWgDfisAAABgYED8AMkYZo7JYuVya1zO1Vo0Mm3WEtdyuFYMZi7fwrZajUwOIyAZw8wxWaxcbo3LuVqLRqbNWuJaDteKwczlW9hWq5HJ4QZraDodPte9Xu2wO80Oz-lhNzksJ7vcZfqLXh6jX7MYbUazzXCyF_p9b43leTj93YKj03N0WT5vzenlMLs1lufh9HfrHmazy_S5C01vs391evs7f9fl43LPHB6Xxe_32gEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AwBwS5mn3OQx_y8sfAAAAAEAAAAAAkAAYcGsqAWCRWXri_________z_GAH3mjYz_____Gww9AB58ADwIAQAAeBiCm65skQuj1Uek4KQIIwAAAABn_pnnRybpBBWLKv____1WAK4AAAQkEo2m_GXRHZR4CwMAADAwZoEeFr_f7LBr_G6X-f________8383_mH83PqStFGqFnVHs1v4AAAGt-AQEA2KgbAIA3AXCCTgCsTkDMDgAAAMCd____fz0gMZptHK6NYTHzOCa-2WQwM-1mK5PNsdkslrOVy3vYYeTMMRYI8PxM2GK0mkw2y-FsuZgMhqPhaLQ_A7EYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYLBjWlhMeyWa8lutlmLdiOPWzlaGdeylc05WlgszsVutBa9PqaLwzYxORdeJBjgtRfJ0yKdqGae5cTlcA5Xu5XJYzIuVpPVaDBxLgab2Wzim03EEs3JIp3ILvvGaLZxuDaGxczjmPhmk8HMtJutTDbHZrNYzlYuf3FjWlgMu-Vasptt1qLdyONWjlbGtWxlc44WFotzsRutRa-P6eKwTUzOhb8xGy4Hu81sOdg3ZsPlYLeZLQf7Dp3hu_qcjcpyNeMRSoSql9dqcxoULoPF-z1YpNFpZ2f0uQwXi2ps2jkmVqHf7_f7_X6_3-_3bswGj8FgOEmsuZ9Uty1npuXOxnswKmKJ4CKdiJyex-vzFh1dntPDbnJYToajRSxRmi7SiV708hj9msVoM5pthpO90O97ayzPw-nvFhydnqPL8nlrTi-H2a2xPA-nv1v3MJtdps9daHqbLWKJ4HSRTkQv4-mi_qOHGGzmktVorlht5pLNYpUAAAAAAAAAACzBJNNNAAAAAJwMZDIajlbrdBCj4WIxWS0XQMTbli5gEAAAAAAAgGKNPUZBTs_j9XmLji7P6WE3OSwnw9HKAB6cFplt9hlBrNVqWQMAABDABgAAEMBNN94EYDFx_____-MAAADIyKEHAAAgvg8AAAAAAAAAgF9BDIbDyf4BqBBrtVrdbqzVagE!&cmcv=&pix=undefined&cb=1689073691984&uv=3300&tms=1689073691984&abt=nonrv_vA!ntvc_vB!tbt_unit!ufm&ru=https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=c0f121ee-ce95-4d43-b598-10fe7a655dda&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: A626E777841163FF67F62FABAA1960D9
Requests: 3 HTTP requests in this frame

Frame: https://sg-match.taboola.com/sync?dast=V8C68CLAaEfsfjOLQBvxEI_Y7HcWgDfisAAABgYED8AMkYZo7JYuVya1zO1Vo0Mm3WEtdyuFYMZi7fwrZajUwOIyAZw8wxWaxcbo3LuVqLRqbNWuJaDteKwczlW9hWq5HJ4QZraDodPte9Xu2wO80Oz-lhNzksJ7vcZfqLXh6jX7MYbUazzXCyF_p9b43leTj93YKj03N0WT5vzenlMLs1lufh9HfrHmazy_S5C01vs391evs7f9fl43LPHB6Xxe_32gEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AwBwS5mn3OQx_y8sfAAAAAEAAAAAAkAAYcGsqAWCRWXri_________z_GAH3mjYz_____Gww9AB58ADwIAQAAeBiCm65skQuj1Uek4KQIIwAAAABn_pnnRybpBBWLKv____1WAK4AAAQkEo2m_GXRHZR4CwMAADAwZoEeFr_f7LBr_G6X-f________8383_mH83PqStFGqFnVHs1v4AAAGt-AQEA2KgbAIA3AXCCTgCsTkDMDgAAAMCd____fz0gMZptHK6NYTHzOCa-2WQwM-1mK5PNsdkslrOVy3vYYeTMMRYI8PxM2GK0mkw2y-FsuZgMhqPhaLQ_A7EYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYLBjWlhMeyWa8lutlmLdiOPWzlaGdeylc05WlgszsVutBa9PqaLwzYxORdeJBjgtRfJ0yKdqGae5cTlcA5Xu5XJYzIuVpPVaDBxLgab2Wzim03EEs3JIp3ILvvGaLZxuDaGxczjmPhmk8HMtJutTDbHZrNYzlYuf3FjWlgMu-Vasptt1qLdyONWjlbGtWxlc44WFotzsRutRa-P6eKwTUzOhb8xGy4Hu81sOdg3ZsPlYLeZLQf7Dp3hu_qcjcpyNeMRSoSql9dqcxoULoPF-z1YpNFpZ2f0uQwXi2ps2jkmVqHf7_f7_X6_3-_3bswGj8FgOEmsuZ9Uty1npuXOxnswKmKJ4CKdiJyex-vzFh1dntPDbnJYToajRSxRmi7SiV708hj9msVoM5pthpO90O97ayzPw-nvFhydnqPL8nlrTi-H2a2xPA-nv1v3MJtdps9daHqbLWKJ4HSRTkQv4-mi_qOHGGzmktVorlht5pLNYpUAAAAAAAAAACzBJNNNAAAAAJwMZDIajlbrdBCj4WIxWS0XQMTbli5gEAAAAAAAgGKNPUZBTs_j9XmLji7P6WE3OSwnw9HKAB6cFplt9hlBrNVqWQMAABDABgAAEMBNN94EYDFx_____-MAAADIyKEHAAAgvg8AAAAAAAAAgF9BDIbDyf4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 2909951404E86185E99B1DBEC41EAC79
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: DF4CFFF43133560360D0A0E885CD1E39
Requests: 12 HTTP requests in this frame

Frame: https://sg-match.taboola.com/sync?dast=V8C68CLAaEfsfjOLQBvxEI_Y7HcWgDfisAAABgYED8AMkYZo7JYuVya1zO1Vo0Mm3WEtdyuFYMZi7fwrZajUwOIyAZw8wxWaxcbo3LuVqLRqbNWuJaDteKwczlW9hWq5HJ4QZraDodPte9Xu2wO80Oz-lhNzksJ7vcZfqLXh6jX7MYbUazzXCyF_p9b43leTj93YKj03N0WT5vzenlMLs1lufh9HfrHmazy_S5C01vs391evs7f9fl43LPHB6Xxe_32gEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AwBwS5mn3OQx_y8sfAAAAAEAAAAAAkAAYcGsqAWCRWXri_________z_GAH3mjYz_____Gww9AB58ADwIAQAAeBiCm65skQuj1Uek4KQIIwAAAABn_pnnRybpBBWLKv____1WAK4AAAQkEo2m_GXRHZR4CwMAADAwZoEeFr_f7LBr_G6X-f________8383_mH83PqStFGqFnVHs1v4AAAGt-AQEA2KgbAIA3AXCCTgCsTkDMDgAAAMCd____fz0gMZptHK6NYTHzOCa-2WQwM-1mK5PNsdkslrOVy3vYYeTMMRYI8PxM2GK0mkw2y-FsuZgMhqPhaLQ_A7EYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYLBjWlhMeyWa8lutlmLdiOPWzlaGdeylc05WlgszsVutBa9PqaLwzYxORdeJBjgtRfJ0yKdqGae5cTlcA5Xu5XJYzIuVpPVaDBxLgab2Wzim03EEs3JIp3ILvvGaLZxuDaGxczjmPhmk8HMtJutTDbHZrNYzlYuf3FjWlgMu-Vasptt1qLdyONWjlbGtWxlc44WFotzsRutRa-P6eKwTUzOhb8xGy4Hu81sOdg3ZsPlYLeZLQf7Dp3hu_qcjcpyNeMRSoSql9dqcxoULoPF-z1YpNFpZ2f0uQwXi2ps2jkmVqHf7_f7_X6_3-_3bswGj8FgOEmsuZ9Uty1npuXOxnswKmKJ4CKdiJyex-vzFh1dntPDbnJYToajRSxRmi7SiV708hj9msVoM5pthpO90O97ayzPw-nvFhydnqPL8nlrTi-H2a2xPA-nv1v3MJtdps9daHqbLWKJ4HSRTkQv4-mi_qOHGGzmktVorlht5pLNYpUAAAAAAAAAACzBJNNNAAAAAJwMZDIajlbrdBCj4WIxWS0XQMTbli5gEAAAAAAAgGKNPUZBTs_j9XmLji7P6WE3OSwnw9HKAB6cFplt9hlBrNVqWQMAABDABgAAEMBNN94EYDFx_____-MAAADIyKEHAAAgvg8AAAAAAAAAgF9BDIbDyf4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: AFC20F9CFA5F66F143E8EA6977A3D3A1
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: 916D29CFA7A8EF4C7151EEC69763A3B6
Requests: 2 HTTP requests in this frame

Frame: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=eb95b52b-fe58-4b13-9331-5d88a549b9a9
Frame ID: 47B46F419675D8BB1FDCEC0D36C5658F
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZK04HMCo5sEAAH20FP8AAAAA
Frame ID: 44CC67659C0D31177C4D63723E74EFF8
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How crypto-phishers steal crypto wallets - Manila Standard

Page URL History Show full URLs

https://kas.pr/ug6n HTTP 301
https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=face... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

269
Requests

83 %
HTTPS

44 %
IPv6

51
Domains

92
Subdomains

51
IPs

8
Countries

4960 kB
Transfer

12740 kB
Size

48
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ManilaStandardPH/

Search URL Search Domain Scan URL

URL: https://twitter.com/MlaStandard

Search URL Search Domain Scan URL

URL: https://www.instagram.com/manilastandard/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCI3NcakVB4-2VSNrXJpkA-A

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=How%20crypto-phishers%20steal%20crypto%20wallets&url=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html&title=How%20crypto-phishers%20steal%20crypto%20wallets

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/bookmarklet/?pinFave=1&url=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html&media=https://manilastandard.net/wp-content/uploads/2023/07/cryptosea2.jpg&description=How%20crypto-phishers%20steal%20crypto%20wallets

Search URL Search Domain Scan URL

URL: https://www.nasdaq.com/articles/southeast-asia-to-emerge-as-the-next-global-economic-powerhouse-through-mass-crypto
Title: more and more adopters, especially in Southeast Asia

Search URL Search Domain Scan URL

URL: https://www.techinasia.com/mapping-crypto-landscape-sea#:~:text=Southeast%20Asia%20makes%20up%2014,months%20of%20this%20year%20alone.
Title: 14%

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/blog/metamask-wallets-scam/43962/
Title: pillage your savings

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/internet-security?icid=gl_kdailyplacehold_acq_ona_smm__onl_b2c_kasperskydaily_wpplaceholder____kismd___
Title: reliable security solution

Search URL Search Domain Scan URL

URL: https://manilastandard.online/
Title: Manila Standard

Search URL Search Domain Scan URL

URL: https://neitiviti.net/
Title: Neitiviti Studios

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://kas.pr/ug6n HTTP 301
https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://gum.criteo.com/sid/json?origin=publishertagids&domain=manilastandard.net&sn=ChromeSyncframe&so=0&topUrl=manilastandard.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ED-nl3xNNllCWXlkVUdkZTN0aUNvV0VlUUozNllEcUhoTWU2elBRanhRNG1mL040NU43WnBTUnlHMmV3YnFKMHlzWGcwV1AyUW9yZlFZajFSSjBpUDVIWVcrTE9iK3B5ZkhLd3RCOHhhc3I4ZEVlaXRSaVp4aXplT04rb1FFS3VxUjVpS1kyWmVVbjY5SkRPWWo3Y1l6WWJzdi9RdGVMWjV4WXo5bmZBV01qNU9aYmFwUlJIQVhDVGtWNnpVNjUyYlpKdkgvNTU3bXJIZWJSMkVFVnVyaEc0NWUyWXZTM0hBMEdrOHoyUWV4L0krcGdOSmpRbEJhdlB6YS9hY2o5V3l1M1U1NnlrdUU5ZUhHK0x2U0h3T2l3Nm1oOGlPRkxiQk96cjRwMThiMnNrbW5rOD18&cppv=2

Request Chain 73

https://oajs.openx.net/esp?url=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&rid=esp&cc=1

Request Chain 89

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 92

https://match.adsrvr.org/track/cmf/openx?oxid=6caf5608-1459-7a44-e19f-5c0e04341d1d&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=6caf5608-1459-7a44-e19f-5c0e04341d1d&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=76a3488d-5910-4058-9367-cee18d91ab73&ttd_puid=6caf5608-1459-7a44-e19f-5c0e04341d1d&gdpr=0&gdpr_consent=

Request Chain 93

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZK04GMCo5sEAAH20E6oAAAAA

Request Chain 94

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZ9Rl8YsBA0Vks8AD7Il491fAc8AAAGJRKMjCg

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDFj_978300nwt6WBq7wiHg&google_cver=1

Request Chain 131

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 137

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 208

https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D0%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac8cvin272rsqtdt HTTP 302
https://io.narrative.io/?companyId=19&gdpr=0&gdpr_consent=&id=disqus_id:c8cvin272rsqtdt&gdpr_consent=&puid=39dae610-1fdb-11ee-b54c-d742d1f076ec

Request Chain 209

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac8cvin272rsqtdt&ret=img&ref=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r HTTP 302
https://io.narrative.io/?io.narrative.guid.v2=3994b550-1fdb-11ee-9c84-0a2d04f6ac5a&companyId=19&id=disqus_id%3Ac8cvin272rsqtdt&ret=img&ref=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r

Request Chain 214

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=76a3488d-5910-4058-9367-cee18d91ab73

Request Chain 215

https://pr-bh.ybp.yahoo.com/sync/taboola/8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a?gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2.YgeK5E2oQJZLlNiiWq6vG5cBQQyAwP9Q48hg--~A

Request Chain 216

https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZK04HMCo5sEAAH20FP8AAAAA

Request Chain 220

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-l67efkVE2uHL0pCDyXATJn47fBz9S0hq~A&gdpr_in_effect=0

Request Chain 221

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=8269748334659375202&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c57b8eb2-e1c9-47a2-9873-97ccf7106a21&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 224

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID%26cache_buster%3D1689073692.4575658 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID%2526cache_buster%253D1689073692.4575658 HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=2524573940235033349&cache_buster=1689073692.4575658 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=b37aa6a8-a27f-4c88-baed-d3ed87dc8989%3A1689073692.457179&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc8cvin272rsqtdt%26_%3D1689073693.6216023&cb=1689073693.6216373 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1975461768353436235&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dc8cvin272rsqtdt%26_%3D1689073693.6216023

Request Chain 225

https://p.rfihub.com/cm?pub=39342&in=1&userid=b37aa6a8-a27f-4c88-baed-d3ed87dc8989%3A1689073692.457179&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D&cb=1689073692.4576993 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1975461768353436235&referrer={encSite}&forward=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D1975461768353436235

Request Chain 226

https://pixel.tapad.com/idsync/ex/receive?partner_id=3181&partner_device_id=b37aa6a8-a27f-4c88-baed-d3ed87dc8989%3A1689073692.457179 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3181&partner_device_id=b37aa6a8-a27f-4c88-baed-d3ed87dc8989%3A1689073692.457179 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4b9c544f-2dd2-4c84-8b2c-8fa53ade6a8b%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=76a3488d-5910-4058-9367-cee18d91ab73&ttd_puid=4b9c544f-2dd2-4c84-8b2c-8fa53ade6a8b%2C%2C

Request Chain 229

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LJY6V6I0-21-6NDA HTTP 302
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJY6V6I0-21-6NDA&gdpr=0&us_privacy=1---

Request Chain 230

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t

Request Chain 231

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJY6V6I0-21-6NDA&gdpr=0&us_privacy=1---

Request Chain 232

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/xi8WteNSBi0JDDRUorUHbcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-d_c83L5E2oLu5E0rsWwbGimAyjFH8IAOTpFX5Q--~A

Request Chain 233

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOD2DZY0H8DQAx806z-wB04&google_cver=1

Request Chain 234

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t

Request Chain 235

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpZNlY2STAtMjEtNk5EQQ==&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEHPlYdbBJsIpcNsuJn7ht1o&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpZNlY2STAtMjEtNk5EQQ==&google_push=&gdpr=0

Request Chain 236

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjEzMzk1NGY0MGYxMWU3YmU1YzBiZmVlMTNkZWNmMjI1NmExNGRmNg&gdpr=0&us_privacy=1---

Request Chain 237

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=76a3488d-5910-4058-9367-cee18d91ab73&gdpr=0&gdpr_consent=&expires=30

Request Chain 241

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola

Request Chain 243

https://us-u.openx.net/w/1.0/cm?gdpr=0&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=eb95b52b-fe58-4b13-9331-5d88a549b9a9

Request Chain 245

https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZK04HMCo5sEAAH20FP8AAAAA

Request Chain 248

https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJY6V6I0-21-6NDA

Request Chain 249

https://pr-bh.ybp.yahoo.com/sync/taboola/8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2.YgeK5E2oQJZLlNiiWq6vG5cBQQyAwP9Q48hg--~A

Request Chain 251

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEMW7mYrkNjeFLyS4X-2FxRM&google_cver=1

Request Chain 253

https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a

Request Chain 254

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=76a3488d-5910-4058-9367-cee18d91ab73

Request Chain 258

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=e626290a-07f4-434b-9a46-ab0547ce4adb

Request Chain 260

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola

Request Chain 263

https://eb2.3lift.com/xuid?mid=7772&xuid=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=

Request Chain 266

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=eb95b52b-fe58-4b13-9331-5d88a549b9a9

269 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request how-crypto-phishers-steal-crypto-wallets.html Show response
manilastandard.net/tech/314346382/
Redirect Chain

https://kas.pr/ug6n
https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook...

216 KB
34 KB

56ms
31ms

Document
text/html

2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c639fdc87ae6f3ceebc57af081c0792a2bd7f49c22ffe5d27899ac4bf825b1cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7e5096322d0987ed-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 11 Jul 2023 11:08:07 GMT
last-modified: Tue, 11 Jul 2023 10:21:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1a82jcDrisO%2F67Bj7LcPkhJUoa%2FpsambGF6Ue4YMIbZRTwHzk0y8i2vdW0NsOPPoFxfJjdVJXar6yanZ1Jv2P4yWRh49Lf4s52gOtROwinC7pwJfXZqSuYQBHJ3jiFsfW2ay%2BemAW2leuvTiwGvLCA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
wpo-cache-status: cached
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
content-length: 1194
content-type: text/html; charset=UTF-8
date: Tue, 11 Jul 2023 11:08:06 GMT
location: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
pragma: no-cache
server
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: Kaspersky Labs
x-server: fr2/

GET
H2 200 style.min.css
manilastandard.net/wp-includes/css/dist/block-library/ 95 KB
13 KB 30ms
29ms Stylesheet
text/css 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 12 May 2023 20:22:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"17ced-5fb84dc227991-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKHVlRrzqaAKj3hm2ICHu4DDxXkefHKf%2B%2FNijyf0FBICYkYizTJcHG9itwJmLs3yPYTeY%2BLT8PPkZNyys8Z%2ByIKSxHvHVZcB%2FAMAikcP%2FJBs8n%2BmI6XcL4zmVyMkbPHmAs4WsikWsuv0jrUXr0LqTE8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e5096326d6a87ed-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 blocks.style.build.css
manilastandard.net/wp-content/plugins/metronet-profile-picture/dist/ 27 KB
3 KB 14ms
13ms Stylesheet
text/css 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.6.0
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd00c79e4bbf06794b0851af6b891c002601933c8b9d0cef5bf18427c62c699c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Dec 2021 04:27:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 241
etag: W/"6c70-5d2af05af61a4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghzl6vij%2FN%2FZIR%2Fi6%2BkSnQfvhUwwofHsaoXZlcwp8SJrARluKY32TlbKsTPXH4bMOQV0scd70D6kVc2dC9aN7mQItvXnzY85SaQJKXAoeZ2fuvtGJD4ZsrCbqCbd%2FQZiJ282xOyJyIRID3NpZfj95iE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e5096326d6b87ed-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 classic-themes.min.css
manilastandard.net/wp-includes/css/ 291 B
522 B 24ms
23ms Stylesheet
text/css 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 12 May 2023 20:22:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"123-5fb84dc225a51-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUpODz3EbcD%2F6oDj%2BQ08a2Ik4J4RWWVK8uEkXKOfaFoiNEdFKlpi87X%2BGmDuAlhu01pHzPaZ8pWYsunQ8RMiiH%2BkbqhV4DcZhbvs2xbA%2Bo7%2Bvxp%2Ftdt%2Fbrggjo0mnk%2F55V%2FHVtTYLBSgrfrQSeWmbFM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e5096326d6e87ed-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 wp-emoji-release.min.js Show response
manilastandard.net/wp-includes/js/ 18 KB
5 KB 18ms
17ms Script
application/javascript 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 20:22:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2082
etag: W/"4904-5fb84dc24fa34-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlBLiM79CpnjRjypr9QZIWzOgyr7GjG05QqLBUGl6lfb1zCR%2F9ZCB2hsbQsVGAZHR0bj6ahoVIwyKkz9GXRgELnsNHOLYAemlbJckV%2BK5ftifitp0N8Gw5MLx%2FgMc8bAxQXRnMVXfY0dY3Zjey3mGtg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e509632afd3a081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 dashicons.min.css
manilastandard.net/wp-includes/css/ 58 KB
35 KB 12ms
12ms Stylesheet
text/css 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-includes/css/dashicons.min.css?ver=6.2.2
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Nov 2021 21:16:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6227
etag: W/"e688-5d0ee70ee1bc0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzvSgdXeYxdl4XynQxOpx0nh2L1IlH0nsHuYaj1jgAJzgMB%2Fi4Fmtu35g%2B2XIVz4dGp9%2Bm%2BKojI9kuIOqALVHdpMXhMMOVW5s7bbcVnAhp9TJtn0%2BkE1cmFEJse8dHlOwAbg59G6f0m6X%2B1E0YRmC88%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e509632afd7a081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 frontend.min.css
manilastandard.net/wp-content/plugins/post-views-counter/css/ 215 B
601 B 18ms
17ms Stylesheet
text/css 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/plugins/post-views-counter/css/frontend.min.css?ver=1.3.13
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed70c2cf61d0f24d03299ffc5896c7abd86bb858501987dc10e3afec086c01df

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2023 20:34:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 276
etag: W/"d7-5faa7c157d49d-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20EZP8lFooGfeELR5BcHL0HG7RyNm1SvrmhaftW%2F9C0r%2BZCuvhI6DF%2F%2FB%2FSO8SRp4VUzo%2FGcTsyJmlGlEhjQDecpLgb%2FPz62JAybl92175%2Fy74QwaMQHJsdwSCpcNaMP3ll1GlI53%2FNZblUT59K3wMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e509632afdaa081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 js_composer.min.css
manilastandard.net/wp-content/plugins/js_composer/assets/css/ 452 KB
45 KB 19ms
17ms Stylesheet
text/css 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.10.0
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Dec 2022 20:42:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6227
etag: W/"70ee5-5ef42f3fbb41f-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=435HQJ6HYLxy8%2BEGdYeqEfoLh5QpGkActshtmnzZvTWaVpr7cqmZIKs3qfaDLbkwZWIpIWTwIPACcyHyzgvCDiMkReYJ3uVYjjcuNC5H0pOK6C0kdLkd6y6h4KToga%2Bsva3zDSTGfBiNyiyDeGNzwTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e509632afdba081-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 21ms
8ms Stylesheet
text/css 2404:6800:4003:c0f::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3Aregular%2C700%2C500%2Cregular%2C300italic%2C600%7CAlfa+Slab+One%3Areguler&display=swap&ver=1.3.0

Requested by

Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b6cf40195f73f471ce1dfe84ca3b389c9eb8f46dacf76e1e2d63f5427d6c58a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 11:08:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jul 2023 11:08:07 GMT

GET
H3 200 pwaforwp-main.min.css
manilastandard.net/wp-content/plugins/pwa-for-wp/assets/css/ 3 KB
2 KB 21ms
20ms Stylesheet
text/css 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/plugins/pwa-for-wp/assets/css/pwaforwp-main.min.css?ver=1.7.60
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e855d9e6f5f92d817bd3949ded0debcb80d184b19b349279085724f8bc2d520

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 11 Jun 2023 19:59:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6227
etag: W/"d6b-5fde00955538a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ju7Zazf9YAB05eITCf78elnBXXbN68iboLeLyVw51lvjEWJOJ1M8CBD0Le3ro6t7DdmsaWb8lR46k85QcjaIRIza7Hz6Zx%2BsGF6Siyf4g%2F26%2BA31h%2FwvqXUCRAxC3P3yQ37nI4NWMJhuwBFmVCs%2Bw4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e509632afdda081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 frontend.min.css
manilastandard.net/wp-content/themes/jnews/assets/dist/ 588 KB
95 KB 22ms
20ms Stylesheet
text/css 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=11.0.8
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a5566a499a0f62b47373450a2eeac6214ce7448937efc6c3ae543f14e63b2df

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Jun 2023 02:45:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3115
etag: W/"9314a-5fec2fe7b861f-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8DXijA%2Fqvzh3rVxPeXONYMoeJpYWjpntwWKz9Um4pqmOEcQ84mUBaA7rHD5cONL0%2FEqIfQX0fBc2VrthO1FpZYUB7ynsetXzPbFP8KYBV2xyOzkv%2FzjNeveOJqORXhDZ7HvBT7D7RCsTjpJ0zcYh%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e509632afdea081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 js-composer-frontend.css
manilastandard.net/wp-content/themes/jnews/assets/css/ 3 KB
744 B 25ms
24ms Stylesheet
text/css 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/themes/jnews/assets/css/js-composer-frontend.css?ver=11.0.8
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c468f25c66a9aeaa637ca5244f64ec7f967734b2dc2aa92b667cf5316155e81

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Jun 2023 02:45:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 276
etag: W/"bb7-5fec2fe7ba560-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laQ13BKGHHcTVjOO5j2QNXU%2FaR7m2YXNfTXmpb1kkBUFKbckYgreKQXK3QLVr%2Bt6FpU1m7ZEaaWf1CnTplfymue9cyZCjaMcdDLzp1xmTZlwT2LqROjkmtde6jJPg4XVhxn7MAaMblLfb0MlKfa7vzQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e509632afdfa081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.css
manilastandard.net/wp-content/themes/jnews/ 427 B
738 B 26ms
24ms Stylesheet
text/css 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/themes/jnews/style.css?ver=11.0.8
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73eff7a5aa229193a1f6255c29130984d857447a1accb89667e53d883aefb90e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Jun 2023 02:45:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6227
etag: W/"1ab-5fec2fe7b091f-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLGrECJyFHRjRjsVN12g%2FuW0x1L9gWl9x%2BqkcUkF3om%2B3P%2FDmTpfa0Mzw29ynxUvixH%2FLfvkCvrOQrG4bcFVRRUBb3T3lqowdDwsxcBNmwnMiTYGZiShExJX03tSqtu9Jt57XTdjntW21YQtJXwhIFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e509632afe1a081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 darkmode.css
manilastandard.net/wp-content/themes/jnews/assets/css/ 46 KB
8 KB 26ms
25ms Stylesheet
text/css 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/themes/jnews/assets/css/darkmode.css?ver=11.0.8
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fadf99638094a841349a5bc82be83289b9b7c795838626f5ab8462763bad224

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Jun 2023 02:45:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6227
etag: W/"b6ae-5fec2fe7ba560-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTH2LoWHMbAdVSiBXBTZs60zY7PblriVv6MPATxT22rImtN6lgPnQFZZ6bJUYWqbfzuVxkNLRgGSrdGWMf%2FUtxbgNzpTqyn2ubzu6H5k7wWMfoX0nQPbP7rLVJtSDjHRhK1JQvEnyAeeanYbYmr%2FIpA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e509632afe4a081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 scheme.css
manilastandard.net/wp-content/themes/jnews/data/import/watch/ 4 KB
1 KB 27ms
25ms Stylesheet
text/css 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/themes/jnews/data/import/watch/scheme.css?ver=11.0.8
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 171f620f6a522f773d9c34939859566bb18192021eade1801bca6f6837971520

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Jun 2023 02:45:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 276
etag: W/"f71-5fec2fe7c41a0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFlNQGkvbgo5f5G%2FdhuJjq0VjsAhGDsXBtV8e7%2F9%2Bxua%2BDwndPNpPWhxo8PFIYKnUAV%2BBvV88mF4LxnoJkfFaAGmSrE%2B0JRctsG7lm21dC54OQq5SVFD0JMakvqoKTRA00%2BiTjkM90ABEeOJukQrElo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e509632afe5a081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 plugin.css
manilastandard.net/wp-content/plugins/jnews-social-share/assets/css/ 1 KB
896 B 27ms
26ms Stylesheet
text/css 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/plugins/jnews-social-share/assets/css/plugin.css
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5847707988b0ee28c7b583abaabd6c203ad910326e5b9fe12149a0bc8ac43e5c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Mar 2023 20:46:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4676
etag: W/"472-5f5dcccc88b4f-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGXQFPUjL3yEibGdPMn31tMIQUQrzIcIiLdMd2oQ9bsvcHKycDgOVD1X7hkMXi5W%2BAGOT8MJoLj7UwEbwz5ALATohKpo8HbLFDI7%2FyBVJc%2BN2xnH8uzgl2D%2F2My6KP34Xh5ddVCy0pxQZuHjlD3zJMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e509632afe8a081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
manilastandard.net/wp-includes/js/jquery/ 88 KB
32 KB 27ms
26ms Script
application/javascript 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 20:22:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6227
etag: W/"15ed7-5fb84dc240fd3-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Spu6%2F1Q8%2Fx8Kd3X13GTWEST0HGbZ28jHzvR1oe%2BWFaU%2B%2BWhMWB%2BKM%2BGUL8PGLCRxeZx%2FcmhTYEdeVsEZIA9OfvFMSb%2FuewZglndEYrypBnn92CnZULCnPUzsZFI4SAl1cHMXA2Pi4q9be5Dhm3rMZTw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e509632afe9a081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
manilastandard.net/wp-includes/js/jquery/ 13 KB
5 KB 27ms
26ms Script
application/javascript 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 20:22:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1344
etag: W/"3470-5fb84dc240fd3-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3%2B%2F70WfMsLVPCZZS%2BdsZu5lizCfU78g5wYYsBdI4Ib9Lep6rc2h%2BVDlsRCUW2WihMbVm39VF9EfBidiaOKFVKwlz3QmOhOuyf0alDR1JZy9XtlKhFMllYaSqnXTJA5GouElFmT0teYE3MgaPNqUYsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e509632afeba081-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
26 KB 194ms
97ms Script
text/javascript 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b089590c437316f3b53a6ea8abd412e6f4f6677b316592ebc7e2c033e4442348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25777
x-xss-protection: 0
server: cafe
etag: 167 / 19549 / 31075835 / config-hash: 3961141702774454604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:08:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
84 KB 27ms
5ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7YMB3580ZZ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02d3cc9d6f4313b616281d72c155ee4f8c1d5e5b3fa7ecb1023c6cc2ab16aa32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85631
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 11 Jul 2023 11:08:07 GMT

GET
H2 200 mail
ecp.yusercontent.com/ 90 KB
91 KB 323ms
301ms Image
image/jpeg 2406:2000:98:804::3000
YAHOO-HK2-AP inte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecp.yusercontent.com/mail?url=https%3A%2F%2Flh3.googleusercontent.com%2FHM4x3f-44IlK70HmMZcfj_kiFC7YamQESc4QMf8zccWNo2EaVYCIXW3Poc-UR6GWfONkrGp-faIgGklCWTAI5jceGGkXITIKlsGSbwytJuEl5uLaQuYqrenMqUaM4AriAd0lU3MHtna1xTX4o19myYs&t=1688453779&ymreqid=e193a53c-116f-9e4e-1c15-d60020016500&sig=Jof0LpryHSTmvOSAe5ZZ9g--~D

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2406:2000:98:804::3000 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),

Reverse DNS

Software

ATS /

Resource Hash

c517c83a9b04320c95fc1d275a35d262067c47910921f0835498311952393c6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
age: 0
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92595
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
etag: "v1"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 12 Jul 2023 11:08:07 GMT

GET
H2 200 mail
ecp.yusercontent.com/ 109 KB
109 KB 365ms
343ms Image
image/jpeg 2406:2000:98:804::3000
YAHOO-HK2-AP inte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecp.yusercontent.com/mail?url=https%3A%2F%2Flh5.googleusercontent.com%2FX5_WHIMkQVcT0pgYuOf_R8vP_8Hddn8Fclc7T4GAAfm35_0gK44nZhXGUT1f2Rfvng_SSP2npIvZLQEzfXT0qRw10jP36WX6Y-mwcOQ5WuVNjS33S5-sy11Iw3ae-4hvGat6CU6qZPvpB2pbu5VEgac&t=1688453779&ymreqid=e193a53c-116f-9e4e-1c15-d60020016500&sig=R4xAHCkiqyVN57_SjKynQw--~D

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2406:2000:98:804::3000 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),

Reverse DNS

Software

ATS /

Resource Hash

c30f8933e695a2f6a782b54f0bec3ee4044b205b149ec6b60faff14966562486

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
age: 0
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111695
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
etag: "v1"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 12 Jul 2023 11:08:07 GMT

GET
H2 200 mail
ecp.yusercontent.com/ 203 KB
203 KB 331ms
310ms Image
image/jpeg 2406:2000:98:804::3000
YAHOO-HK2-AP inte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecp.yusercontent.com/mail?url=https%3A%2F%2Flh4.googleusercontent.com%2FPahqlXD8UXhEAksHHMDo5KsnzyHTxiPPvx17fhWv79zT4eq87q7ShrCOXgwJ9rm3kwFeRi_m2A3lXAwuNSaBPcOBpW8tgsMGvaUAiREctspMWCnrw54q5FLC8dTQVYvEpNppTwiT3CgShIyaP1NDGKw&t=1688453779&ymreqid=e193a53c-116f-9e4e-1c15-d60020016500&sig=VnKxjT6A4v5ET.Xh6aXOiA--~D

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2406:2000:98:804::3000 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),

Reverse DNS

Software

ATS /

Resource Hash

ecda587e4172abad0c0325e5aae7b5959d1e1b01fab9278425415adeafb3372a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
age: 0
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 208117
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
etag: "v1"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 12 Jul 2023 11:08:07 GMT

GET
H3 200 email-decode.min.js Show response
manilastandard.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 5ms
5ms Script
application/javascript 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://manilastandard.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Jul 2023 15:21:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a438ff-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyfwGFbL%2Fvvihek%2FZOWbF5jBL%2Fj7%2BRzR2T43ijVct7yZh5EkNu2T9v1kCfSE84TWnglck8sSg1%2B9eWC%2Bi%2Fbi0g9twdrOJAkTJxnXadq3zGV%2Fn5HJnU%2F1PvDNIkO3sQnIgmU9T8Qvx0bglxjPZp0fXII%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7e509632e81ca081-SIN
expires: Thu, 13 Jul 2023 11:08:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 174ms
77ms Script
text/javascript 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7821547671837563

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b08dbe7fc6744e613d23468470d9aa59ab0fa0fb53c4587ef84f6c65a6f0ced8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://manilastandard.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48680
x-xss-protection: 0
server: cafe
etag: 4143365019711573851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:08:07 GMT

GET
H3 200 jeg-empty.png
manilastandard.net/wp-content/themes/jnews/assets/img/ 70 B
542 B 18ms
16ms Image
image/png 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manilastandard.net/wp-content/themes/jnews/assets/img/jeg-empty.png
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Jun 2023 02:45:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5866
etag: "46-5fec2fe7bf380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKG87g1%2F2aIWpn%2FkhPfopTy2SD1QaVx7vwBBY4ok0rvtvF5ib1HeaPWeBm3FNzcLby%2FDj0SVDR%2BRo134SqYrQKggYXGYLKqpo8zIU%2BtAJ39ask75QRLkp%2BPEW5uEjpGmcsayvWmeuSA06FzGMH1gIv8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e509633286ea081-SIN
alt-svc: h3=":443"; ma=86400
content-length: 70

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 202ms
105ms Script
text/javascript 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66ee6c589382813970064be808cc234d706233bdace425e13218c50ce995d4f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48650
x-xss-protection: 0
server: cafe
etag: 17981114987112680139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:08:07 GMT

GET
H3 200 plugin.css
manilastandard.net/wp-content/plugins/jnews-bookmark/assets/css/ 1 KB
837 B 9ms
9ms Stylesheet
text/css 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/plugins/jnews-bookmark/assets/css/plugin.css?ver=11.0.0
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47c0fdc683768eec072172fcbafca5d4fed05896d8703ca31a6644381a6549d3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Mar 2023 20:40:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4320
etag: W/"541-5f5dcb9842806-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYMfZOENlFwMkC4vQPh55nslsmtr6FsSR7tpHz36OitZEPqTMhDlEUUqWBV%2FLrNYCf2HF0tJMPmvf2JahOtmSU%2FxGlnFKgzcla3wSOpvEBHoRD4ENF2kIBofyYWydHLT2z6n5G4Cz7pwVUKbBkjP3Cc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e509632f82ba081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 mpp-frontend.js Show response
manilastandard.net/wp-content/plugins/metronet-profile-picture/js/ 331 B
655 B 17ms
17ms Script
application/javascript 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.6.0
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Dec 2021 04:27:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5868
etag: W/"14b-5d2af05af80e4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1yURJ%2BLyHKE5wx%2Fda7MYFfGNkEJhHWRzQYZIVQ3exU3YmZvv36dhmtEve1z8iJ%2BByufbjJ6E3%2Bnbopuh1H2S6UtLEPcIDBX484verJ6MdfWJ2OoaSHvcyEq%2BlLVz3bYI8VXwY1RP%2B5VcJ8BEm5X5tA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e5096332859a081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.autoload.js Show response
manilastandard.net/wp-content/plugins/jnews-auto-load-post/assets/js/ 4 KB
2 KB 16ms
13ms Script
application/javascript 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/plugins/jnews-auto-load-post/assets/js/jquery.autoload.js
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 123d292c62dc7d5cb5ea4b726cd4c85ea5ca98a2e42cad1aecc64b7019c7432f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2023 20:37:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5868
etag: W/"e54-5faa7c998f60e-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lomYER2Z6LTBc%2FTnhuNelrD079CdUPsoyRyhfhNbSD3RNMyG%2BX690VrzhTq%2FVgfjGJE%2FuvKlPrJZ3blXgMO%2F2np3ktaV6rnHwH4kjJs9ludO6KOnPsAw3bwcTpSXfmTbQ%2F2JF8LH6dyN7oBAMz3ycU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e509633285da081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 frontend.min.js Show response
manilastandard.net/wp-content/plugins/post-views-counter/js/ 1 KB
1 KB 13ms
10ms Script
application/javascript 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/plugins/post-views-counter/js/frontend.min.js?ver=1.3.13
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12475fdd5d48640d7ad60670a2342f02cf560b8cd977cf8e7e624e6a22576f82

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2023 20:34:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6783
etag: W/"484-5faa7c157d49d-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7xUiD2tE%2FrOWcDtWfEt3Nt0giXMgfTMG1JXt%2FustERmr8O2KjueiROFaiLkHvBvMa9xKwlbTwtw%2FlTRENj%2BjZp6XVi6iXYw6XLhjGfsEMdW0JhDhBJl9DEsS%2BKoNSdFaEOPrLCYLTi%2Bdk70HpFaUtI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e509633285ea081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 comment-reply.min.js Show response
manilastandard.net/wp-includes/js/ 3 KB
2 KB 15ms
12ms Script
application/javascript 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-includes/js/comment-reply.min.js?ver=6.2.2
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 06:53:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4320
etag: W/"ba5-5e9a319b70680-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZwOv%2BBzVy3Tp6i%2BeRlDDyA5kqamhcAMSWH7jmEwONg%2Fqs8SNVe06mu09kRxuMK2XMh7ScLKZHc0neIRquLJ5Ls%2BP4mZALjPcZvaIAh9Wy%2BQrJzaOdT2Ofkd95H4nnwTok%2Byp4af0HWeaPgeSucdO8X0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e5096332860a081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 hoverIntent.min.js Show response
manilastandard.net/wp-includes/js/ 1 KB
1 KB 15ms
12ms Script
application/javascript 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 06:53:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1386
etag: W/"5db-5e9a319b76440-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkHdeaj2RnXLBOffpA2N3vfDSw2jks0DPlwBB4D6DAAUOgi8rhPMkHkKu1jkuNaatM8FeOcCePLOHEsf28leOS247ByeN8ItUr0rWRS19cH8lnvFxFGShGfMCu4052I%2BOaQn%2B3hFigg0%2BDrWTaMvWw0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e5096332861a081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 imagesloaded.min.js Show response
manilastandard.net/wp-includes/js/ 5 KB
2 KB 16ms
13ms Script
application/javascript 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Nov 2021 21:16:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 185
etag: W/"15fd-5d0ee70ee1bc0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvZY5iDiPSeZn0bwxMEcpK%2BGKpTW3aehPiapE2WeYxMJOJsqpot3AHAOnTQOQWKVAqDGIWuRco9p4nr7U2C8mSJTfIKJN72B3gxmsUift%2BLFH61XPP4pIPqQxcE045bayuQ3GfGGJY2fvWzL1fjMSmE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e5096332862a081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 frontend.min.js Show response
manilastandard.net/wp-content/themes/jnews/assets/dist/ 298 KB
87 KB 24ms
22ms Script
application/javascript 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=11.0.8
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d6f9a64816ed389a494d2fc7ebe73af9031d9a513625e582bf4c3a3de123c14

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Jun 2023 02:45:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5868
etag: W/"4a70f-5fec2fe7b95bf-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4be1NhAAp5L3dC8LuDNeEQZZmLs7uVqQH%2By3yFxF0pqp%2F9rIFcZRSFMaiM66nBcahi%2BBTqp1f03Nh3GCgeBu2fGdGrNt%2FHFcY996gJRETaZNnzSpK2MhFDNXjcfbQp1XpzzfTpZvjhmBr%2F22QqDvnXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e5096332864a081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 pwaforwp.min.js Show response
manilastandard.net/wp-content/plugins/pwa-for-wp/assets/js/ 9 KB
3 KB 20ms
17ms Script
application/javascript 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/plugins/pwa-for-wp/assets/js/pwaforwp.min.js?ver=1.7.60
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 819b2cc873a2e72c4d9d0d546aa0e0f310a782375e174348d32c9256eff91e64

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 11 Jun 2023 19:59:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 976
etag: W/"238c-5fde00955632a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqPSFEEyp7J%2FreusQ%2F3fbPlAboGaT6vfyvac7HmZEVQBxrgXaS3pv3bygjpKFq%2B380rqMopczsleArrlqy0fiBqfNYVxub5T5uYtcQQNgXi%2F%2FddfaQGPfi8RX%2FW3r%2Bo6SuTcEoMD78IYPNzPB6bNzjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e5096332865a081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 pwaforwp-video.js Show response
manilastandard.net/wp-content/plugins/pwa-for-wp/assets/js/ 969 B
913 B 20ms
18ms Script
application/javascript 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/plugins/pwa-for-wp/assets/js/pwaforwp-video.js?ver=1.7.60
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 370870752701110a3b786e01042da739d8fae427aa8a46c3b2b233587f0d8ac4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 11 Jun 2023 19:59:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6887
etag: W/"3c9-5fde00955632a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARhbLOGfdJyxI4eYCrPzw%2B25dinnsZnAhzOAh7Vy4rTn13L9BV1zDl1V5tQKCGCz5wHlrkNN31eZPns4lPd6gvNkUIwaLalTcmTTaCbh7y12mPrxBRDdgl9A6zDov%2BLbPolFFvINGQ7qeVSGU4dphb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e5096332867a081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 pwaforwp-download.js Show response
manilastandard.net/wp-content/plugins/pwa-for-wp/assets/js/ 1 KB
953 B 17ms
14ms Script
application/javascript 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/plugins/pwa-for-wp/assets/js/pwaforwp-download.js?ver=1.7.60
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd7f6a2d10f7be5395cd5d30fb4c13c1a94111a51d093183c6bd8ff2eed612c3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 11 Jun 2023 19:59:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5868
etag: W/"477-5fde00955632a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIGwJj%2BOGWNc3YzswIg7%2B2bsUEveBNPnodbbBDcOF4qsyhzDTO%2FH4Gidg29L5KENAOhumLU%2F2eZq6aQsYYsqGN3xrKp0nbUi7E0%2FIrGcgvoE54%2B4nINltcwyFVq6jyQiaCutk9hfs0hyMvGMcgwS0to%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e5096332868a081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 pwa-register-sw.js Show response
manilastandard.net/ 15 KB
3 KB 22ms
19ms Script
application/javascript 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/pwa-register-sw.js?ver=1.7.60
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eae45081f842d49d56d697729af8670d13263c77315b961f4fb70573092fc4f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Feb 2022 20:07:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 976
etag: W/"3cc9-5d878a9dc8d67-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsMjyaxNRFi%2B4frWI5qvYCjmIDC6g36HVFUcrIIotARYcois%2FwB9MLHb1%2FAx6zcJeTtimhv6xmb6SmQeWbGTmmaDiBT076nrn%2B5QVRVWwmXLjEgtd8Nx%2FYsyq%2BE2QRaITVx%2BdBtLenC0O2I4AOErlww%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e509633286aa081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 plugin.js Show response
manilastandard.net/wp-content/plugins/jnews-social-share/assets/js/ 3 KB
2 KB 16ms
14ms Script
application/javascript 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/plugins/jnews-social-share/assets/js/plugin.js
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae63276d13de5376dd9d5d0dd2d330cb131ace6ab96008ddcad724acff553cea

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Mar 2023 20:46:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6783
etag: W/"d98-5f5dcccc88b4f-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1Yv1uWtMLp7RTr7nUQ4eL0iQRelw%2BJ79NlD%2BPqHpWTFucN5EtmwNQROEqEpdYTCRwTqHKcxyl%2BWShC6TsrGBkej1KqgVIuNSiYsh3Cf33VS6QPa2wRwwrFrEUi%2B7wlUT%2FtitZYwL8qlLe%2FGpHcq018%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e509633286ba081-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 plugin.js Show response
manilastandard.net/wp-content/plugins/jnews-bookmark/assets/js/ 5 KB
2 KB 18ms
15ms Script
application/javascript 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/plugins/jnews-bookmark/assets/js/plugin.js?ver=11.0.0
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14b4acd7dad1f0b6ddf02809d49f2262f5f76ecdc26ce20884bac52e0b99342f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Mar 2023 20:40:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6783
etag: W/"13d1-5f5dcb9842806-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7uWCxcTrjL0mhqw6%2BuEqc%2FAa7vc9qPh8BpJ9knLE2cWZsCXSQGAVK6hDqmujgAjeHUGJh3l9L02P7qW%2BCjoWbYQTFXNZuRgBkSVGNLzDI0ynwBaZALrPfz79oQnzG%2BI7ARY3pFCiuWMZdj1X44PmC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e509633286ca081-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 130ms
34ms Font
font/woff2 2404:6800:4017:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3Aregular%2C700%2C500%2Cregular%2C300italic%2C600%7CAlfa+Slab+One%3Areguler&display=swap&ver=1.3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:803::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://manilastandard.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 03:31:33 GMT
x-content-type-options: nosniff
age: 113794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jul 2024 03:31:33 GMT

GET
H3 200 fontawesome-webfont.woff2
manilastandard.net/wp-content/themes/jnews/assets/dist/font/ 75 KB
76 KB 11ms
10ms Font
font/woff2 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=11.0.8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://manilastandard.net/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=11.0.8
Origin: https://manilastandard.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Jun 2023 02:45:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5081
etag: "12d68-5fec2fe7cfd21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDucfQk3bxUi%2F1O%2BoBWWW3j2e1RxorAzndNFaVtM1WtJJib7qB72bEM5KPJAgn%2FcJ2BY0VhurZ6JBPRWmFjA60jBgbeQx8QrmX8PHZHEpJVZAiGpbCPRJ3w17OvC3ocIdBfXdboZ9Zf%2FwWp2bBpWUW0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e5096335891a081-SIN
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H2 200 6NUQ8FmMKwSEKjnm5-4v-4Jh2dJhew.woff2
fonts.gstatic.com/s/alfaslabone/v17/ 17 KB
18 KB 129ms
38ms Font
font/woff2 2404:6800:4017:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alfaslabone/v17/6NUQ8FmMKwSEKjnm5-4v-4Jh2dJhew.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3Aregular%2C700%2C500%2Cregular%2C300italic%2C600%7CAlfa+Slab+One%3Areguler&display=swap&ver=1.3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:803::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9374de123126424cc9576c36c508f12954bb9c1da8a23d035bf8a0131f7113f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://manilastandard.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:02:53 GMT
x-content-type-options: nosniff
age: 378314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17896
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:03:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 02:02:53 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 164ms
73ms Font
font/woff2 2404:6800:4017:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3Aregular%2C700%2C500%2Cregular%2C300italic%2C600%7CAlfa+Slab+One%3Areguler&display=swap&ver=1.3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:803::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://manilastandard.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 08:59:56 GMT
x-content-type-options: nosniff
age: 439691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 08:59:56 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 165ms
75ms Font
font/woff2 2404:6800:4017:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3Aregular%2C700%2C500%2Cregular%2C300italic%2C600%7CAlfa+Slab+One%3Areguler&display=swap&ver=1.3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:803::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://manilastandard.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 04:38:03 GMT
x-content-type-options: nosniff
age: 369004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 04:38:03 GMT

GET
H3 200 manila-standard-author-image-96x96.jpg
manilastandard.net/wp-content/uploads/2021/12/ 69 KB
69 KB 11ms
11ms Image
image/jpeg 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manilastandard.net/wp-content/uploads/2021/12/manila-standard-author-image-96x96.jpg
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32011d788c00421face369de4aab7fb0b93b020bd61474d1a3deee3272c82dc0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
cf-cache-status: HIT
last-modified: Sun, 12 Dec 2021 12:21:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6740
etag: "11229-5d2f1ff466621"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIOTtS%2FazPx%2BPu0Tbmnp2atELkai6gjYAOB1jExYBeDqJMVrHEDsmJAVKV4O55QwERaHantDemSD9KeyilYOKXoCo98er2Z2ENjpDONc%2FJV%2BQANqnu0ajXVujvn%2FHH%2FnqTAhDIocpBDQXOIUkk0SqTM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e50963378d8a081-SIN
alt-svc: h3=":443"; ma=86400
content-length: 70185

GET
H/1.1 200
OK embed.js Show response
thestandardph.disqus.com/ 78 KB
25 KB 558ms
180ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://thestandardph.disqus.com/embed.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

0c0966cfd51c57ef6c213b1ec5bcc82a3abe350f9ace2632ce6418837e9c0c48

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 11 Jul 2023 11:08:08 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
Server: openresty
Age: 3
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25453

GET
H3 200 preloader.gif
manilastandard.net/wp-content/themes/jnews/assets/dist/image/ 4 KB
5 KB 10ms
9ms Image
image/gif 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manilastandard.net/wp-content/themes/jnews/assets/dist/image/preloader.gif
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=11.0.8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=11.0.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Jun 2023 02:45:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5027
etag: "112f-5fec2fe7d0cc1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APG%2BEG0HS2ZKqACMb9FosvTlkjJ%2B8S8b4mFKMmGL5KB7YpqgN0yV6Og73gGs1mj48EEx%2F%2BPHLxUqYUdL6wteeCGr0Zv0NTY5ss7QOtoSNb4GgugMCGq0WIKhvMjL1ud1HLNFLkODk3hWlFnJCKoMNp8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e509633a8fea081-SIN
alt-svc: h3=":443"; ma=86400
content-length: 4399

GET
H3 200 jegicon.woff
manilastandard.net/wp-content/themes/jnews/assets/dist/font/ 7 KB
7 KB 9ms
9ms Font
font/woff 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/wp-content/themes/jnews/assets/dist/font/jegicon.woff
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=11.0.8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede

Request headers

Referer: https://manilastandard.net/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=11.0.8
Origin: https://manilastandard.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Jun 2023 02:45:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3941
etag: "1be8-5fec2fe7cfd21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkLvnmMaL1xPrpKh8C3rejwZrbzLyPRzhC1GJxBQ%2BaOQDjmGP0quGoio88sBAuRZ4yz0sqTx2qoFdCPob9kAeK2e3JYGCuC8CkQzslppCjft28dRo9%2BdSNxUEKPkt%2FnjJAEtgUFMAPnnQsa7MSriViU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e509633a903a081-SIN
alt-svc: h3=":443"; ma=86400
content-length: 7144

GET
H2 200 pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2
fonts.gstatic.com/s/poppins/v20/ 9 KB
9 KB 100ms
65ms Font
font/woff2 2404:6800:4017:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3Aregular%2C700%2C500%2Cregular%2C300italic%2C600%7CAlfa+Slab+One%3Areguler&display=swap&ver=1.3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:803::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0ae296f5c19db047491f1311d621ff18960b34cfa9cb07b69932a02ec298366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://manilastandard.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 08:35:04 GMT
x-content-type-options: nosniff
age: 268383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8712
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:05:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 08:35:04 GMT

POST
H3 403 / Show response
manilastandard.net/ 0
423 B 27ms
27ms XHR
text/html 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manilastandard.net/?ajax-request=jnews
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HEJJXg0USaer9HRWr%2F83%2F%2FHNQLXuBRGu2XOoV8NmXGK6K1XUc0mLPGkd7HRqGIhGcrzPTErGLFITgLdBJAAP9Y0EcYFT9C%2BvYu%2BWVk%2FdjuDBLuiPuC2ivhfwVT7MAIoudLTGfk6V9EBqmnJlsRUuaU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7e5096344996a081-SIN
alt-svc: h3=":443"; ma=86400

POST
H3 200 admin-ajax.php Show response
manilastandard.net/wp-admin/ 36 B
734 B 419ms
419ms Fetch
text/html 2606:4700:3035::6815:5efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://manilastandard.net/wp-admin/admin-ajax.php

Requested by

Host: manilastandard.net
URL: https://manilastandard.net/wp-content/plugins/post-views-counter/js/frontend.min.js?ver=1.3.13

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5efb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6392f534bd48c7a1bff5a562a8bad25235244cd256849e218c44d5a7bf7c052b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Tue, 11 Jul 2023 11:08:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://manilastandard.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgOW9MKKb3tQEQjhpr2KY0G5fNNxLLF%2B6hmxEm8lHFtKkYdGQp00knhB%2B44McT%2BOGL65VW0kqkzynAQ0cOuMRa0EHyUK%2FJiFz%2FFzEFGLYGJMTniOy0eBKAaqaZIyh%2FnKDn1%2Fy2o%2Bs%2FfBBgwbkjoXA%2Fw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 7e50963479e3a081-SIN
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
256 B 160ms
60ms Ping
text/plain 2404:6800:4017:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-7YMB3580ZZ&gtm=45je37a0&_p=561136314&_gaz=1&cid=12579241.1689073688&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689073687&sct=1&seg=0&dl=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&dt=How%20crypto-phishers%20steal%20crypto%20wallets%20-%20Manila%20Standard&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7YMB3580ZZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4017:805::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://manilastandard.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 12ms
4ms Ping
text/plain 2404:6800:4003:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7YMB3580ZZ&cid=12579241.1689073688&gtm=45je37a0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7YMB3580ZZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c00::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://manilastandard.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
408 B 165ms
65ms Image
image/gif 2404:6800:4017:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7YMB3580ZZ&cid=12579241.1689073688&gtm=45je37a0&aip=1&z=1423783146

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:804::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ 344 KB
118 KB 112ms
111ms Script
text/javascript 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7821547671837563

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52c96c26a60020129df5270c7684da43450cfc8a3caf4c0b54d2d3d82c857126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121053
x-xss-protection: 0
server: cafe
etag: 4567750199773362194
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:08:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230706/r20190131/ Frame 6CD1 10 KB
5 KB 128ms
32ms Document
text/html 2404:6800:4017:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230706/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7821547671837563

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:802::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 37653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 00:40:34 GMT
etag: 12368291122986407432
expires: Tue, 25 Jul 2023 00:40:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/ 391 KB
125 KB 35ms
34ms Script
text/javascript 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075835

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8187dcb05ebcfc94502aeec0524c23c7d22afbafe17aff1d39acc1d59a3a52db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 10:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1878
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127464
x-xss-protection: 0
server: cafe
etag: 4704578582152062329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 10 Jul 2024 10:36:49 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
379 B 156ms
89ms XHR
application/json 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=manilastandard.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f70fccf4e42cdd1bb1c710d1e21ab32efbb07e042ebb1fbc085456f9e1929b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 354
x-xss-protection: 0
expires: Tue, 11 Jul 2023 11:08:08 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 153ms
61ms Script
application/javascript 2404:6800:4017:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=manilastandard.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075835

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:804::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 64ms
4ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075835
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 08:24:40 GMT
content-encoding: gzip
age: 441808
x-guploader-uploadid: ADPycduK3DKma_6N4lBzHAJhp3cKkizFNAwm-qvIxOz0wzRseOYgNeEGz7MEYC_uScUgn0OVaIlHwttKYH4XyDT-wDTlfj2qSDA3
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Fri, 05 Jul 2024 08:24:40 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 20ms
10ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075835

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 29 Jun 2023 05:28:55 GMT
server: nginx
etag: W/"649d1697-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 12 Jul 2023 11:08:08 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
897 B 841ms
179ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075835

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Jul 2023 11:08:08 GMT
x-content-type-options: nosniff
content-encoding: br
age: 42494
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-sna10722-LGB
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 31ms
19ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075835

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: WRNY0CMZKDYYX4YZ
age: 2173
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e5096367c823d93-SIN
x-amz-id-2: WV5tmsII8SMSTlFJ1CkUTOObIUzAVCFlQSQyFHsRz7/oUw72duLHDfVitylulNofjUkYWmVqFiA=

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 60ms
14ms Script
text/javascript 54.192.150.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075835
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-110.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:50:04 GMT
content-encoding: gzip
via: 1.1 906c6b5e83bd44f62b7f603039ce6f30.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 40685
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 8Wn0_ypeaRTQGki9rKEeDqSCuxJ9jJy85fO-RA2mjIyvqPe2nmSNdQ==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 81ms
3ms Script
text/javascript 2600:9000:223b:fc00:a:e047:753:be1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075835
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:fc00:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
Date: Mon, 10 Jul 2023 21:26:27 GMT
Via: 1.1 a3cd9a6705f4dbb064ddd133a5134142.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN2-P2
Age: 49301
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: 1U5eSMb7b25Kgf45wTGwpNuEpTP9DHZJjpqI0UB1kysJ3wIB01aDEw==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
14 KB 437ms
437ms XHR
text/plain 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3655052158917218&correlator=1873051651984925&eid=31075835&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fifs&iu_parts=26029002%2CNew_MS_Website_Ad_Unit_Leaderboard%2CNew_MS_Website_Ad_Unit_In-Article&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C728x90%7C320x50&ifi=4&adks=2398787459%2C74028927&didk=1472079934~1833992368&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1689073688063&lmt=1689070881&dlt=1689073687419&idt=572&adxs=657%2C-9&adys=111%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&frm=20&vis=1&psz=728x90%7C0x-1&msz=728x90%7C0x-1&fws=0%2C2&ohw=0%2C0&ga_vid=12579241.1689073688&ga_sid=1689073688&ga_hid=561136314&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075835

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f888b7486eb50ffa7d2a63aece0ab443ca47e86ac37f5576985998750243de1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14579
x-xss-protection: 0
google-lineitem-id: -1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://manilastandard.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ea4623aa1fbc00427a66df067b84b892.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B369 6 KB
3 KB 161ms
63ms Document
text/html 2404:6800:4017:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ea4623aa1fbc00427a66df067b84b892.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075835

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:802::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 11:08:08 GMT
expires: Wed, 10 Jul 2024 11:08:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8A61 15 KB
6 KB 12ms
4ms Document
text/html 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=manilastandard.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 11:08:07 GMT
server: Kestrel
server-processing-duration-in-ticks: 234659
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
609 B 157ms
60ms Script
text/javascript 2404:6800:4017:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=manilastandard.net&callback=_gfp_s_&client=ca-pub-7821547671837563

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:805::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0998c67d7ab2394a2223299e4371481a4620fe997945c0c03f72ab716989a835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C3D1 435 KB
90 KB 481ms
480ms Document
text/html 2404:6800:4017:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7821547671837563&output=html&adk=1812271804&adf=3025194257&lmt=1689070881&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_r&format=0x0&url=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073687842&bpp=3&bdt=424&idt=252&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=330882364212&frm=20&pv=2&ga_vid=12579241.1689073688&ga_sid=1689073688&ga_hid=561136314&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C42532278%2C42532280%2C31075757%2C44788441%2C44792013&oid=2&pvsid=3655052158917218&tmod=1241611836&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=285

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:802::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed5014fe838baf69d45ecf4a0c69cba27cebb3302d27b352df29a05be3a9a650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 91929
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 11:08:08 GMT
expires: Tue, 11 Jul 2023 11:08:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
327 B 1027ms
342ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://manilastandard.net
date: Tue, 11 Jul 2023 11:08:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8A61
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=manilastandard.net&sn=ChromeSyncframe&so=0&topUrl=manilastandard.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=ED-nl3xNNllCWXlkVUdkZTN0aUNvV0VlUUozNllEcUhoTWU2elBRanhRNG1mL040NU43WnBTUnlHMmV3YnFKMHlzWGcwV1AyUW9yZlFZajFSSjBpUDVIWVcrTE9iK3B5ZkhLd3RCOHhhc3I4ZEVlaXRSaVp4aXplT04rb1...

489 B
684 B

21ms
7ms

Fetch
application/json

182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ED-nl3xNNllCWXlkVUdkZTN0aUNvV0VlUUozNllEcUhoTWU2elBRanhRNG1mL040NU43WnBTUnlHMmV3YnFKMHlzWGcwV1AyUW9yZlFZajFSSjBpUDVIWVcrTE9iK3B5ZkhLd3RCOHhhc3I4ZEVlaXRSaVp4aXplT04rb1FFS3VxUjVpS1kyWmVVbjY5SkRPWWo3Y1l6WWJzdi9RdGVMWjV4WXo5bmZBV01qNU9aYmFwUlJIQVhDVGtWNnpVNjUyYlpKdkgvNTU3bXJIZWJSMkVFVnVyaEc0NWUyWXZTM0hBMEdrOHoyUWV4L0krcGdOSmpRbEJhdlB6YS9hY2o5V3l1M1U1NnlrdUU5ZUhHK0x2U0h3T2l3Nm1oOGlPRkxiQk96cjRwMThiMnNrbW5rOD18&cppv=2

Requested by

Protocol

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

cbda2f722018b322d309f8392f0d2112a9b8b265c93705d3bc26cac47958727d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:07 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1167971
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ED-nl3xNNllCWXlkVUdkZTN0aUNvV0VlUUozNllEcUhoTWU2elBRanhRNG1mL040NU43WnBTUnlHMmV3YnFKMHlzWGcwV1AyUW9yZlFZajFSSjBpUDVIWVcrTE9iK3B5ZkhLd3RCOHhhc3I4ZEVlaXRSaVp4aXplT04rb1FFS3VxUjVpS1kyWmVVbjY5SkRPWWo3Y1l6WWJzdi9RdGVMWjV4WXo5bmZBV01qNU9aYmFwUlJIQVhDVGtWNnpVNjUyYlpKdkgvNTU3bXJIZWJSMkVFVnVyaEc0NWUyWXZTM0hBMEdrOHoyUWV4L0krcGdOSmpRbEJhdlB6YS9hY2o5V3l1M1U1NnlrdUU5ZUhHK0x2U0h3T2l3Nm1oOGlPRkxiQk96cjRwMThiMnNrbW5rOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 374693
content-length: 0
expires: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapa...
https://oajs.openx.net/esp?url=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapa...

85 B
193 B

209ms
208ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&rid=esp&cc=1
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 159cb86d8dbba60fdc7d88ec7dc8375a964e0d253a857fcb3a22bd51a4fa6f01

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:08 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-Y5XU9KHuqcVti3VXNR5eehFuiSs"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://manilastandard.net
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 11 Jul 2023 11:08:08 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://manilastandard.net
location: /esp?url=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
694 B 29ms
17ms XHR
application/json 54.179.25.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.179.25.195 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-179-25-195.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: fa0afe1a6ead5ceed27551b552622055c89ae430c86a1bdc30430fe891d50dcd

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://manilastandard.net
cache-control: no-cache
x-server: 10.42.7.239
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 158F 7 KB
4 KB 699ms
281ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default

Requested by

Host: thestandardph.disqus.com
URL: https://thestandardph.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

35ec5cdf7832d22366300f45f5b296d2c5a4ae7e507a0760d2c7a539c138c0fc

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Age: 0
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2820
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 11 Jul 2023 11:08:08 GMT
ETag: W/"lounge:view:9760734514.96a65d97782f31f9c0b7362ea3641655.2"
Last-Modified: Tue, 04 Jul 2023 08:37:30 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/taboola/ 27 KB
9 KB 625ms
261ms XHR
text/html 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=thestandardph&experiment=prebidbidisrequired&variant=active&service=dynamic&anchorColor=%231e79bc&colorScheme=light&sourceUrl=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html&disqus_version=current
Requested by: Host: thestandardph.disqus.com
URL: https://thestandardph.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 45f9524e2b8183b9f93df7cbc301ba05f03dd4047dc4482de3eced1f61af8ff2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 11 Jul 2023 11:08:08 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding,
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 9214

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 607ms
244ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=8d1d8as2dbov8l&experiment=prebidbidisrequired&variant=active&service=dynamic&area=top&product=embed&forum=thestandardph&zone=thread&version=3c00c65811f2cec80a8903c739975872&page_url=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Aprebidbidisrequired%3Aactive&section=default&verb=call&adjective=1&forum_id=3782542

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 11 Jul 2023 11:08:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012306202201000/ Frame 5DE3 222 KB
61 KB 28ms
4ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075835

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 07 Jul 2023 11:13:10 GMT
age: 345298
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61909
x-xss-protection: 0
server: sffe
etag: "f919e19544cf979d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 06 Jul 2024 11:13:10 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 5DE3 15 KB
5 KB 34ms
10ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075835

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 07 Jul 2023 11:05:27 GMT
age: 345761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "64cbd7fca0464c6f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 06 Jul 2024 11:05:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 5DE3 94 KB
28 KB 38ms
14ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075835

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 07 Jul 2023 11:18:13 GMT
age: 344995
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28896
x-xss-protection: 0
server: sffe
etag: "4dcd9a8c59f0d36a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 06 Jul 2024 11:18:13 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 5DE3 5 KB
2 KB 35ms
11ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075835

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 07 Jul 2023 11:10:36 GMT
age: 345452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "b82574a955fb50a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 06 Jul 2024 11:10:36 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 5DE3 40 KB
13 KB 36ms
13ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075835

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 07 Jul 2023 11:19:13 GMT
age: 344935
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "5e14f2792a869535"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 06 Jul 2024 11:19:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5DE3 14 KB
1 KB 8ms
8ms Stylesheet
text/css 2404:6800:4003:c0f::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075835

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jul 2023 11:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 09:09:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jul 2023 11:08:08 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5DE3 3 KB
3 KB 130ms
32ms Image
image/png 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en_bl.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 11:11:18 GMT
x-content-type-options: nosniff
server: cafe
age: 86210
etag: 3004170791804808702
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2980
x-xss-protection: 0
expires: Tue, 11 Jul 2023 11:11:18 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5DE3 344 B
449 B 131ms
33ms Image
image/png 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:13:07 GMT
x-content-type-options: nosniff
server: cafe
age: 32101
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 12 Jul 2023 02:13:07 GMT

GET
DATA 200
OK truncated
/ Frame 5DE3 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5DE3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cad3e00e1a59cc6975f8d7d3c8721145d60c19b9a70171a98bcf2a55a033b184

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5DE3 33 KB
33 KB 34ms
32ms Font
font/woff2 2404:6800:4017:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:803::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://manilastandard.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 19:40:41 GMT
x-content-type-options: nosniff
age: 574047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 19:40:41 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5DE3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

98ms
97ms

Image
text/html

2404:6800:4017:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Server: 2404:6800:4017:802::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date: Tue, 11 Jul 2023 11:08:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame F8E9 484 B
736 B 23ms
7ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: f5e7565bd65ff0c3ddf27671643876c70552ac2bf61553f6a8e9874c29eb2a37

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 309
content-type: text/html
date: Tue, 11 Jul 2023 11:08:08 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5DE3 0
0 73ms
72ms Image
text/html 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CGeroGDitZOmPCKDSmsMP24uRsA__huK3ca7mjdGZEa_T1ciVDhABIKDAjQNgvwWgAYT5lsYDyAEB4AIAqAMByAMKqgTFAk_QbcbrNfOC-XVrS2dXqvF91TpET3PzcEX0DxIDHdkLIyIDTjJjDmgo8mdfN2eBsei5wwi56g0_bhICpkm7qX9z-jUtd_i0fsTD8AtIOC0Ho8vOXq_xMPP4vaIpjroCbn6EUI1pyhGuNZKGIZspIDKA-OgSfNLaplzOFMPulfN4sb-hRzFPyljsAKySK05il9DmVvoEst0_rMTgCPGPqyExxyn_NgMwTT8xnduVWQrmh-DBBb_lfyd6sVeDEoQ6qQpeQ_EQu41XP4wOEoBkaoOZm0d-iVpRDOLeRJmHt2ZnrYD-M3klhQZ9-Teouh8vpO06QG3CwWius4h7giKf93VayNNNy4BcK9zt-fVbh-gkTmSmedTS9Hn70PdGow-wViGECRz6btUXqtYeT9vaPqCqy41XYyAhmazJQSY_cnojXtTrxIrABPvWxrurBOAEAZIFBAgEGAGSBQQIBRgEgAfkhuk5qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQhD7SCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKAcgLAaIMCCoGCgTDsLEC2BMN0BUBmBYBgBcBshceChwIABIUcHViLTc4MjE1NDc2NzE4Mzc1NjMY6vkR&sigh=R1XEt-V0IbU&uach_m=[]&cid=CAQSTABpAlJWCRM-IERoT1Tw0PS5RL6Mw5Jf05AZw3EtnNOao1sNFAnP-AkJpGiF4i1Xqu1J0IF6EwNBbm4Bn7x8l-qsk033xEeGylNbulYYAQ&cbvp=2
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F8E9
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=6caf5608-1459-7a44-e19f-5c0e04341d1d&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=6caf5608-1459-7a44-e19f-5c0e04341d1d&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=76a3488d-5910-4058-9367-cee18d91ab73&ttd_puid=6caf5608-1459-7a44-e19f-5c0e04341d1d&gdpr=0&gdpr_consent=

43 B
324 B

19ms
8ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=76a3488d-5910-4058-9367-cee18d91ab73&ttd_puid=6caf5608-1459-7a44-e19f-5c0e04341d1d&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:08 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:08 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=76a3488d-5910-4058-9367-cee18d91ab73&ttd_puid=6caf5608-1459-7a44-e19f-5c0e04341d1d&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame F8E9
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZK04GMCo5sEAAH20E6oAAAAA

43 B
106 B

10ms
6ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZK04GMCo5sEAAH20E6oAAAAA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:08 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Tue, 11 Jul 2023 11:08:08 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.231","key":"ZK04GMCo5sEAAH20E6oAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad364"}
X-SO-Key: ZK04GMCo5sEAAH20E6oAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad364
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZK04GMCo5sEAAH20E6oAAAAA
Cache-Control: private
X-SO-HostName: m-ad364.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 0
X-SO-LB-Hostname: a-tgng40003.dc2p.scaleout.jp
X-SO-IP: 103.254.153.231

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame F8E9
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZ9Rl8YsBA0Vks8AD7Il491fAc8AAAGJRKMjCg

43 B
61 B

8ms
7ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZ9Rl8YsBA0Vks8AD7Il491fAc8AAAGJRKMjCg
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:09 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:09 GMT
via: 1.1 186569055b3bce44b6aca4db41c494e8.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: PER50-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZ9Rl8YsBA0Vks8AD7Il491fAc8AAAGJRKMjCg
cache-control: no-cache
content-length: 0
x-amz-cf-id: knbO3NR8DWd6m-FDsF4bHRk9BTqdX7IcBdcPVxCpgcGrA_bbyeen9Q==
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame F8E9 170 B
409 B 163ms
64ms Image
image/png 142.251.220.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDBjMDg1YzItZGQyZS0yNGUwLWY0N2YtMDZiN2NlZDZkMzdk

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F8E9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDFj_978300nwt6WBq7wiHg&google_cver=1

43 B
106 B

10ms
8ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDFj_978300nwt6WBq7wiHg&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:08 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDFj_978300nwt6WBq7wiHg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C3D1 0
20 B 61ms
61ms Ping
image/gif 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20230706&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7821547671837563&output=html&adk=1812271804&adf=3025194257&lmt=1689070881&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_r&format=0x0&url=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689073687842&bpp=3&bdt=424&idt=252&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=330882364212&frm=20&pv=2&ga_vid=12579241.1689073688&ga_sid=1689073688&ga_hid=561136314&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C42532278%2C42532280%2C31075757%2C44788441%2C44792013&oid=2&pvsid=3655052158917218&tmod=1241611836&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=285

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ 154 KB
52 KB 80ms
80ms Script
text/javascript 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e13f289b75979ed6c3eaad910506e43dc36308caa1d486d2029e1ac3f778a0c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53439
x-xss-protection: 0
server: cafe
etag: 1548527450202876068
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:08:08 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 62ms
61ms Script
application/javascript 2404:6800:4017:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=manilastandard.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:804::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/ Frame C6F1 10 KB
4 KB 33ms
32ms Document
text/html 2404:6800:4017:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:802::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 63170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 17:35:18 GMT
etag: 12368291122986407432
expires: Mon, 24 Jul 2023 17:35:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/ Frame D30D 10 KB
4 KB 33ms
32ms Document
text/html 2404:6800:4017:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:802::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 63170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 17:35:18 GMT
etag: 12368291122986407432
expires: Mon, 24 Jul 2023 17:35:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/ Frame 7FA4 10 KB
4 KB 32ms
32ms Document
text/html 2404:6800:4017:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:802::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 63170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 17:35:18 GMT
etag: 12368291122986407432
expires: Mon, 24 Jul 2023 17:35:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame C6F1 4 KB
671 B 8ms
7ms Stylesheet
text/css 2404:6800:4003:c0f::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jul 2023 11:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 10:33:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jul 2023 11:08:08 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C6F1 205 B
522 B 171ms
73ms Image
image/png 2404:6800:4017:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:804::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 16:47:35 GMT
x-content-type-options: nosniff
age: 584434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 03 Jul 2024 16:47:35 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C6F1 604 B
696 B 172ms
74ms Image
image/png 2404:6800:4017:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:804::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 12:33:47 GMT
x-content-type-options: nosniff
age: 599662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 03 Jul 2024 12:33:47 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/elements/html/ Frame C6F1 20 KB
9 KB 34ms
33ms Script
text/javascript 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 10:59:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8599
x-xss-protection: 0
server: cafe
etag: 12796843930313450165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jul 2023 10:59:32 GMT

GET
H2 200 90cda0d4b2e9798013d5ae8e8588fe0b.js Show response
www.gstatic.com/mysidia/ Frame D30D 9 KB
4 KB 128ms
33ms Script
text/javascript 2404:6800:4017:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/90cda0d4b2e9798013d5ae8e8588fe0b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:804::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 03:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3972
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 22:47:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 08 Oct 2023 03:54:31 GMT

GET
H2 200 369d21e23798e41a4bd263e83a9ef671.js Show response
www.gstatic.com/mysidia/ Frame D30D 10 KB
4 KB 167ms
72ms Script
text/javascript 2404:6800:4017:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/369d21e23798e41a4bd263e83a9ef671.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:804::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffeca646555545c8fb0fb9fc1d08b6e9481509b0f0fb78b4243807ca076410c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4215
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 16:59:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 19:22:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D30D 14 KB
1 KB 9ms
7ms Stylesheet
text/css 2404:6800:4003:c0f::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jul 2023 11:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 10:40:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jul 2023 11:08:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame D30D 2 KB
945 B 39ms
36ms Script
text/javascript 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 20:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 20:38:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/ Frame D30D 23 KB
9 KB 40ms
37ms Script
text/javascript 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 20:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 20:38:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame D30D 3 KB
1 KB 45ms
42ms Script
text/javascript 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 20:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 20:38:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame D30D 20 KB
8 KB 34ms
31ms Script
text/javascript 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 20:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 20:38:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D30D 179 KB
56 KB 92ms
89ms Script
text/javascript 2404:6800:4017:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:802::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57331
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688990556196721"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:08:09 GMT

GET
H2 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame D30D 33 KB
14 KB 125ms
34ms Script
text/javascript 2404:6800:4017:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:804::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 05:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 22:47:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 05:31:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/ Frame 7FA4 23 KB
9 KB 53ms
46ms Script
text/javascript 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 20:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 20:38:58 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C156 143 B
166 B 35ms
32ms Document
text/html 2404:6800:4017:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:802::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 1691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 10:39:57 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame 7FA4 3 KB
1 KB 57ms
53ms Script
text/javascript 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 20:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 20:38:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame 7FA4 20 KB
8 KB 38ms
34ms Script
text/javascript 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 20:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 20:38:58 GMT

GET
H2 200 4646829492599687466
tpc.googlesyndication.com/simgad/ Frame 7FA4 35 KB
35 KB 66ms
63ms Image
image/png 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4646829492599687466?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn9F6iYf0UoTwm9cwOFu4s1IlNC-g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adce9367fc6d28d7e748532f79c0a66007fea4a9169e93f674fc55327cdb9918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 04:55:20 GMT
x-content-type-options: nosniff
age: 281568
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35621
x-xss-protection: 0
last-modified: Thu, 04 May 2023 15:02:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 04:55:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7FA4 179 KB
56 KB 126ms
123ms Script
text/javascript 2404:6800:4017:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:802::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57331
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688990556196721"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:08:09 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame 7FA4 33 KB
13 KB 56ms
54ms Script
text/javascript 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a85ef6aa5e0512bdd5835bb4d2f753215bc6422cd57260d32f64a0158f5c9454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 05:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13555
x-xss-protection: 0
server: cafe
etag: 16358423774743119658
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jul 2023 05:03:53 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-network/ Frame 70B8 801 KB
174 KB 704ms
322ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Requested by: Host: manilastandard.net
URL: https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99153ceee48d4f50a6313e8a839fff4f277de97fffa0846255f2667c3f5ae239

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: d_UDQ5wUuXmt_htDDl_8OMRa8TvE.Wu3
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Jul 2023 11:08:09 GMT
x-amz-request-id: ARQVDH4KSM3CMEPQ
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
fastly-restarts: 2
x-amz-id-2: ZRPwUcvSlt5Adp2zwz8Mxojbs9vV8ZQJz43XL/R+SgiPk+I5uSW1R3eSRi7lvONZ2an4MjG2tR0=
x-served-by: cache-bur-kbur8200024-BUR
content-length: 177329
last-modified: Mon, 10 Jul 2023 14:20:59 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689073689.437528,VS0,VE135
etag: "057118c6846d31933e697d2bd6dc79fc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 97
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 258

GET
H3 200 css
fonts.googleapis.com/ Frame 187F 6 KB
706 B 10ms
9ms Stylesheet
text/css 2404:6800:4003:c0f::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jul 2023 11:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 09:30:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jul 2023 11:08:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame 187F 2 KB
926 B 49ms
45ms Script
text/javascript 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 20:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 20:38:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/ Frame 187F 23 KB
9 KB 50ms
46ms Script
text/javascript 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 20:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 20:38:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame 187F 3 KB
1 KB 50ms
47ms Script
text/javascript 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 20:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 20:38:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame 187F 20 KB
8 KB 44ms
41ms Script
text/javascript 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 20:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 20:38:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 187F 179 KB
56 KB 101ms
98ms Script
text/javascript 2404:6800:4017:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:802::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57331
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688990556196721"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:08:09 GMT

GET
H2 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame 187F 33 KB
14 KB 100ms
60ms Script
text/javascript 2404:6800:4017:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:804::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 05:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 22:47:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 05:31:21 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C156
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

63ms
62ms

Document
text/html

2404:6800:4017:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:802::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 11:08:09 GMT
expires: Tue, 11 Jul 2023 11:08:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 11:08:09 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7FA4 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b52f068e4f0896a47cc1402f3417df031040d96324b64a163bb63cfc7d4fd08d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lounge.load.3c00c65811f2cec80a8903c739975872.js Show response
c.disquscdn.com/next/embed/ Frame 158F 1 KB
1 KB 389ms
124ms Script
application/javascript 2600:9000:2084:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.3c00c65811f2cec80a8903c739975872.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2084:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ae05b8f9cd0f5597f74764396a6e173dccbea0204340a1dc1ce1a5faf1277612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
Origin: https://disqus.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 10 Jul 2023 13:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0cddf9459715994ceee61b915d46e7e6.cloudfront.net (CloudFront)
x-amz-cf-pop: PER50-C1
age: 76798
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 624
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Mon, 10 Jul 2023 13:41:14 GMT
server: nginx
etag: "64ac0a7a-270"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: wXRpWEzFd0GdjTxaHtKbMzLUjtdsItdUMJE9JOETHXMjnw-3ITosyQ==
expires: Tue, 09 Jul 2024 13:48:11 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A601 143 B
166 B 32ms
31ms Document
text/html 2404:6800:4017:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:802::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 1692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 10:39:57 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7FA4 0
19 B 73ms
73ms Image
text/html 2404:6800:4017:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CplH0GDitZN-OC6mmjMwPspWYgAv_huK3ceuruoLFEa_T1ciVDhABIKDAjQNgaaABhPmWxgPIAQKoAwHIA8kEqgSOAk_Q4l7aBGz-MZIm8IjHbqDJUwMwFE8_SHnVveMBpdrMMctmHKWLjYQrzKRKGTOAkKv5Kp3TlyyL4Ys4rwAhXcOrbgXaKEh3-f_3fJyZhDs3LduJeDwzgQX5VLUS9Y88Lw3hq97KfZRAmT7JqkMtJhpquwUexOqoluMQGX_j4sjKAcXh04FqY8w6Kp4xpn2frLu0hZ6bKN_I7glXoKbkahS9Igdt_CKB5R6aYCDl2SjDQcQIJ7hnfJREoVODnqlGNy1BqDiau0p6PeKTDnPBncwWj69spd9LcJ2kJh1cEsLPXAAjBYqNH7rB9MAldSchvjXqxnWh2Ki2mCDIJJIaTcHkhfUZWvpRiSsR6ZiLTMAE-9bGu6sEkgUECAQYAZIFBAgFGASgBgKAB-SG6TmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCsiwPSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03ODIxNTQ3NjcxODM3NTYzGAA&sigh=ejbMw3HGavo&uach_m=[UACH]&cid=CAQSGwBpAlJWDSxqWzXEaGmc5cxHNQHzDs2OQSHokhgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:802::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Jul 2023 11:08:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 938C 37 KB
14 KB 34ms
33ms Script
text/javascript 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 03:22:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 114317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 03:22:52 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A601
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

90ms
89ms

Document
text/html

2404:6800:4017:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:802::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 11:08:09 GMT
expires: Tue, 11 Jul 2023 11:08:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 11:08:09 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 7082 37 KB
14 KB 34ms
32ms Script
text/javascript 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 03:22:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 114317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 03:22:52 GMT

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F4A 37 KB
14 KB 34ms
33ms Script
text/javascript 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 03:22:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 114317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 03:22:52 GMT

GET
H2 200 common.bundle.42272221620e218896f3973a3bb140e2.js Show response
c.disquscdn.com/next/embed/ Frame 158F 280 KB
93 KB 417ms
154ms Script
application/javascript 2600:9000:2084:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.3c00c65811f2cec80a8903c739975872.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2084:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d23fd6a13b657ba55789f4a8b098f72d86e253917a83af15a2e4e6ed23a9e5c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 16 Jun 2023 20:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 64abc7d7e287c3bb0e0b438a7c7db776.cloudfront.net (CloudFront)
x-amz-cf-pop: PER50-C1
age: 2126977
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94141
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 16 Jun 2023 20:12:30 GMT
server: nginx
etag: "648cc22e-16fbd"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: _UnQkwxU7KdgPfZ87JLmRL1PTDRvTKbbSAaWocOb1XzakfFWsIo0aA==
expires: Sat, 15 Jun 2024 20:18:31 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5DE3 42 B
64 B 66ms
65ms Image
image/gif 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9Apviu6B_1MZGe5f_Iq801klLOnQZXoKrj0-ihl0MTUZNrOGZgYSK7YewyPWYc3LomhCGfCO-_xo4sAMnLUewQgSRPHN1IJSgzUrA8WZyvFn0-ussBwN65f9R_yXBof5-0hU23A5lFQ&sai=AMfl-YQX5n58jLr3rSn0CpiQ9PlhelknZWcpdqbT5q6LGFIlCnCISo4VEjjnQ_f17ONUNwRcLau735v3W7tRjkmx3cy2SpRDnAlNvOjphtddSWTsMorK0ManAIixwyWNVSRICzqtwqUwlDXSEPbqIQ&sig=Cg0ArKJSzJRcP7-fdnEBEAE&cid=CAQSTABpAlJWCRM-IERoT1Tw0PS5RL6Mw5Jf05AZw3EtnNOao1sNFAnP-AkJpGiF4i1Xqu1J0IF6EwNBbm4Bn7x8l-qsk033xEeGylNbulYYAQ&id=ampim&o=657,111&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=147&tls=1147&g=100&h=100&tt=1147&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lounge.dbc47866f009f9d6f1556cd58214d9a3.css
c.disquscdn.com/next/embed/styles/ Frame 158F 233 KB
33 KB 146ms
146ms Stylesheet
text/css 2600:9000:2084:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2084:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 30 May 2023 18:54:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 64abc7d7e287c3bb0e0b438a7c7db776.cloudfront.net (CloudFront)
x-amz-cf-pop: PER50-C1
age: 3600842
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 33282
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 30 May 2023 18:28:53 GMT
server: nginx
etag: "64764065-8202"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: yzNfIH238yLov_8DoS5vx7blDzXTU8lEPgcFdHaO_fK-tomHOnXceA==
expires: Wed, 29 May 2024 18:54:07 GMT

GET
H2 200 lounge.bundle.9252e8c30002c02fb7a36ab614c3c6ee.js Show response
c.disquscdn.com/next/embed/ Frame 158F 513 KB
129 KB 162ms
162ms Script
application/javascript 2600:9000:2084:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.9252e8c30002c02fb7a36ab614c3c6ee.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2084:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

417412fab0fb1f36d3771b208b38a4342dcef4f9c2fdd9287d7bd7e51d63bd74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 10 Jul 2023 13:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 64abc7d7e287c3bb0e0b438a7c7db776.cloudfront.net (CloudFront)
x-amz-cf-pop: PER50-C1
age: 76798
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 130983
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Mon, 10 Jul 2023 13:41:15 GMT
server: nginx
etag: "64ac0a7b-1ffa7"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: A14BN6bTrqQC7QssZvfiyT4OY-g3QhPmpH8DMPnsAuH_kbmpMQK7yQ==
expires: Tue, 09 Jul 2024 13:48:11 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 158F 18 KB
19 KB 172ms
171ms Script
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

009f125d9969e0f3882a4132f2ef6f67ae95cf3f4c0ad88cfdfda9f33e49644a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 11 Jul 2023 11:08:10 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 46
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 18738
X-XSS-Protection: 1; mode=block

GET
H2 200 impl.20230709-18-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 70B8 785 KB
163 KB 187ms
186ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230709-18-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: cbc0d8932b192ccbbe736cd2cf378762886587a8cadb021aff9878f8d63313b9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: GfUhUHWvc.H1FIhq7Y5tVH31B7xiPPFP
content-encoding: br
via: 1.1 varnish
date: Tue, 11 Jul 2023 11:08:10 GMT
x-amz-request-id: 65K4MPCY7DNMW5RA
age: 19132
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 166290
x-amz-id-2: vuW8PVLagsBTLPsUJlOUropl8mNhXKXfC0qtz+R2sYEzqJikdcWry9sh1qV1/nvzal57WV0eTBs=
x-served-by: cache-bur-kbur8200024-BUR
last-modified: Sun, 09 Jul 2023 13:49:13 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689073690.270761,VS0,VE0
etag: "b24afcd5ae2e92f7ffa51d809c17b15a"
vary: Accept-Encoding
content-type: application/javascript
abp: 11
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 4318

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7FA4 42 B
64 B 66ms
66ms Fetch
image/gif 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvusWuvPLfL8YZnqcQT90RUabetFUkFAMa-ItQPi2CA6x-Y2CMNeD0ow50hCx6rhNyG-MQHwyfoH_khkVgOH5ub3mypivajPzWsQvbGbuf3mESBsx2bU1kRmuDmCzI94LKYyopcCZt4vg&sai=AMfl-YSC1Nt45xvpHitR2KnjrhXWHhCOGRUEVo-kH16DDgTG4PkSqob1nBV1t5LjH77ilRrPQu-3HyomqESo&sig=Cg0ArKJSzJ3BpSRnaRuDEAE&cid=CAQSGwBpAlJWDSxqWzXEaGmc5cxHNQHzDs2OQSHokhgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=98,775,1000,1059,1059&tos=98,677,225,59,0&v=20230710&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689073688859&rpt=314&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 158F 3 KB
4 KB 246ms
245ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=thestandardph&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

02da548af92a70dd132fb15ae5529ff83f7fd832cf3f7a45a4c8343cc3b1d44d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
X-Requested-With: XMLHttpRequest
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 11 Jul 2023 11:08:10 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 3193
X-XSS-Protection: 1; mode=block

GET
H3 200 css2
fonts.googleapis.com/ Frame 158F 11 KB
874 B 8ms
8ms Stylesheet
text/css 2404:6800:4003:c0f::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jul 2023 11:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 09:28:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jul 2023 11:08:10 GMT

GET
H/1.1 200
OK loadReactions Show response
disqus.com/api/3.0/threadReactions/ Frame 158F 1 KB
2 KB 447ms
253ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/threadReactions/loadReactions?thread=9760734514&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8955564991d0c68c27f319d073fb417247be127bde854a32c714c62a5cc71690

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
X-Requested-With: XMLHttpRequest
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 11 Jul 2023 11:08:10 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cache-Control: stale-while-revalidate=30, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 1351
X-XSS-Protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 158F 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 158F 13 KB
13 KB 135ms
135ms Image
image/svg+xml 2600:9000:2084:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2084:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 24 May 2023 00:07:52 GMT
via: 1.1 64abc7d7e287c3bb0e0b438a7c7db776.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PER50-C1
age: 4186818
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 19 May 2023 22:42:14 GMT
server: nginx
etag: "6467fb46-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: KHcFZJmazO5lybsu5Vc_AjMu4Wtk5LWkTQZW2HndApyyOGVUWVtC_Q==
expires: Thu, 23 May 2024 00:07:52 GMT

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 158F 3 KB
3 KB 135ms
135ms Image
image/gif 2600:9000:2084:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2084:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 05 Jun 2023 19:49:12 GMT
via: 1.1 64abc7d7e287c3bb0e0b438a7c7db776.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PER50-C1
age: 3079138
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 01 Jun 2023 09:36:56 GMT
server: nginx
etag: "647866b8-b9b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 2lTIrBVYR1IubuvfuBI7b_jcOn7-R1sRsrcx6JuenckW9IUXk-qkKw==
expires: Tue, 04 Jun 2024 19:49:12 GMT

GET
H2 200 email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
c.disquscdn.com/next/embed/assets/img/ Frame 158F 840 B
1 KB 133ms
133ms Image
image/svg+xml 2600:9000:2084:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2084:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 24 May 2023 00:07:52 GMT
via: 1.1 64abc7d7e287c3bb0e0b438a7c7db776.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PER50-C1
age: 4186818
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 840
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 19 May 2023 22:42:14 GMT
server: nginx
etag: "6467fb46-348"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: U-hLNdu6gbb0bZbXIpfoUwYdiAe--fwBdOJZ-6RVw_DSvhAzRZGxyQ==
expires: Thu, 23 May 2024 00:07:52 GMT

GET
H2 200 privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
c.disquscdn.com/next/embed/assets/img/ Frame 158F 891 B
1 KB 134ms
134ms Image
image/svg+xml 2600:9000:2084:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2084:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 29 Jun 2023 16:13:53 GMT
via: 1.1 64abc7d7e287c3bb0e0b438a7c7db776.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PER50-C1
age: 1018457
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 891
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Mon, 26 Jun 2023 18:15:04 GMT
server: nginx
etag: "6499d5a8-37b"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Ixc8zFTPg3vIo3HQWwO3u5CQgctCYpPCnYDOq9HiswWvGAqFsu35bg==
expires: Fri, 28 Jun 2024 16:13:53 GMT

GET
H2 200 warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
c.disquscdn.com/next/embed/assets/img/ Frame 158F 605 B
1 KB 136ms
136ms Image
image/svg+xml 2600:9000:2084:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2084:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 30 Jun 2023 00:08:43 GMT
via: 1.1 64abc7d7e287c3bb0e0b438a7c7db776.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PER50-C1
age: 989966
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 605
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 29 Jun 2023 17:31:12 GMT
server: nginx
etag: "649dbfe0-25d"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: GQKS4ZxQXDqcImgiXzFy7FKFIHl525-et6PdggXdb4kZix4kdy0wcg==
expires: Sat, 29 Jun 2024 00:08:43 GMT

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 158F 2 KB
2 KB 135ms
135ms Image
image/png 2600:9000:2084:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2084:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 29 May 2023 20:55:01 GMT
via: 1.1 64abc7d7e287c3bb0e0b438a7c7db776.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PER50-C1
age: 3679989
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 25 May 2023 14:18:26 GMT
server: nginx
etag: "646f6e32-6e3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Pxxe6lqmaZLbqieSYMZh2dDfDmId3_l7QglNJlmCRkvHNkTNapG39g==
expires: Tue, 28 May 2024 20:55:01 GMT

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 158F 8 KB
8 KB 133ms
132ms Font
application/octet-stream 2600:9000:2084:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2084:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Origin: https://disqus.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 05 Jun 2023 20:00:19 GMT
via: 1.1 0cddf9459715994ceee61b915d46e7e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PER50-C1
age: 3078471
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 01 Jun 2023 09:36:56 GMT
server: nginx
etag: "647866b8-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: mtTLa5EHHoyup0gisRSDKduqlnDnHqOKJXxmV6fUcQxM_zWRnSmiwQ==
expires: Tue, 04 Jun 2024 20:00:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 158F 15 KB
16 KB 41ms
40ms Font
font/woff2 2404:6800:4017:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:803::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:01:53 GMT
x-content-type-options: nosniff
age: 432377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 11:01:53 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 158F 15 KB
15 KB 49ms
49ms Font
font/woff2 2404:6800:4017:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:803::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 10:39:33 GMT
x-content-type-options: nosniff
age: 433717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 10:39:33 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 158F 17 KB
17 KB 32ms
32ms Font
font/woff2 2404:6800:4017:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:803::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:49:11 GMT
x-content-type-options: nosniff
age: 429539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 11:49:11 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 158F 16 KB
16 KB 60ms
60ms Font
font/woff2 2404:6800:4017:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:803::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 05:07:37 GMT
x-content-type-options: nosniff
age: 540033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jul 2024 05:07:37 GMT

GET
H3 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 158F 17 KB
17 KB 70ms
70ms Font
font/woff2 2404:6800:4017:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:803::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 10:23:31 GMT
x-content-type-options: nosniff
age: 89079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jul 2024 10:23:31 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame 70B8 73 B
314 B 5ms
4ms Script
text/javascript 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230709-18-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e225b87b0c526d17c34ac378c5f38d4e704ed042c82c460c8b0521a22b11a5e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1105223
expires: 60

GET
H2 200 json Show response
trc.taboola.com/disqus-thestandardph/trc/3/ Frame 70B8 56 KB
16 KB 705ms
700ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-thestandardph/trc/3/json?tim=11%3A08%3A10.611&lti=deflated&data=%7B%22id%22%3A326%2C%22ii%22%3A%22%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1688998848806%2C%22vi%22%3A1689073690608%2C%22cv%22%3A%2220230709-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r%22%2C%22vpi%22%3A%22%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1170%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A1170%2C%22dh%22%3A27%2C%22qs%22%3A%22%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r%22%2C%22nsid%22%3A%22disqus-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Ddisqus-network%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fmanilastandard.net%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22prebidbidisrequired%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22thestandardph%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22active%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fmanilastandard.net%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22prebidbidisrequired%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22thestandardph%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22active%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%2C%22amw%22%3A700%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230709-18-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 05f2884caa7dc429a87e2930236f7a30a34750723c0c3abd1c4a97f93093f86a

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 505
date: Tue, 11 Jul 2023 11:08:11 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 166666
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bur-kbur8200024-BUR
server: nginx
x-timer: S1689073691.707154,VS0,VE505
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://manilastandard.net
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 158F 3 KB
2 KB 21ms
4ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9081319f88452046a6e53e84f199761ef783983ba456f9362a2493e1278cb96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jul 2023 11:08:10 GMT
content-md5: 8q+FqVfbNDk0v0jDnVFmOw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-debug: 8jV72S+1ErRe+Gm6ZNHymzN8vUj5fnU/+AMzHVgFzB1J4Uj2xB/FidanguzULLZZvfYaYzllswKnAvOe2qhN8w==
x-fb-content-md5: 4a491e28d50cdb86357476ac741af682
cross-origin-opener-policy: same-origin-allow-popups
etag: "d246ed15d8cdcffd472fd52024d6d445"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:14:39 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ Frame 158F 18 KB
7 KB 158ms
65ms Script
text/javascript 2404:6800:4017:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:803::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26751c8bb34e5e0e830f8e57f8f3f843ba4e7f3951fffcd4626b027f2f82c7b8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jul 2023 11:08:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "8e6c4da0da74037f"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:08:10 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 78ms
77ms XHR
application/json 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075835

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbe3183f2153d77db47d962b3bfd36cb1e54694ec78ffc19425637a5146b434d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11774
x-xss-protection: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 158F 307 KB
87 KB 8ms
3ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=047cf1c9c3cc09b43f124ef925f2ab8c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

918b064a56a07a9515714c34770a190fd7b2ba88289814c6edcfc28c2461b91e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
Origin: https://disqus.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jul 2023 11:08:10 GMT
content-md5: fHv2G+GG0BEoXvE/gfBOdw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88740
x-fb-debug: MuRI1oGxhwXk8TzQyyIPCp1S7E9a8JDZf0VHr1zePhsChSR0uZ8Gi00flE9DKpoYA/DE5l5nHj0Emx4RdgXp4w==
x-fb-content-md5: b2480b9463657e31510dc53576ffe1c1
cross-origin-opener-policy: same-origin-allow-popups
etag: "a9852c4b808df7c330b54eeec40be335"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 10 Jul 2024 07:05:44 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ Frame 158F 0
0 210ms
193ms Fetch
text/plain 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fmanilastandard.net&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Dthestandardph%26t_u%3Dhttps%253A%252F%252Fmanilastandard.net%252Ftech%252F314346382%252Fhow-crypto-phishers-steal-crypto-wallets.html%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dapac_PRpost_ab0218%2526utm_content%253Dlink%2526utm_term%253Dapac_facebook_organic_218dddepibkx73r%26t_d%3DHow%2520crypto-phishers%2520steal%2520crypto%2520wallets%26t_t%3DHow%2520crypto-phishers%2520steal%2520crypto%2520wallets%26s_o%3Ddefault%23version%3D3c00c65811f2cec80a8903c739975872&sdk=joey&wants_cookie_data=false

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Tue, 11 Jul 2023 11:08:10 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
x-fb-debug: V0bO0XqoHv49suVC2jJ3x/98sFRctnAO+sml2hRC+D2tqo2gFbEv1ZfRt9Jz+0wWCaV7/EeA+cBofrjdpx/XAA==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://disqus.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 133ms
127ms Script
text/javascript 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075835

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 11:08:10 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.1M6Abj36o4k.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-zeey3uoF4TqYm45n6kb7E0TwpUQ/ Frame 158F 118 KB
40 KB 38ms
32ms Script
text/javascript 2404:6800:4017:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.1M6Abj36o4k.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-zeey3uoF4TqYm45n6kb7E0TwpUQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:803::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b112bc72ac7ba4479e43c603a4a0c60f5a1a9f3f215119c65d90ea11f0c3e787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40800
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jul 2024 20:27:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5C03 13 KB
5 KB 33ms
33ms Document
text/html 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 114319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 03:22:51 GMT
expires: Tue, 09 Jul 2024 03:22:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 18A4 783 B
533 B 63ms
63ms Document
text/html 2404:6800:4017:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:803::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5be96c62d1f3004c4d4fd00d8d9892ca74d41d720ab629a1e9864e28bb63fbe4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vK-kJWnt7pQfycamtLf-uQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-vK-kJWnt7pQfycamtLf-uQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 11:08:10 GMT
expires: Tue, 11 Jul 2023 11:08:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 9A40 283 B
1 KB 286ms
183ms Document
text/html 2404:6800:4017:805::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.1M6Abj36o4k.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-zeey3uoF4TqYm45n6kb7E0TwpUQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:805::200d , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0efb4ac8cbc76073c40311e7da442abac29db40f56ba9f8f1acd0d8d1119e87d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-QBsnUlHsSQfckQzezDEUJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-QBsnUlHsSQfckQzezDEUJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 11:08:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C03 37 KB
14 KB 33ms
33ms Script
text/javascript 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 03:22:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 114318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 03:22:52 GMT

GET
H2 200 upvote-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 158F 8 KB
9 KB 137ms
136ms Image
image/png 2600:9000:2084:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/upvote-512x512.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2084:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ddc6aec4144b67f0a2a12d687f3c4b8a9faf7c445847d0e25dcb5bd1a9ba9018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 11 Jul 2023 11:05:32 GMT
via: 1.1 64abc7d7e287c3bb0e0b438a7c7db776.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PER50-C1
age: 158
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 8170
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Mon, 10 Jul 2023 15:42:37 GMT
server: nginx
etag: "64ac26ed-1fea"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300, public
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: P4E4EyQY1rbExoPNVKXyoY-lf9wxNRXbyEA28dqmY-kwPdBRiXS8gA==
expires: Tue, 11 Jul 2023 11:10:32 GMT

GET
H2 200 funny-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 158F 9 KB
9 KB 138ms
137ms Image
image/png 2600:9000:2084:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/funny-512x512.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2084:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

20a91bd509668238b6af8e16475c5e2611bcd2861d0eec2e0d4f6815e81449bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 11 Jul 2023 11:07:34 GMT
via: 1.1 64abc7d7e287c3bb0e0b438a7c7db776.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PER50-C1
age: 62
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 8883
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Mon, 10 Jul 2023 15:42:37 GMT
server: nginx
etag: "64ac26ed-22b3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300, public
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 2zdDj6XQbIsRECMPnb0tEgQMgK96PzNptnnS-pDxglTWK8fjnxYd5w==
expires: Tue, 11 Jul 2023 11:12:09 GMT

GET
H2 200 love-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 158F 12 KB
12 KB 138ms
137ms Image
image/png 2600:9000:2084:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/love-512x512.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2084:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e422b07ca1550e55cd90a518e910fd3cfb4d9337ea6092357f9761aa77ac9e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 11 Jul 2023 11:08:00 GMT
via: 1.1 64abc7d7e287c3bb0e0b438a7c7db776.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PER50-C1
age: 15
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 11910
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Mon, 10 Jul 2023 15:42:37 GMT
server: nginx
etag: "64ac26ed-2e86"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300, public
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: b03Y9Tbs_oQgn2JHWRyQgy9vh8gG_sHP9uPxljunMQGJ-g8QpWgjaQ==
expires: Tue, 11 Jul 2023 11:12:56 GMT

GET
H2 200 surprised-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 158F 7 KB
8 KB 138ms
137ms Image
image/png 2600:9000:2084:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/surprised-512x512.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2084:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4e14ce1bd0d4433eee84cbb16196a7a051126f07af888ef7f9d252120f32f907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 11 Jul 2023 11:08:00 GMT
via: 1.1 64abc7d7e287c3bb0e0b438a7c7db776.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PER50-C1
age: 15
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7308
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Mon, 10 Jul 2023 15:42:37 GMT
server: nginx
etag: "64ac26ed-1c8c"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300, public
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: V1voNMLXBZRGcQRw5Rs5Sy684uWDfsQMV9bznhIvhIpEZsPxfm6L4w==
expires: Tue, 11 Jul 2023 11:12:56 GMT

GET
H2 200 angry-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 158F 20 KB
21 KB 138ms
137ms Image
image/png 2600:9000:2084:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/angry-512x512.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2084:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

db865c8f3642f3485829c0ee0008fe04a32cc66af70867b39f60395a7fed3984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 11 Jul 2023 11:06:24 GMT
via: 1.1 64abc7d7e287c3bb0e0b438a7c7db776.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PER50-C1
age: 143
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 20675
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Mon, 10 Jul 2023 15:42:37 GMT
server: nginx
etag: "64ac26ed-50c3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300, public
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 08sC-GlGDgm3EqRfJ77tVw6HMSKdWaxnRZXHOPN_Ymf3naei-4u2yg==
expires: Tue, 11 Jul 2023 11:10:48 GMT

GET
H2 200 sad-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 158F 9 KB
9 KB 137ms
137ms Image
image/png 2600:9000:2084:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/sad-512x512.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2084:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

11c401a81e32b086bea3798c033009907b429fb601411da6ffc266b78184898a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 11 Jul 2023 11:04:12 GMT
via: 1.1 64abc7d7e287c3bb0e0b438a7c7db776.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PER50-C1
age: 245
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 8986
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Mon, 10 Jul 2023 15:42:37 GMT
server: nginx
etag: "64ac26ed-231a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300, public
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Bn0390XArLbx2h95YjzQCj3Rxe40K9wt7Xlb7yIJlbGQ3pWtL4RZeg==
expires: Tue, 11 Jul 2023 11:09:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 18A4 0
0 62ms
62ms Image
text/html 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306290101&jk=3655052158917218&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5C03 0
10 B 32ms
31ms Image
text/plain 2404:6800:4017:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NYBcWw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4017:800::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.zh_CN.kfL0avQhmn0.es5.O/d=1/rs=AOaEmlGyQhRl49nb0jgQjoGxcR3pHp3x3Q/ Frame 9A40 103 KB
36 KB 33ms
32ms Script
text/javascript 2404:6800:4017:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.zh_CN.kfL0avQhmn0.es5.O/d=1/rs=AOaEmlGyQhRl49nb0jgQjoGxcR3pHp3x3Q/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:804::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1241d49d2e8af6ca0cc6489c640ee0fcfe24cbbeb5b6e7452361c750795df09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 08:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36194
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 02:40:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Jul 2024 08:14:51 GMT

POST
H2 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 9A40 2 KB
917 B 70ms
70ms Other
text/html 2404:6800:4017:805::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:805::200d , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2033a5bde77f79d3b830b0afd5d8737e654db778ca0ee56d5e0a927261255545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 9A40 49 B
374 B 34ms
33ms XHR
application/json 2404:6800:4017:805::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.zh_CN.kfL0avQhmn0.es5.O/d=1/rs=AOaEmlGyQhRl49nb0jgQjoGxcR3pHp3x3Q/m=base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:805::200d , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ixNqOUIWU27fyeAcfR1g1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-ixNqOUIWU27fyeAcfR1g1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
x-content-type-options: nosniff
date: Tue, 11 Jul 2023 10:25:18 GMT
content-encoding: gzip
age: 2573
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Origin
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 11 Jul 2023 11:25:18 GMT

GET
H/1.1 200
OK / Show response
glitter.services.disqus.com/urls/ Frame 158F 1 KB
1 KB 611ms
247ms Script
application/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=thestandardph&thread_id=9760734514&referer=&tc=

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.64 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

f5cf395888d15d8ef490feed69ad59e30626e3598ea946f5f2deccc3905257c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 11 Jul 2023 11:08:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
Server: openresty
X-Frame-Options: DENY
Vary: Accept-Encoding, Cookie
Content-Type: application/javascript
transfer-encoding: chunked
Cache-Control: no-cache
X-Service: glitter
Content-Disposition: attachment; filename=f.txt
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 158F 43 B
339 B 242ms
242ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=1243&event=init_embed&thread=9760734514&forum=thestandardph&forum_id=3782542&imp=8d1d8as2dbov8l&prev_imp&thread_slug=httpsmanilastandardnettech314346382how_crypto_phishers_steal_crypto_walletshtml&user_type=anon&referrer=&theme=next&dnt=0&tracking_enabled=1&experiment=prebidbidisrequired&variant=active&service=dynamic&promoted_enabled=true&max_enabled=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 11 Jul 2023 11:08:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.0.8/ Frame 70B8 121 KB
35 KB 188ms
187ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.0.8/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230709-18-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e98d1974691c07006329aa5a3f39fe78ffafae80fd4e364c09bc85b42a43d5eb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:11 GMT
via: 1.1 83ab40239b11e32cffeba9294e53c0fe.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LAX50-P1
age: 266372
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 34940
x-served-by: cache-bur-kbur8200024-BUR
last-modified: Sat, 08 Jul 2023 09:07:28 GMT
server: AmazonS3
x-timer: S1689073692.595435,VS0,VE0
etag: "0e218718a80b02c419e542f0b6c8740f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: XzQ8r6ELzsFR4hOCZDdquZSvi8U3d7uYP4QLBpQpzO4PqQ461nh83g==
x-cache-hits: 5967

GET
H2 200 userx.20230709-18-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 70B8 17 KB
6 KB 198ms
198ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230709-18-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c393ae264be2c895ae0a808f0b457afab85feb56de3915943b975b7017ba5226

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: pEtBvKYtWma_LxhaVVU6bFW..dWeWKER
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Jul 2023 11:08:11 GMT
x-amz-request-id: FA5KF0DR3QTBDQ4D
age: 83175
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5399
x-amz-id-2: 9auw5XGTnOdAqqzZQKzUgiLkiObX1NFhaweIxMW7eKzsPCO3cN6J9P/yQbcRtKkARxJXsIT4W88=
x-served-by: cache-bur-kbur8200024-BUR
last-modified: Mon, 10 Jul 2023 12:01:55 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689073692.595362,VS0,VE0
etag: "fefc6ba969edcc6f65f74b9c007fc9b9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 10
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 8123

GET
H2 204 abtests
sg-trc-events.taboola.com/disqus-thestandardph/log/3/ Frame 70B8 0
363 B 17ms
4ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/disqus-thestandardph/log/3/abtests?route=HK:SG:V&lti=deflated&ri=5f39bea9857edcd8152540b910366b76&sd=v2_146ca5c01fc1b7620f476edf133196ee_8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a_1689073690_1689073690_CNawjgYQ295FGPDPjKWUMSABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaID5nOTn69f49gFwAQ&ui=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a&pi=/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html&wi=-7644030077486220903&pt=text&vi=1689073690608&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1689073691491%7D&tim=11%3A08%3A11.491&id=5995&llvl=2&cv=20230709-18-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 11 Jul 2023 11:08:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 225ac8178e01d02c9544635181d11e27.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 70B8 15 KB
16 KB 215ms
215ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 786ba42fe37c22ff6786070c5c37bf1782f29e826cb4ce4a7267a6b1a1c90f96

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 11 Jul 2023 11:08:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
age: 2720952
edge-cache-tag: 602328860012357606151299032710582386322,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 602328860012357606151299032710582386322,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 61
expiration: expiry-date="Thu, 06 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.cbssports.com/
content-length: 15310
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100082-IAD, cache-iad-kiad7000104-IAD, cache-sna10726-LGB, cache-iad-kcgs7200071-IAD, cache-bur-kbur8200024-BUR
last-modified: Mon, 05 Jun 2023 05:10:31 GMT
server: nginx
x-timer: S1689073692.606031,VS0,VE1
etag: "997f80376daef625368578246513047e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 2135, 1

GET
H2 200 3c341345ba5875d5f222bc750fcf7ac5.jpeg
images.taboola.com/taboola/image/fetch/h_350,w_420,c_fill,g_xy_center,x_1012,y_848/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 70B8 31 KB
32 KB 212ms
212ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_350,w_420,c_fill,g_xy_center,x_1012,y_848/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3c341345ba5875d5f222bc750fcf7ac5.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 76d84718b6dc9d6ee2ff92b1cc74ebf5dbaf03964d17644a6fa559d67e459e4d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 11 Jul 2023 11:08:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_350,w_420,c_fill,g_xy_center,x_1012,y_848/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3c341345ba5875d5f222bc750fcf7ac5.jpeg
age: 1214600
edge-cache-tag: 322768405000567082953050292928772991192,365657343191364798085364012609441573418,29ecf9b93bbf306179626feeda1fab70
cache-tag: 322768405000567082953050292928772991192,365657343191364798085364012609441573418,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 680
req-referer: https://weather.com/
content-length: 32120
x-request-id: 8e1136044434eb422c32784df3dc9d01
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100145-IAD, cache-iad-kjyo7100123-IAD, cache-sna10732-LGB, cache-iad-kiad7000159-IAD, cache-bur-kbur8200024-BUR
last-modified: Tue, 27 Jun 2023 08:47:01 GMT
server: nginx
x-timer: S1689073692.609934,VS0,VE1
etag: "e1be068020c4df7a23357b4aa9645037"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 a951617639ddc6fcb14aab27baa723c6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 70B8 8 KB
8 KB 246ms
246ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a951617639ddc6fcb14aab27baa723c6.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dc050af21f6b85119f68ad7b7938f52ad1dc24fe4a30830f7ded6a92a7a5abe9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 11 Jul 2023 11:08:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a951617639ddc6fcb14aab27baa723c6.jpg
age: 1979683
edge-cache-tag: 385129906159746016674694171421741351400,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 385129906159746016674694171421741351400,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 322
req-referer: https://f1i.com/
content-length: 7882
x-request-id: d56dc9022c7b90d2f254f819ed22c8d5
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100034-IAD, cache-iad-kcgs7200043-IAD, cache-chi-kigq8000045-CHI, cache-iad-kcgs7200070-IAD, cache-bur-kbur8200024-BUR
last-modified: Wed, 24 May 2023 23:02:56 GMT
server: nginx
x-timer: S1689073692.611867,VS0,VE1
etag: "001538b98df64b72d33ac2423a5e1034"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 15, 1

GET
H2 200 8d808214e030fb1f6a741cdf8967304d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 70B8 10 KB
11 KB 238ms
238ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d808214e030fb1f6a741cdf8967304d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ada0f7945a338645894de9cb0295f6f9031e87eb957eb0c2f25f773c1848bfe8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 11 Jul 2023 11:08:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d808214e030fb1f6a741cdf8967304d.jpg
age: 1025182
edge-cache-tag: 544354803313057506544165845588380399705,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 544354803313057506544165845588380399705,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 216
expiration: expiry-date="Sat, 22 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://worldisraelnews.com/
content-length: 10014
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000088-IAD, cache-iad-kjyo7100090-IAD, cache-chi-klot8100132-CHI, cache-iad-kcgs7200030-IAD, cache-bur-kbur8200024-BUR
last-modified: Wed, 21 Jun 2023 13:57:05 GMT
server: nginx
x-timer: S1689073692.612128,VS0,VE1
etag: "fae80a6cf18cdfe923af7a1be0fe487e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 25, 1

GET
H2 200 8460001de32f50d315736644a5e25d29.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 70B8 13 KB
13 KB 255ms
255ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8460001de32f50d315736644a5e25d29.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b75d2577cd88096501b503e07a4e30813204e28dad2a968693ccb05f7c2231b9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 11 Jul 2023 11:08:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8460001de32f50d315736644a5e25d29.png
age: 1603505
edge-cache-tag: 496901813420037405248542302275761375555,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 496901813420037405248542302275761375555,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 83
req-referer: https://fr.allfont.net/
content-length: 12826
x-request-id: 3ebb69ae83555a3ab24a00b310ee9940
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000117-IAD, cache-iad-kiad7000154-IAD, cache-chi-klot8100154-CHI, cache-iad-kjyo7100040-IAD, cache-bur-kbur8200024-BUR
last-modified: Mon, 05 Jun 2023 21:08:04 GMT
server: nginx
x-timer: S1689073692.612405,VS0,VE1
etag: "ac4e52a748b077c5018e8598d5aa25b1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 2, 1

GET
H2 200 intro-1536679039.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thelist.com/img/gallery/how-marriages-have-changed-over-the-last-100-years/ Frame 70B8 8 KB
8 KB 259ms
258ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thelist.com/img/gallery/how-marriages-have-changed-over-the-last-100-years/intro-1536679039.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dc94cdb615afa42fd7a8eb13d13a54841e9f722da84de4719a635ec9cf007cdd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 11 Jul 2023 11:08:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thelist.com/img/gallery/how-marriages-have-changed-over-the-last-100-years/intro-1536679039.jpg
age: 2225632
edge-cache-tag: 368454373783163995483841688545385623733,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 368454373783163995483841688545385623733,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 207
expiration: expiry-date="Fri, 30 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length: 7694
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000141-IAD, cache-iad-kiad7000139-IAD, cache-lga21939-LGA, cache-iad-kjyo7100168-IAD, cache-bur-kbur8200024-BUR
last-modified: Tue, 30 May 2023 09:14:15 GMT
server: nginx
x-timer: S1689073692.613627,VS0,VE1
etag: "37216e344edc42dcee35918fcc7d274b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 380, 1

GET
H2 206 fvd1fqse8az2zutj8sqi.mp4
cdn.taboola.com/libtrc/static/video/v1681415807/ Frame 70B8 1 MB
1 MB 259ms
259ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1681415807/fvd1fqse8az2zutj8sqi.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28bb10ad395d322e68196f832c6bd13db2a751fefa28639ebf2b356327ffd937

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: 4NgP.hUqbgVSirIscmv_hB.E9jJeusbX
date: Tue, 11 Jul 2023 11:08:11 GMT
via: 1.1 varnish
x-amz-request-id: XNK27EVZ5ESBXG88
age: 156
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-1133441/1133442
x-amz-replication-status: COMPLETED
Content-Length: 1133442
x-amz-id-2: NcGqoV1CIi4fI1zihHFBhX9jURRHZQf/fFJl1k9tKhamVw0HQy9r+P0hgmxUA/7CgZlwVUWTfrw=
x-served-by: cache-bur-kbur8200024-BUR
last-modified: Thu, 13 Apr 2023 19:56:56 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689073692.613920,VS0,VE1
etag: "5cdc25693b01a36bfabe5203c9f55c70"
content-type: video/mp4;codecs=avc1
abp: 44
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 64ms
64ms Image
text/html 2404:6800:4017:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306290101&jk=3655052158917218&bg=!LyylLHjNAAb90kgr3dI7ADkAdvg8Wj5xLnPXfaDUDpztsWY8qHppBOHdXMKOFHuFJXHVIKPUkVRkhZW4ACrPxnhFaQt5hQx1Y6ECAAAASVIAAAAGaAEHCgCsv47fsDh2THLX6rEO4Rg2kvlEM82ybK-9RjgmAlgxnrcadQuGzipOZL5GoJK-x9gIZTpQ7jZtQeT9tGB6efh5dxnDX86cHiqHtdzxAkHVWYj3N3teMkUgJ60UVZSfKz2Fk3PaGLnkXmVgSaYosUB4nsh3npvjuKm9D3Qm_NIanhpYdWsB3D6adBFVIgvz1lk9g4bRj2g5c6vdSfGRdHjdQK8aus1gB9Rrqc5we5kCrt-J7ql5uOpjg_0IIG6FXgpDWuzYuPZnvpvSDfFUAvrUcHm-UWLFlx6Rg-GjHYlAo6maDWqOmpEZ8bcLPCZ6J0ImjdHxfoIpFFpYfsUvaja0nVed83D1Y9N2rq24WFz4RgUmphdHNZrJ_hJM0rD1LI_iKfpHpY531SuO08RtyfhVDh8-PKE9ssJHdgzeZo2I91Ug4ak9mDGGSb7YOH9BHUjkJEMCZWe76SGV69mgXXuKsamoYLiu_icx_n5IGlAaTy_z98s6uHsIEOafLD1PohDxb2G7w3awc92vim59spx2F2BWANwejLLKAct79wByDlkSecTBjRtXVfRYLGfDzxI5zY3_UdG4O9vs8b1D3VPKdp4kFrX-Tfj3VwycHmqAehGosWcgNUoc-b0cqNg9FPQHkGToMcs7LyO4VeMX-a1NgD1qEwNR-5IUicyyDeYtfosorxjwmYE-yoRMYxIatV22rEbPR2kDiyHb1GaNuVA8BqxXyKHgr5yknQ5gIn3ymY5wiOWasN_3X3UKbbHutnSiOibQCDBYW3m3BBCGoZRFNMhEa_mcONhs5WrFHKmO1umvw93hsV4kGSnug9GtUGArNxjFTa5JDzfB0MFKLrUZdNRJ1YIHL6Dug3c5gios0jfnvPEw0J1LXgxklIicu2gXZBpXbFqjEglQAfFciLKYxU9dg8HSvYS9lMUEM6Ob6f-eUw5gN5pjIQiDVFvejrFKISmBj_DzTeoe3JMRNMPPWqIVvdokf1ciU3tu2BfpSKqOtioUXUjgr9oeekaYl0E9NH6PR2VCCP3LInad-UYsKPzSI6bZoCaHK8AWWYEIJA_EB4pgf2P3EGBJufCFeL3c9KO99ynG5EsFZ6c5cVbkVfToFuLMcNYTNbBHR3XVZUMSocVsgOijc3rxF6Cu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4017:800::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 786ba42fe37c22ff6786070c5c37bf1782f29e826cb4ce4a7267a6b1a1c90f96

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 11 Jul 2023 11:08:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
age: 2720952
edge-cache-tag: 602328860012357606151299032710582386322,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 602328860012357606151299032710582386322,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 61
expiration: expiry-date="Thu, 06 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.cbssports.com/
content-length: 15310
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100082-IAD, cache-iad-kiad7000104-IAD, cache-sna10726-LGB, cache-iad-kcgs7200071-IAD, cache-bur-kbur8200024-BUR
last-modified: Mon, 05 Jun 2023 05:10:31 GMT
server: nginx
x-timer: S1689073692.831759,VS0,VE0
etag: "997f80376daef625368578246513047e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 2135, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_350,w_420,c_fill,g_xy_center,x_1012,y_848/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3c341345ba5875d5f222bc750fcf7ac5.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 76d84718b6dc9d6ee2ff92b1cc74ebf5dbaf03964d17644a6fa559d67e459e4d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 11 Jul 2023 11:08:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_350,w_420,c_fill,g_xy_center,x_1012,y_848/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3c341345ba5875d5f222bc750fcf7ac5.jpeg
age: 1214600
edge-cache-tag: 322768405000567082953050292928772991192,365657343191364798085364012609441573418,29ecf9b93bbf306179626feeda1fab70
cache-tag: 322768405000567082953050292928772991192,365657343191364798085364012609441573418,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 680
req-referer: https://weather.com/
content-length: 32120
x-request-id: 8e1136044434eb422c32784df3dc9d01
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100145-IAD, cache-iad-kjyo7100123-IAD, cache-sna10732-LGB, cache-iad-kiad7000159-IAD, cache-bur-kbur8200024-BUR
last-modified: Tue, 27 Jun 2023 08:47:01 GMT
server: nginx
x-timer: S1689073692.848257,VS0,VE0
etag: "e1be068020c4df7a23357b4aa9645037"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

GET
H2 200 a951617639ddc6fcb14aab27baa723c6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 70B8 8 KB
9 KB 397ms
397ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a951617639ddc6fcb14aab27baa723c6.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dc050af21f6b85119f68ad7b7938f52ad1dc24fe4a30830f7ded6a92a7a5abe9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 11 Jul 2023 11:08:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a951617639ddc6fcb14aab27baa723c6.jpg
age: 1979683
edge-cache-tag: 385129906159746016674694171421741351400,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 385129906159746016674694171421741351400,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 322
req-referer: https://f1i.com/
content-length: 7882
x-request-id: d56dc9022c7b90d2f254f819ed22c8d5
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100034-IAD, cache-iad-kcgs7200043-IAD, cache-chi-kigq8000045-CHI, cache-iad-kcgs7200070-IAD, cache-bur-kbur8200024-BUR
last-modified: Wed, 24 May 2023 23:02:56 GMT
server: nginx
x-timer: S1689073692.864899,VS0,VE0
etag: "001538b98df64b72d33ac2423a5e1034"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 15, 2

GET
H2 200 8d808214e030fb1f6a741cdf8967304d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 70B8 10 KB
10 KB 397ms
397ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d808214e030fb1f6a741cdf8967304d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ada0f7945a338645894de9cb0295f6f9031e87eb957eb0c2f25f773c1848bfe8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 11 Jul 2023 11:08:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d808214e030fb1f6a741cdf8967304d.jpg
age: 1025182
edge-cache-tag: 544354803313057506544165845588380399705,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 544354803313057506544165845588380399705,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 216
expiration: expiry-date="Sat, 22 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://worldisraelnews.com/
content-length: 10014
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000088-IAD, cache-iad-kjyo7100090-IAD, cache-chi-klot8100132-CHI, cache-iad-kcgs7200030-IAD, cache-bur-kbur8200024-BUR
last-modified: Wed, 21 Jun 2023 13:57:05 GMT
server: nginx
x-timer: S1689073692.865042,VS0,VE0
etag: "fae80a6cf18cdfe923af7a1be0fe487e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 25, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8460001de32f50d315736644a5e25d29.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b75d2577cd88096501b503e07a4e30813204e28dad2a968693ccb05f7c2231b9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 11 Jul 2023 11:08:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8460001de32f50d315736644a5e25d29.png
age: 1603505
edge-cache-tag: 496901813420037405248542302275761375555,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 496901813420037405248542302275761375555,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 83
req-referer: https://fr.allfont.net/
content-length: 12826
x-request-id: 3ebb69ae83555a3ab24a00b310ee9940
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000117-IAD, cache-iad-kiad7000154-IAD, cache-chi-klot8100154-CHI, cache-iad-kjyo7100040-IAD, cache-bur-kbur8200024-BUR
last-modified: Mon, 05 Jun 2023 21:08:04 GMT
server: nginx
x-timer: S1689073692.881637,VS0,VE0
etag: "ac4e52a748b077c5018e8598d5aa25b1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 2, 2

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 243ms
243ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=8d1d8as2dbov8l&experiment=prebidbidisrequired&variant=active&service=dynamic&area=top&product=embed&forum=thestandardph&zone=thread&version=3c00c65811f2cec80a8903c739975872&page_url=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Aprebidbidisrequired%3Aactive&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=3782542

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 11 Jul 2023 11:08:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 pixel.html Show response
live.rezync.com/ Frame DC28 743 B
1 KB 655ms
459ms Document
text/html 13.32.127.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c8cvin272rsqtdt&pctry=SG&referrer=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&cache_buster=0.858785502315
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.127.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-127-93.per50.r.cloudfront.net
Software: lighttpd/1.4.59 /
Resource Hash: 8185ba013316af651152338bf554fb729d3f1d86a3cdb8545dfe98d664863eda

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-length: 743
content-type: text/html; charset=utf-8
date: Tue, 11 Jul 2023 11:08:12 GMT
server: lighttpd/1.4.59
vary: Cookie
via: 1.1 dcf07d246a661b6ec5620b4c9147d312.cloudfront.net (CloudFront)
x-amz-cf-id: ha3EpS3wAf2lRBqFCeBgUd4EPPI5yrXU7SJBh_ZT-ONDrq5YmMbLSQ==
x-amz-cf-pop: PER50-C1
x-cache: Miss from cloudfront

GET
H2 451 sync Show response
pippio.com/api/ Frame 7DDA 0
98 B 228ms
216ms Document
text/plain 107.178.254.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pippio.com/api/sync?pid=1391&ref=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&it=1&iv=c8cvin272rsqtdt
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 11 Jul 2023 11:08:12 GMT
via: 1.1 google

GET
H/1.1

204
No Content

/
io.narrative.io/ Frame 158F
Redirect Chain

https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D0%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac8cvin272rsqtdt
https://io.narrative.io/?companyId=19&gdpr=0&gdpr_consent=&id=disqus_id:c8cvin272rsqtdt&gdpr_consent=&puid=39dae610-1fdb-11ee-b54c-d742d1f076ec

0
247 B

6ms
5ms

Image
text/plain

18.136.175.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?companyId=19&gdpr=0&gdpr_consent=&id=disqus_id:c8cvin272rsqtdt&gdpr_consent=&puid=39dae610-1fdb-11ee-b54c-d742d1f076ec
Protocol: HTTP/1.1
Server: 18.136.175.78 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-175-78.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 11 Jul 2023 11:08:12 GMT
Cache-Control: no-cache
Server: nginx/1.22.1
Connection: keep-alive

Redirect headers

location: https://io.narrative.io/?companyId=19&gdpr=0&gdpr_consent=&id=disqus_id:c8cvin272rsqtdt&gdpr_consent=&puid=39dae610-1fdb-11ee-b54c-d742d1f076ec
date: Tue, 11 Jul 2023 11:08:12 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1

200
OK

/
io.narrative.io/ Frame 158F
Redirect Chain

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac8cvin272rsqtdt&ret=img&ref=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Df...
https://io.narrative.io/?io.narrative.guid.v2=3994b550-1fdb-11ee-9c84-0a2d04f6ac5a&companyId=19&id=disqus_id%3Ac8cvin272rsqtdt&ret=img&ref=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-...

35 B
319 B

4ms
4ms

Image
image/gif

18.136.175.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?io.narrative.guid.v2=3994b550-1fdb-11ee-9c84-0a2d04f6ac5a&companyId=19&id=disqus_id%3Ac8cvin272rsqtdt&ret=img&ref=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r
Protocol: HTTP/1.1
Server: 18.136.175.78 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-175-78.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thestandardph&t_u=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&t_d=How%20crypto-phishers%20steal%20crypto%20wallets&t_t=How%20crypto-phishers%20steal%20crypto%20wallets&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 11 Jul 2023 11:08:11 GMT
Cache-Control: no-cache
Server: nginx/1.22.1
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Location: https://io.narrative.io/?io.narrative.guid.v2=3994b550-1fdb-11ee-9c84-0a2d04f6ac5a&companyId=19&id=disqus_id%3Ac8cvin272rsqtdt&ret=img&ref=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r
Date: Tue, 11 Jul 2023 11:08:11 GMT
Server: nginx/1.22.1
Connection: keep-alive
Content-Length: 0

GET
H2 200 st Show response
imprsgmp.taboola.com/ Frame A626 517 B
374 B 531ms
528ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8C68CLAaEfsfjOLQBvxEI_Y7HcWgDfisAAABgYED8AMkYZo7JYuVya1zO1Vo0Mm3WEtdyuFYMZi7fwrZajUwOIyAZw8wxWaxcbo3LuVqLRqbNWuJaDteKwczlW9hWq5HJ4QZraDodPte9Xu2wO80Oz-lhNzksJ7vcZfqLXh6jX7MYbUazzXCyF_p9b43leTj93YKj03N0WT5vzenlMLs1lufh9HfrHmazy_S5C01vs391evs7f9fl43LPHB6Xxe_32gEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AwBwS5mn3OQx_y8sfAAAAAEAAAAAAkAAYcGsqAWCRWXri_________z_GAH3mjYz_____Gww9AB58ADwIAQAAeBiCm65skQuj1Uek4KQIIwAAAABn_pnnRybpBBWLKv____1WAK4AAAQkEo2m_GXRHZR4CwMAADAwZoEeFr_f7LBr_G6X-f________8383_mH83PqStFGqFnVHs1v4AAAGt-AQEA2KgbAIA3AXCCTgCsTkDMDgAAAMCd____fz0gMZptHK6NYTHzOCa-2WQwM-1mK5PNsdkslrOVy3vYYeTMMRYI8PxM2GK0mkw2y-FsuZgMhqPhaLQ_A7EYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYLBjWlhMeyWa8lutlmLdiOPWzlaGdeylc05WlgszsVutBa9PqaLwzYxORdeJBjgtRfJ0yKdqGae5cTlcA5Xu5XJYzIuVpPVaDBxLgab2Wzim03EEs3JIp3ILvvGaLZxuDaGxczjmPhmk8HMtJutTDbHZrNYzlYuf3FjWlgMu-Vasptt1qLdyONWjlbGtWxlc44WFotzsRutRa-P6eKwTUzOhb8xGy4Hu81sOdg3ZsPlYLeZLQf7Dp3hu_qcjcpyNeMRSoSql9dqcxoULoPF-z1YpNFpZ2f0uQwXi2ps2jkmVqHf7_f7_X6_3-_3bswGj8FgOEmsuZ9Uty1npuXOxnswKmKJ4CKdiJyex-vzFh1dntPDbnJYToajRSxRmi7SiV708hj9msVoM5pthpO90O97ayzPw-nvFhydnqPL8nlrTi-H2a2xPA-nv1v3MJtdps9daHqbLWKJ4HSRTkQv4-mi_qOHGGzmktVorlht5pLNYpUAAAAAAAAAACzBJNNNAAAAAJwMZDIajlbrdBCj4WIxWS0XQMTbli5gEAAAAAAAgGKNPUZBTs_j9XmLji7P6WE3OSwnw9HKAB6cFplt9hlBrNVqWQMAABDABgAAEMBNN94EYDFx_____-MAAADIyKEHAAAgvg8AAAAAAAAAgF9BDIbDyf4BqBBrtVrdbqzVagE!&cmcv=&pix=undefined&cb=1689073691984&uv=3300&tms=1689073691984&abt=nonrv_vA!ntvc_vB!tbt_unit!ufm&ru=https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=c0f121ee-ce95-4d43-b598-10fe7a655dda&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e4bd594de99b4aa8ec06290b0aa857e6b359fdc2b47a212418d70fb4072b4bab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Tue, 11 Jul 2023 11:08:12 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-bur-kbur8200024-BUR
x-timer: S1689073692.080316,VS0,VE341

GET
H2 200 st
sg-vid-events.taboola.com/ Frame 70B8 0
43 B 580ms
578ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8C68CLAaEfsfjOLQBvxEI_Y7HcWgDfisAAABgYED8AMkYZo7JYuVya1zO1Vo0Mm3WEtdyuFYMZi7fwrZajUwOIyAZw8wxWaxcbo3LuVqLRqbNWuJaDteKwczlW9hWq5HJ4QZraDodPte9Xu2wO80Oz-lhNzksJ7vcZfqLXh6jX7MYbUazzXCyF_p9b43leTj93YKj03N0WT5vzenlMLs1lufh9HfrHmazy_S5C01vs391evs7f9fl43LPHB6Xxe_32gEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AwBwS5mn3OQx_y8sfAAAAAEAAAAAAkAAYcGsqAWCRWXri_________z_GAH3mjYz_____Gww9AB58ADwIAQAAeBiCm65skQuj1Uek4KQIIwAAAABn_pnnRybpBBWLKv____1WAK4AAAQkEo2m_GXRHZR4CwMAADAwZoEeFr_f7LBr_G6X-f________8383_mH83PqStFGqFnVHs1v4AAAGt-AQEA2KgbAIA3AXCCTgCsTkDMDgAAAMCd____fz0gMZptHK6NYTHzOCa-2WQwM-1mK5PNsdkslrOVy3vYYeTMMRYI8PxM2GK0mkw2y-FsuZgMhqPhaLQ_A7EYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYLBjWlhMeyWa8lutlmLdiOPWzlaGdeylc05WlgszsVutBa9PqaLwzYxORdeJBjgtRfJ0yKdqGae5cTlcA5Xu5XJYzIuVpPVaDBxLgab2Wzim03EEs3JIp3ILvvGaLZxuDaGxczjmPhmk8HMtJutTDbHZrNYzlYuf3FjWlgMu-Vasptt1qLdyONWjlbGtWxlc44WFotzsRutRa-P6eKwTUzOhb8xGy4Hu81sOdg3ZsPlYLeZLQf7Dp3hu_qcjcpyNeMRSoSql9dqcxoULoPF-z1YpNFpZ2f0uQwXi2ps2jkmVqHf7_f7_X6_3-_3bswGj8FgOEmsuZ9Uty1npuXOxnswKmKJ4CKdiJyex-vzFh1dntPDbnJYToajRSxRmi7SiV708hj9msVoM5pthpO90O97ayzPw-nvFhydnqPL8nlrTi-H2a2xPA-nv1v3MJtdps9daHqbLWKJ4HSRTkQv4-mi_qOHGGzmktVorlht5pLNYpUAAAAAAAAAACzBJNNNAAAAAJwMZDIajlbrdBCj4WIxWS0XQMTbli5gEAAAAAAAgGKNPUZBTs_j9XmLji7P6WE3OSwnw9HKAB6cFplt9hlBrNVqWQMAABDABgAAEMBNN94EYDFx_____-MAAADIyKEHAAAgvg8AAAAAAAAAgF9BDIbDyf4BqBBrtVrdbqzVagE!&cmcv=&pix=31589837&cb=1689073691984&uv=3300&tms=1689073691984&abt=nonrv_vA!ntvc_vB!tbt_unit!ufm&ru=https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1689073688323.5!ts:1689073691984&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:12 GMT
content-length: 0
server: nginx

GET
H2 200 sync Show response
sg-match.taboola.com/ Frame 2909 404 B
489 B 9ms
6ms Document
text/html 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-match.taboola.com/sync?dast=V8C68CLAaEfsfjOLQBvxEI_Y7HcWgDfisAAABgYED8AMkYZo7JYuVya1zO1Vo0Mm3WEtdyuFYMZi7fwrZajUwOIyAZw8wxWaxcbo3LuVqLRqbNWuJaDteKwczlW9hWq5HJ4QZraDodPte9Xu2wO80Oz-lhNzksJ7vcZfqLXh6jX7MYbUazzXCyF_p9b43leTj93YKj03N0WT5vzenlMLs1lufh9HfrHmazy_S5C01vs391evs7f9fl43LPHB6Xxe_32gEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AwBwS5mn3OQx_y8sfAAAAAEAAAAAAkAAYcGsqAWCRWXri_________z_GAH3mjYz_____Gww9AB58ADwIAQAAeBiCm65skQuj1Uek4KQIIwAAAABn_pnnRybpBBWLKv____1WAK4AAAQkEo2m_GXRHZR4CwMAADAwZoEeFr_f7LBr_G6X-f________8383_mH83PqStFGqFnVHs1v4AAAGt-AQEA2KgbAIA3AXCCTgCsTkDMDgAAAMCd____fz0gMZptHK6NYTHzOCa-2WQwM-1mK5PNsdkslrOVy3vYYeTMMRYI8PxM2GK0mkw2y-FsuZgMhqPhaLQ_A7EYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYLBjWlhMeyWa8lutlmLdiOPWzlaGdeylc05WlgszsVutBa9PqaLwzYxORdeJBjgtRfJ0yKdqGae5cTlcA5Xu5XJYzIuVpPVaDBxLgab2Wzim03EEs3JIp3ILvvGaLZxuDaGxczjmPhmk8HMtJutTDbHZrNYzlYuf3FjWlgMu-Vasptt1qLdyONWjlbGtWxlc44WFotzsRutRa-P6eKwTUzOhb8xGy4Hu81sOdg3ZsPlYLeZLQf7Dp3hu_qcjcpyNeMRSoSql9dqcxoULoPF-z1YpNFpZ2f0uQwXi2ps2jkmVqHf7_f7_X6_3-_3bswGj8FgOEmsuZ9Uty1npuXOxnswKmKJ4CKdiJyex-vzFh1dntPDbnJYToajRSxRmi7SiV708hj9msVoM5pthpO90O97ayzPw-nvFhydnqPL8nlrTi-H2a2xPA-nv1v3MJtdps9daHqbLWKJ4HSRTkQv4-mi_qOHGGzmktVorlht5pLNYpUAAAAAAAAAACzBJNNNAAAAAJwMZDIajlbrdBCj4WIxWS0XQMTbli5gEAAAAAAAgGKNPUZBTs_j9XmLji7P6WE3OSwnw9HKAB6cFplt9hlBrNVqWQMAABDABgAAEMBNN94EYDFx_____-MAAADIyKEHAAAgvg8AAAAAAAAAgF9BDIbDyf4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 8cd39abf3ded77522d5de8a7b00257adca60248fabe28ea7148908d24dff84cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Tue, 11 Jul 2023 11:08:11 GMT
machineid: 3301
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
sg-wf.taboola.com/ Frame 70B8 1 KB
786 B 103ms
100ms XHR
application/json 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1689073691991&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1533&pt=703636185&tz=0&viewable=true&ddast=V8C68CLAaEfsfjOLQBvxEI_Y7HcWgDfisAAABgYED8AMkYZo7JYuVya1zO1Vo0Mm3WEtdyuFYMZi7fwrZajUwOIyAZw8wxWaxcbo3LuVqLRqbNWuJaDteKwczlW9hWq5HJ4QZraDodPte9Xu2wO80Oz-lhNzksJ7vcZfqLXh6jX7MYbUazzXCyF_p9b43leTj93YKj03N0WT5vzenlMLs1lufh9HfrHmazy_S5C01vs391evs7f9fl43LPHB6Xxe_32gEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AwBwS5mn3OQx_y8sfAAAAAEAAAAAAkAAYcGsqAWCRWXri_________z_GAH3mjYz_____Gww9AB58ADwIAQAAeBiCm65skQuj1Uek4KQIIwAAAABn_pnnRybpBBWLKv____1WAK4AAAQkEo2m_GXRHZR4CwMAADAwZoEeFr_f7LBr_G6X-f________8383_mH83PqStFGqFnVHs1v4AAAGt-AQEA2KgbAIA3AXCCTgCsTkDMDgAAAMCd____fz0gMZptHK6NYTHzOCa-2WQwM-1mK5PNsdkslrOVy3vYYeTMMRYI8PxM2GK0mkw2y-FsuZgMhqPhaLQ_A7EYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYLBjWlhMeyWa8lutlmLdiOPWzlaGdeylc05WlgszsVutBa9PqaLwzYxORdeJBjgtRfJ0yKdqGae5cTlcA5Xu5XJYzIuVpPVaDBxLgab2Wzim03EEs3JIp3ILvvGaLZxuDaGxczjmPhmk8HMtJutTDbHZrNYzlYuf3FjWlgMu-Vasptt1qLdyONWjlbGtWxlc44WFotzsRutRa-P6eKwTUzOhb8xGy4Hu81sOdg3ZsPlYLeZLQf7Dp3hu_qcjcpyNeMRSoSql9dqcxoULoPF-z1YpNFpZ2f0uQwXi2ps2jkmVqHf7_f7_X6_3-_3bswGj8FgOEmsuZ9Uty1npuXOxnswKmKJ4CKdiJyex-vzFh1dntPDbnJYToajRSxRmi7SiV708hj9msVoM5pthpO90O97ayzPw-nvFhydnqPL8nlrTi-H2a2xPA-nv1v3MJtdps9daHqbLWKJ4HSRTkQv4-mi_qOHGGzmktVorlht5pLNYpUAAAAAAAAAACzBJNNNAAAAAJwMZDIajlbrdBCj4WIxWS0XQMTbli5gEAAAAAAAgGKNPUZBTs_j9XmLji7P6WE3OSwnw9HKAB6cFplt9hlBrNVqWQMAABDABgAAEMBNN94EYDFx_____-MAAADIyKEHAAAgvg8AAAAAAAAAgF9BDIbDyf4BqBBrtVrdbqzVagE!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1481125&dpubid=224845&abtst=nonrv_vA!ntvc_vB!tbt_unit!ufm&mPre=0.033&cirf=https%3A%2F%2Fmanilastandard.net&en=1&panid=fac3bd15822902beb58721e0cb0b16d53938a8cef298d51faab7e2f79fe12516
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 26ca894b53ec74899a22bcddf9db088ba9d35403bcc9a72cebb50a88c81f6992

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:12 GMT
content-encoding: gzip
server: nginx
machineid: 1304
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://manilastandard.net
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 2909
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=76a3488d-5910-4058-9367-cee18d91ab73

0
257 B

360ms
360ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=76a3488d-5910-4058-9367-cee18d91ab73
Requested by: Host: sg-match.taboola.com
URL: https://sg-match.taboola.com/sync?dast=V8C68CLAaEfsfjOLQBvxEI_Y7HcWgDfisAAABgYED8AMkYZo7JYuVya1zO1Vo0Mm3WEtdyuFYMZi7fwrZajUwOIyAZw8wxWaxcbo3LuVqLRqbNWuJaDteKwczlW9hWq5HJ4QZraDodPte9Xu2wO80Oz-lhNzksJ7vcZfqLXh6jX7MYbUazzXCyF_p9b43leTj93YKj03N0WT5vzenlMLs1lufh9HfrHmazy_S5C01vs391evs7f9fl43LPHB6Xxe_32gEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AwBwS5mn3OQx_y8sfAAAAAEAAAAAAkAAYcGsqAWCRWXri_________z_GAH3mjYz_____Gww9AB58ADwIAQAAeBiCm65skQuj1Uek4KQIIwAAAABn_pnnRybpBBWLKv____1WAK4AAAQkEo2m_GXRHZR4CwMAADAwZoEeFr_f7LBr_G6X-f________8383_mH83PqStFGqFnVHs1v4AAAGt-AQEA2KgbAIA3AXCCTgCsTkDMDgAAAMCd____fz0gMZptHK6NYTHzOCa-2WQwM-1mK5PNsdkslrOVy3vYYeTMMRYI8PxM2GK0mkw2y-FsuZgMhqPhaLQ_A7EYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYLBjWlhMeyWa8lutlmLdiOPWzlaGdeylc05WlgszsVutBa9PqaLwzYxORdeJBjgtRfJ0yKdqGae5cTlcA5Xu5XJYzIuVpPVaDBxLgab2Wzim03EEs3JIp3ILvvGaLZxuDaGxczjmPhmk8HMtJutTDbHZrNYzlYuf3FjWlgMu-Vasptt1qLdyONWjlbGtWxlc44WFotzsRutRa-P6eKwTUzOhb8xGy4Hu81sOdg3ZsPlYLeZLQf7Dp3hu_qcjcpyNeMRSoSql9dqcxoULoPF-z1YpNFpZ2f0uQwXi2ps2jkmVqHf7_f7_X6_3-_3bswGj8FgOEmsuZ9Uty1npuXOxnswKmKJ4CKdiJyex-vzFh1dntPDbnJYToajRSxRmi7SiV708hj9msVoM5pthpO90O97ayzPw-nvFhydnqPL8nlrTi-H2a2xPA-nv1v3MJtdps9daHqbLWKJ4HSRTkQv4-mi_qOHGGzmktVorlht5pLNYpUAAAAAAAAAACzBJNNNAAAAAJwMZDIajlbrdBCj4WIxWS0XQMTbli5gEAAAAAAAgGKNPUZBTs_j9XmLji7P6WE3OSwnw9HKAB6cFplt9hlBrNVqWQMAABDABgAAEMBNN94EYDFx_____-MAAADIyKEHAAAgvg8AAAAAAAAAgF9BDIbDyf4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sg-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 173
date: Tue, 11 Jul 2023 11:08:12 GMT
via: 1.1 varnish
x-served-by: cache-bur-kbur8200024-BUR
server: nginx
x-timer: S1689073692.096898,VS0,VE173
x-fastly-to-nlb-rtt: 172251
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:12 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=76a3488d-5910-4058-9367-cee18d91ab73
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 2909
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a?gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2.YgeK5E2oQJZLlNiiWq6vG5cBQQyAwP9Q48hg--~A

0
229 B

5ms
4ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2.YgeK5E2oQJZLlNiiWq6vG5cBQQyAwP9Q48hg--~A
Requested by: Host: sg-match.taboola.com
URL: https://sg-match.taboola.com/sync?dast=V8C68CLAaEfsfjOLQBvxEI_Y7HcWgDfisAAABgYED8AMkYZo7JYuVya1zO1Vo0Mm3WEtdyuFYMZi7fwrZajUwOIyAZw8wxWaxcbo3LuVqLRqbNWuJaDteKwczlW9hWq5HJ4QZraDodPte9Xu2wO80Oz-lhNzksJ7vcZfqLXh6jX7MYbUazzXCyF_p9b43leTj93YKj03N0WT5vzenlMLs1lufh9HfrHmazy_S5C01vs391evs7f9fl43LPHB6Xxe_32gEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AwBwS5mn3OQx_y8sfAAAAAEAAAAAAkAAYcGsqAWCRWXri_________z_GAH3mjYz_____Gww9AB58ADwIAQAAeBiCm65skQuj1Uek4KQIIwAAAABn_pnnRybpBBWLKv____1WAK4AAAQkEo2m_GXRHZR4CwMAADAwZoEeFr_f7LBr_G6X-f________8383_mH83PqStFGqFnVHs1v4AAAGt-AQEA2KgbAIA3AXCCTgCsTkDMDgAAAMCd____fz0gMZptHK6NYTHzOCa-2WQwM-1mK5PNsdkslrOVy3vYYeTMMRYI8PxM2GK0mkw2y-FsuZgMhqPhaLQ_A7EYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYLBjWlhMeyWa8lutlmLdiOPWzlaGdeylc05WlgszsVutBa9PqaLwzYxORdeJBjgtRfJ0yKdqGae5cTlcA5Xu5XJYzIuVpPVaDBxLgab2Wzim03EEs3JIp3ILvvGaLZxuDaGxczjmPhmk8HMtJutTDbHZrNYzlYuf3FjWlgMu-Vasptt1qLdyONWjlbGtWxlc44WFotzsRutRa-P6eKwTUzOhb8xGy4Hu81sOdg3ZsPlYLeZLQf7Dp3hu_qcjcpyNeMRSoSql9dqcxoULoPF-z1YpNFpZ2f0uQwXi2ps2jkmVqHf7_f7_X6_3-_3bswGj8FgOEmsuZ9Uty1npuXOxnswKmKJ4CKdiJyex-vzFh1dntPDbnJYToajRSxRmi7SiV708hj9msVoM5pthpO90O97ayzPw-nvFhydnqPL8nlrTi-H2a2xPA-nv1v3MJtdps9daHqbLWKJ4HSRTkQv4-mi_qOHGGzmktVorlht5pLNYpUAAAAAAAAAACzBJNNNAAAAAJwMZDIajlbrdBCj4WIxWS0XQMTbli5gEAAAAAAAgGKNPUZBTs_j9XmLji7P6WE3OSwnw9HKAB6cFplt9hlBrNVqWQMAABDABgAAEMBNN94EYDFx_____-MAAADIyKEHAAAgvg8AAAAAAAAAgF9BDIbDyf4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sg-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2903

Redirect headers

date: Tue, 11 Jul 2023 11:08:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2.YgeK5E2oQJZLlNiiWq6vG5cBQQyAwP9Q48hg--~A
content-length: 0

GET
H2

200

rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame 2909
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=taboola
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZK04HMCo5sEAAH20FP8AAAAA

0
229 B

4ms
3ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZK04HMCo5sEAAH20FP8AAAAA
Requested by: Host: sg-match.taboola.com
URL: https://sg-match.taboola.com/sync?dast=V8C68CLAaEfsfjOLQBvxEI_Y7HcWgDfisAAABgYED8AMkYZo7JYuVya1zO1Vo0Mm3WEtdyuFYMZi7fwrZajUwOIyAZw8wxWaxcbo3LuVqLRqbNWuJaDteKwczlW9hWq5HJ4QZraDodPte9Xu2wO80Oz-lhNzksJ7vcZfqLXh6jX7MYbUazzXCyF_p9b43leTj93YKj03N0WT5vzenlMLs1lufh9HfrHmazy_S5C01vs391evs7f9fl43LPHB6Xxe_32gEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AwBwS5mn3OQx_y8sfAAAAAEAAAAAAkAAYcGsqAWCRWXri_________z_GAH3mjYz_____Gww9AB58ADwIAQAAeBiCm65skQuj1Uek4KQIIwAAAABn_pnnRybpBBWLKv____1WAK4AAAQkEo2m_GXRHZR4CwMAADAwZoEeFr_f7LBr_G6X-f________8383_mH83PqStFGqFnVHs1v4AAAGt-AQEA2KgbAIA3AXCCTgCsTkDMDgAAAMCd____fz0gMZptHK6NYTHzOCa-2WQwM-1mK5PNsdkslrOVy3vYYeTMMRYI8PxM2GK0mkw2y-FsuZgMhqPhaLQ_A7EYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYLBjWlhMeyWa8lutlmLdiOPWzlaGdeylc05WlgszsVutBa9PqaLwzYxORdeJBjgtRfJ0yKdqGae5cTlcA5Xu5XJYzIuVpPVaDBxLgab2Wzim03EEs3JIp3ILvvGaLZxuDaGxczjmPhmk8HMtJutTDbHZrNYzlYuf3FjWlgMu-Vasptt1qLdyONWjlbGtWxlc44WFotzsRutRa-P6eKwTUzOhb8xGy4Hu81sOdg3ZsPlYLeZLQf7Dp3hu_qcjcpyNeMRSoSql9dqcxoULoPF-z1YpNFpZ2f0uQwXi2ps2jkmVqHf7_f7_X6_3-_3bswGj8FgOEmsuZ9Uty1npuXOxnswKmKJ4CKdiJyex-vzFh1dntPDbnJYToajRSxRmi7SiV708hj9msVoM5pthpO90O97ayzPw-nvFhydnqPL8nlrTi-H2a2xPA-nv1v3MJtdps9daHqbLWKJ4HSRTkQv4-mi_qOHGGzmktVorlht5pLNYpUAAAAAAAAAACzBJNNNAAAAAJwMZDIajlbrdBCj4WIxWS0XQMTbli5gEAAAAAAAgGKNPUZBTs_j9XmLji7P6WE3OSwnw9HKAB6cFplt9hlBrNVqWQMAABDABgAAEMBNN94EYDFx_____-MAAADIyKEHAAAgvg8AAAAAAAAAgF9BDIbDyf4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sg-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2917

Redirect headers

X-SO-Cluster-ID: 0
Date: Tue, 11 Jul 2023 11:08:12 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.231","key":"ZK04HMCo5sEAAH20FP8AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad222"}
X-SO-Key: ZK04HMCo5sEAAH20FP8AAAAA
Server: nginx
X-SO-Upstream-ID: m-ad222
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZK04HMCo5sEAAH20FP8AAAAA
Cache-Control: private
X-SO-HostName: m-ad222.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 3
Content-Length: 0
X-SO-LB-Hostname: a-tgng40003.dc2p.scaleout.jp
X-SO-IP: 103.254.153.231

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/33_0_0/infra/ Frame 70B8 772 KB
133 KB 543ms
181ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_0_0/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 9352ee17d1b033923f7498f10a8bbd9f6d374090321e3ffb9774983913018dd8

Request headers

Referer
Origin: https://manilastandard.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-meta-mtime: 1688980049
date: Tue, 11 Jul 2023 11:08:12 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: AR063YB11H4STCCC
age: 62155
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1688980050
x-amz-meta-mode: 33188
content-length: 135266
x-amz-id-2: zlnjAWkqo5qCoAhTvSM4UEGHivJ6DMKsmFDfOfTgPRWQf8/k1iOIwaypBHsP4lZYMyZ7z0iVTqA=
x-served-by: cache-sna10751-LGB
last-modified: Mon, 10 Jul 2023 09:07:31 GMT
server: AmazonS3-br
x-timer: S1689073693.552434,VS0,VE0
etag: "fc2b9d0b1c200256a0b904a6370dc8ab"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1115

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_0_0/assets/css/ Frame 70B8 61 KB
8 KB 187ms
187ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_0_0/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a278d9459c8a7c717423ad4989df1b5097095b847a9c1a4549d1cd5dac3aca15

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-meta-mtime: 1688980112
date: Tue, 11 Jul 2023 11:08:12 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: ZZGDMK2NZF0A1X0N
age: 93390
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1688980112
x-amz-meta-mode: 33188
content-length: 7934
x-amz-id-2: D3CqXP8rub9T6yZCLc0xT3LQlJt/iFDfwku87WEQsfAJ/K/pHKZdZr8n7L2SGWLIwmbyfqOaE5Q=
x-served-by: cache-bur-kbur8200024-BUR
last-modified: Mon, 10 Jul 2023 09:08:34 GMT
server: AmazonS3-br
x-timer: S1689073692.188477,VS0,VE0
etag: "7d5846b7fa6c83e210775caa76d96cb7"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 4301

POST
H2 204 bulk Show response
trc.taboola.com/disqus-thestandardph/log/3/ Frame 70B8 0
254 B 365ms
364ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-thestandardph/log/3/bulk?route=HK%3ASG%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230709-18-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 178
date: Tue, 11 Jul 2023 11:08:12 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 171069
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bur-kbur8200024-BUR
pragma: no-cache
server: nginx
x-timer: S1689073693.602086,VS0,VE178
content-type: image/gif
access-control-allow-origin: https://manilastandard.net
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame A626
Redirect Chain

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-l67efkVE2uHL0pCDyXATJn47fBz9S0hq~A&gdpr_in_effect=0

0
229 B

4ms
4ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-l67efkVE2uHL0pCDyXATJn47fBz9S0hq~A&gdpr_in_effect=0
Requested by: Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8C68CLAaEfsfjOLQBvxEI_Y7HcWgDfisAAABgYED8AMkYZo7JYuVya1zO1Vo0Mm3WEtdyuFYMZi7fwrZajUwOIyAZw8wxWaxcbo3LuVqLRqbNWuJaDteKwczlW9hWq5HJ4QZraDodPte9Xu2wO80Oz-lhNzksJ7vcZfqLXh6jX7MYbUazzXCyF_p9b43leTj93YKj03N0WT5vzenlMLs1lufh9HfrHmazy_S5C01vs391evs7f9fl43LPHB6Xxe_32gEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AwBwS5mn3OQx_y8sfAAAAAEAAAAAAkAAYcGsqAWCRWXri_________z_GAH3mjYz_____Gww9AB58ADwIAQAAeBiCm65skQuj1Uek4KQIIwAAAABn_pnnRybpBBWLKv____1WAK4AAAQkEo2m_GXRHZR4CwMAADAwZoEeFr_f7LBr_G6X-f________8383_mH83PqStFGqFnVHs1v4AAAGt-AQEA2KgbAIA3AXCCTgCsTkDMDgAAAMCd____fz0gMZptHK6NYTHzOCa-2WQwM-1mK5PNsdkslrOVy3vYYeTMMRYI8PxM2GK0mkw2y-FsuZgMhqPhaLQ_A7EYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYLBjWlhMeyWa8lutlmLdiOPWzlaGdeylc05WlgszsVutBa9PqaLwzYxORdeJBjgtRfJ0yKdqGae5cTlcA5Xu5XJYzIuVpPVaDBxLgab2Wzim03EEs3JIp3ILvvGaLZxuDaGxczjmPhmk8HMtJutTDbHZrNYzlYuf3FjWlgMu-Vasptt1qLdyONWjlbGtWxlc44WFotzsRutRa-P6eKwTUzOhb8xGy4Hu81sOdg3ZsPlYLeZLQf7Dp3hu_qcjcpyNeMRSoSql9dqcxoULoPF-z1YpNFpZ2f0uQwXi2ps2jkmVqHf7_f7_X6_3-_3bswGj8FgOEmsuZ9Uty1npuXOxnswKmKJ4CKdiJyex-vzFh1dntPDbnJYToajRSxRmi7SiV708hj9msVoM5pthpO90O97ayzPw-nvFhydnqPL8nlrTi-H2a2xPA-nv1v3MJtdps9daHqbLWKJ4HSRTkQv4-mi_qOHGGzmktVorlht5pLNYpUAAAAAAAAAACzBJNNNAAAAAJwMZDIajlbrdBCj4WIxWS0XQMTbli5gEAAAAAAAgGKNPUZBTs_j9XmLji7P6WE3OSwnw9HKAB6cFplt9hlBrNVqWQMAABDABgAAEMBNN94EYDFx_____-MAAADIyKEHAAAgvg8AAAAAAAAAgF9BDIbDyf4BqBBrtVrdbqzVagE!&cmcv=&pix=undefined&cb=1689073691984&uv=3300&tms=1689073691984&abt=nonrv_vA!ntvc_vB!tbt_unit!ufm&ru=https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=c0f121ee-ce95-4d43-b598-10fe7a655dda&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imprsgmp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 4516

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-l67efkVE2uHL0pCDyXATJn47fBz9S0hq~A&gdpr_in_effect=0
date: Tue, 11 Jul 2023 11:08:12 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame A626
Redirect Chain

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola
https://x.bidswitch.net/sync?dsp_id=70&user_id=8269748334659375202&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c57b8eb2-e1c9-47a2-9873-97ccf7106a21&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

0
229 B

16ms
3ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c57b8eb2-e1c9-47a2-9873-97ccf7106a21&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8C68CLAaEfsfjOLQBvxEI_Y7HcWgDfisAAABgYED8AMkYZo7JYuVya1zO1Vo0Mm3WEtdyuFYMZi7fwrZajUwOIyAZw8wxWaxcbo3LuVqLRqbNWuJaDteKwczlW9hWq5HJ4QZraDodPte9Xu2wO80Oz-lhNzksJ7vcZfqLXh6jX7MYbUazzXCyF_p9b43leTj93YKj03N0WT5vzenlMLs1lufh9HfrHmazy_S5C01vs391evs7f9fl43LPHB6Xxe_32gEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AwBwS5mn3OQx_y8sfAAAAAEAAAAAAkAAYcGsqAWCRWXri_________z_GAH3mjYz_____Gww9AB58ADwIAQAAeBiCm65skQuj1Uek4KQIIwAAAABn_pnnRybpBBWLKv____1WAK4AAAQkEo2m_GXRHZR4CwMAADAwZoEeFr_f7LBr_G6X-f________8383_mH83PqStFGqFnVHs1v4AAAGt-AQEA2KgbAIA3AXCCTgCsTkDMDgAAAMCd____fz0gMZptHK6NYTHzOCa-2WQwM-1mK5PNsdkslrOVy3vYYeTMMRYI8PxM2GK0mkw2y-FsuZgMhqPhaLQ_A7EYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYLBjWlhMeyWa8lutlmLdiOPWzlaGdeylc05WlgszsVutBa9PqaLwzYxORdeJBjgtRfJ0yKdqGae5cTlcA5Xu5XJYzIuVpPVaDBxLgab2Wzim03EEs3JIp3ILvvGaLZxuDaGxczjmPhmk8HMtJutTDbHZrNYzlYuf3FjWlgMu-Vasptt1qLdyONWjlbGtWxlc44WFotzsRutRa-P6eKwTUzOhb8xGy4Hu81sOdg3ZsPlYLeZLQf7Dp3hu_qcjcpyNeMRSoSql9dqcxoULoPF-z1YpNFpZ2f0uQwXi2ps2jkmVqHf7_f7_X6_3-_3bswGj8FgOEmsuZ9Uty1npuXOxnswKmKJ4CKdiJyex-vzFh1dntPDbnJYToajRSxRmi7SiV708hj9msVoM5pthpO90O97ayzPw-nvFhydnqPL8nlrTi-H2a2xPA-nv1v3MJtdps9daHqbLWKJ4HSRTkQv4-mi_qOHGGzmktVorlht5pLNYpUAAAAAAAAAACzBJNNNAAAAAJwMZDIajlbrdBCj4WIxWS0XQMTbli5gEAAAAAAAgGKNPUZBTs_j9XmLji7P6WE3OSwnw9HKAB6cFplt9hlBrNVqWQMAABDABgAAEMBNN94EYDFx_____-MAAADIyKEHAAAgvg8AAAAAAAAAgF9BDIbDyf4BqBBrtVrdbqzVagE!&cmcv=&pix=undefined&cb=1689073691984&uv=3300&tms=1689073691984&abt=nonrv_vA!ntvc_vB!tbt_unit!ufm&ru=https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=c0f121ee-ce95-4d43-b598-10fe7a655dda&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imprsgmp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 6567

Redirect headers

Location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c57b8eb2-e1c9-47a2-9873-97ccf7106a21&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date: Tue, 11 Jul 2023 11:08:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame DF4C 281 B
554 B 49ms
3ms Document
text/html 23.53.160.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by: Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8C68CLAaEfsfjOLQBvxEI_Y7HcWgDfisAAABgYED8AMkYZo7JYuVya1zO1Vo0Mm3WEtdyuFYMZi7fwrZajUwOIyAZw8wxWaxcbo3LuVqLRqbNWuJaDteKwczlW9hWq5HJ4QZraDodPte9Xu2wO80Oz-lhNzksJ7vcZfqLXh6jX7MYbUazzXCyF_p9b43leTj93YKj03N0WT5vzenlMLs1lufh9HfrHmazy_S5C01vs391evs7f9fl43LPHB6Xxe_32gEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AwBwS5mn3OQx_y8sfAAAAAEAAAAAAkAAYcGsqAWCRWXri_________z_GAH3mjYz_____Gww9AB58ADwIAQAAeBiCm65skQuj1Uek4KQIIwAAAABn_pnnRybpBBWLKv____1WAK4AAAQkEo2m_GXRHZR4CwMAADAwZoEeFr_f7LBr_G6X-f________8383_mH83PqStFGqFnVHs1v4AAAGt-AQEA2KgbAIA3AXCCTgCsTkDMDgAAAMCd____fz0gMZptHK6NYTHzOCa-2WQwM-1mK5PNsdkslrOVy3vYYeTMMRYI8PxM2GK0mkw2y-FsuZgMhqPhaLQ_A7EYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYLBjWlhMeyWa8lutlmLdiOPWzlaGdeylc05WlgszsVutBa9PqaLwzYxORdeJBjgtRfJ0yKdqGae5cTlcA5Xu5XJYzIuVpPVaDBxLgab2Wzim03EEs3JIp3ILvvGaLZxuDaGxczjmPhmk8HMtJutTDbHZrNYzlYuf3FjWlgMu-Vasptt1qLdyONWjlbGtWxlc44WFotzsRutRa-P6eKwTUzOhb8xGy4Hu81sOdg3ZsPlYLeZLQf7Dp3hu_qcjcpyNeMRSoSql9dqcxoULoPF-z1YpNFpZ2f0uQwXi2ps2jkmVqHf7_f7_X6_3-_3bswGj8FgOEmsuZ9Uty1npuXOxnswKmKJ4CKdiJyex-vzFh1dntPDbnJYToajRSxRmi7SiV708hj9msVoM5pthpO90O97ayzPw-nvFhydnqPL8nlrTi-H2a2xPA-nv1v3MJtdps9daHqbLWKJ4HSRTkQv4-mi_qOHGGzmktVorlht5pLNYpUAAAAAAAAAACzBJNNNAAAAAJwMZDIajlbrdBCj4WIxWS0XQMTbli5gEAAAAAAAgGKNPUZBTs_j9XmLji7P6WE3OSwnw9HKAB6cFplt9hlBrNVqWQMAABDABgAAEMBNN94EYDFx_____-MAAADIyKEHAAAgvg8AAAAAAAAAgF9BDIbDyf4BqBBrtVrdbqzVagE!&cmcv=&pix=undefined&cb=1689073691984&uv=3300&tms=1689073691984&abt=nonrv_vA!ntvc_vB!tbt_unit!ufm&ru=https://manilastandard.net/tech/314346382/how-crypto-phishers-steal-crypto-wallets.html?utm_source=facebook&utm_medium=social&utm_campaign=apac_PRpost_ab0218&utm_content=link&utm_term=apac_facebook_organic_218dddepibkx73r&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=c0f121ee-ce95-4d43-b598-10fe7a655dda&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.160.230 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-53-160-230.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprsgmp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 11 Jul 2023 11:08:12 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DF4C 34 KB
10 KB 4ms
3ms Script
text/html 23.53.160.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.160.230 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-53-160-230.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0af62ad2d6b087928deebb44ad550d485617ea9350362fdfc4b7ce239f88b419

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 11 Jul 2023 11:08:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 10:15:18 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=83235
Connection: keep-alive
Content-Length: 10153
Expires: Wed, 12 Jul 2023 10:15:27 GMT

GET

pixel
live.rezync.com/ Frame DC28
Redirect Chain

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID%26cache_buster%3D1689073692.4575658
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID%2526cache_b...
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=2524573940235033349&cache_buster=1689073692.4575658
https://p.rfihub.com/cm?pub=39342&in=1&userid=b37aa6a8-a27f-4c88-baed-d3ed87dc8989%3A1689073692.457179&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc8cvin272rsqtdt%26_%3D1689073693...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1975461768353436235&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dc8cvin272rsqtdt%26_%3...

0
0

GET

pixel
live.rezync.com/ Frame DC28
Redirect Chain

https://p.rfihub.com/cm?pub=39342&in=1&userid=b37aa6a8-a27f-4c88-baed-d3ed87dc8989%3A1689073692.457179&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1975461768353436235&referrer={encSite}&forward=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3...

0
0

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame DC28
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3181&partner_device_id=b37aa6a8-a27f-4c88-baed-d3ed87dc8989%3A1689073692.457179
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3181&partner_device_id=b37aa6a8-a27f-4c88-baed-d3ed87dc8989%3A1689073692.457179
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4b9c544f-2dd2-4c84-8b2c-8fa53ade6a8b%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=76a3488d-5910-4058-9367-cee18d91ab73&ttd_puid=4b9c544f-2dd2-4c84-8b2c-8fa53ade6a8b%2C%2C

95 B
123 B

53ms
53ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=76a3488d-5910-4058-9367-cee18d91ab73&ttd_puid=4b9c544f-2dd2-4c84-8b2c-8fa53ade6a8b%2C%2C

Requested by

Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c8cvin272rsqtdt&pctry=SG&referrer=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&cache_buster=0.858785502315

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:12 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:12 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=76a3488d-5910-4058-9367-cee18d91ab73&ttd_puid=4b9c544f-2dd2-4c84-8b2c-8fa53ade6a8b%2C%2C
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 359

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame DF4C 284 B
966 B 254ms
6ms Image
image/jpg 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 70B8 254 B
772 B 187ms
186ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://manilastandard.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Tue, 11 Jul 2023 11:08:12 GMT
via: 1.1 varnish
x-amz-request-id: 893CCRMRXHX7EDF5
age: 844
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: bWhduxFaBvL0o78FU0ZptxAz6UnnnlUTluyNSYIa0pU0YklAodhWwFfNfRUu4zEtWoZ6Qw231sU=
x-served-by: cache-bur-kbur8200024-BUR
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1689073693.797894,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 52
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 13

GET
H2

200

/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame DF4C
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LJY6V6I0-21-6NDA
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJY6V6I0-21-6NDA&gdpr=0&us_privacy=1---

0
230 B

4ms
4ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJY6V6I0-21-6NDA&gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 10416

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJY6V6I0-21-6NDA&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b5ba23d75d0dcd35432b720d73e3149b
Expires: 0

GET

dcm
aax-eu.amazon-adsystem.com/s/ Frame DF4C
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t

0
0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame DF4C
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJY6V6I0-21-6NDA&gdpr=0&us_privacy=1---

0
517 B

264ms
252ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJY6V6I0-21-6NDA&gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:12 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8B2FD5B0E6A54D2D878FCC09CEB6F5BB Ref B: SIN30EDGE0308 Ref C: 2023-07-11T11:08:12Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYANB15wyiNIVXZDXKShQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJY6V6I0-21-6NDA&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d335433bbbe0efeac67146df47932f6f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DF4C
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/xi8WteNSBi0JDDRUorUHbcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-d_c83L5E2oLu5E0rsWwbGimAyjFH8IAOTpFX5Q--~A

42 B
723 B

15ms
6ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-d_c83L5E2oLu5E0rsWwbGimAyjFH8IAOTpFX5Q--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: d264e84c9dc1a645a3048554992c5d82
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 11 Jul 2023 11:08:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-d_c83L5E2oLu5E0rsWwbGimAyjFH8IAOTpFX5Q--~A
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DF4C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOD2DZY0H8DQAx806z-wB04&google_cver=1

42 B
723 B

5ms
5ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOD2DZY0H8DQAx806z-wB04&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0ed95c36ed1932be3ba76fc523a6e179
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOD2DZY0H8DQAx806z-wB04&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

dcm
s.amazon-adsystem.com/ Frame DF4C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF4C
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpZNlY2STAtMjEtNk5EQQ==&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEHPlYdbBJsIpcNsuJn7ht1o&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpZNlY2STAtMjEtNk5EQQ==&google_push=&gdpr=0

170 B
188 B

64ms
63ms

Image
image/png

142.251.220.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpZNlY2STAtMjEtNk5EQQ==&google_push=&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---

Protocol

Server

142.251.220.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpZNlY2STAtMjEtNk5EQQ==&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 38ddff6a66d3988dfd0c6ea3be81c5f1
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DF4C
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjEzMzk1NGY0MGYxMWU3YmU1YzBiZmVlMTNkZWNmMjI1NmExNGRmNg&gdpr=0&us_privacy=1---

170 B
232 B

65ms
65ms

Image
image/png

142.251.220.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjEzMzk1NGY0MGYxMWU3YmU1YzBiZmVlMTNkZWNmMjI1NmExNGRmNg&gdpr=0&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---

Protocol

Server

142.251.220.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjEzMzk1NGY0MGYxMWU3YmU1YzBiZmVlMTNkZWNmMjI1NmExNGRmNg&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DF4C
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=76a3488d-5910-4058-9367-cee18d91ab73&gdpr=0&gdpr_consent=&expires=30

42 B
723 B

22ms
5ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=76a3488d-5910-4058-9367-cee18d91ab73&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0ed95c36ed1932be3ba76fc523a6e179
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:12 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=76a3488d-5910-4058-9367-cee18d91ab73&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H2 200 sync Show response
sg-match.taboola.com/ Frame AFC2 674 B
759 B 5ms
5ms Document
text/html 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-match.taboola.com/sync?dast=V8C68CLAaEfsfjOLQBvxEI_Y7HcWgDfisAAABgYED8AMkYZo7JYuVya1zO1Vo0Mm3WEtdyuFYMZi7fwrZajUwOIyAZw8wxWaxcbo3LuVqLRqbNWuJaDteKwczlW9hWq5HJ4QZraDodPte9Xu2wO80Oz-lhNzksJ7vcZfqLXh6jX7MYbUazzXCyF_p9b43leTj93YKj03N0WT5vzenlMLs1lufh9HfrHmazy_S5C01vs391evs7f9fl43LPHB6Xxe_32gEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AwBwS5mn3OQx_y8sfAAAAAEAAAAAAkAAYcGsqAWCRWXri_________z_GAH3mjYz_____Gww9AB58ADwIAQAAeBiCm65skQuj1Uek4KQIIwAAAABn_pnnRybpBBWLKv____1WAK4AAAQkEo2m_GXRHZR4CwMAADAwZoEeFr_f7LBr_G6X-f________8383_mH83PqStFGqFnVHs1v4AAAGt-AQEA2KgbAIA3AXCCTgCsTkDMDgAAAMCd____fz0gMZptHK6NYTHzOCa-2WQwM-1mK5PNsdkslrOVy3vYYeTMMRYI8PxM2GK0mkw2y-FsuZgMhqPhaLQ_A7EYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYLBjWlhMeyWa8lutlmLdiOPWzlaGdeylc05WlgszsVutBa9PqaLwzYxORdeJBjgtRfJ0yKdqGae5cTlcA5Xu5XJYzIuVpPVaDBxLgab2Wzim03EEs3JIp3ILvvGaLZxuDaGxczjmPhmk8HMtJutTDbHZrNYzlYuf3FjWlgMu-Vasptt1qLdyONWjlbGtWxlc44WFotzsRutRa-P6eKwTUzOhb8xGy4Hu81sOdg3ZsPlYLeZLQf7Dp3hu_qcjcpyNeMRSoSql9dqcxoULoPF-z1YpNFpZ2f0uQwXi2ps2jkmVqHf7_f7_X6_3-_3bswGj8FgOEmsuZ9Uty1npuXOxnswKmKJ4CKdiJyex-vzFh1dntPDbnJYToajRSxRmi7SiV708hj9msVoM5pthpO90O97ayzPw-nvFhydnqPL8nlrTi-H2a2xPA-nv1v3MJtdps9daHqbLWKJ4HSRTkQv4-mi_qOHGGzmktVorlht5pLNYpUAAAAAAAAAACzBJNNNAAAAAJwMZDIajlbrdBCj4WIxWS0XQMTbli5gEAAAAAAAgGKNPUZBTs_j9XmLji7P6WE3OSwnw9HKAB6cFplt9hlBrNVqWQMAABDABgAAEMBNN94EYDFx_____-MAAADIyKEHAAAgvg8AAAAAAAAAgF9BDIbDyf4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_0/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: c489134cd8282e379ab7e6aa10e0292038bd696b17554fd03251b59d1a840bdd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Tue, 11 Jul 2023 11:08:13 GMT
machineid: 3301
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ Frame 70B8 89 KB
89 KB 189ms
186ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Tue, 11 Jul 2023 11:08:13 GMT
via: 1.1 ab8cfade51df87f6bc68307386d89768.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: LAX50-P1
age: 2429361
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-bur-kbur8200024-BUR
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1689073693.265442,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: alPqiGRlWKJ_c5NtBghx9DWmoXWURZpaaA1fnCFjfdwoRI7SXKAA2A==
x-cache-hits: 265868

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.3.3/ Frame 70B8 444 KB
83 KB 189ms
188ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.3/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_0/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: d87c2fedac29b7103d7b6b3cba3f23547ae3fdb319eded5937d23c10154dacc1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-meta-mtime: 1688806868
date: Tue, 11 Jul 2023 11:08:13 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: DXBZ30NMWCSYR3R7
age: 266750
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1688806881
x-amz-meta-mode: 33188
content-length: 84969
x-amz-id-2: /I+OteZBtKdx4qHZh8NqiTWHXU1DDXuq5hszbR66zERcpZyu6/tj2YsIx92ZyDGEUifaoPnaglw=
x-served-by: cache-bur-kbur8200024-BUR
last-modified: Sat, 08 Jul 2023 09:01:22 GMT
server: AmazonS3-br
x-timer: S1689073693.271640,VS0,VE0
etag: "495314d071af2f9ae6f90cb9bdb64cd6"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 57207

GET

send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame AFC2
Redirect Chain

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola

0
0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 916D 281 B
554 B 4ms
3ms Document
text/html 23.53.160.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by: Host: sg-match.taboola.com
URL: https://sg-match.taboola.com/sync?dast=V8C68CLAaEfsfjOLQBvxEI_Y7HcWgDfisAAABgYED8AMkYZo7JYuVya1zO1Vo0Mm3WEtdyuFYMZi7fwrZajUwOIyAZw8wxWaxcbo3LuVqLRqbNWuJaDteKwczlW9hWq5HJ4QZraDodPte9Xu2wO80Oz-lhNzksJ7vcZfqLXh6jX7MYbUazzXCyF_p9b43leTj93YKj03N0WT5vzenlMLs1lufh9HfrHmazy_S5C01vs391evs7f9fl43LPHB6Xxe_32gEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AwBwS5mn3OQx_y8sfAAAAAEAAAAAAkAAYcGsqAWCRWXri_________z_GAH3mjYz_____Gww9AB58ADwIAQAAeBiCm65skQuj1Uek4KQIIwAAAABn_pnnRybpBBWLKv____1WAK4AAAQkEo2m_GXRHZR4CwMAADAwZoEeFr_f7LBr_G6X-f________8383_mH83PqStFGqFnVHs1v4AAAGt-AQEA2KgbAIA3AXCCTgCsTkDMDgAAAMCd____fz0gMZptHK6NYTHzOCa-2WQwM-1mK5PNsdkslrOVy3vYYeTMMRYI8PxM2GK0mkw2y-FsuZgMhqPhaLQ_A7EYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYLBjWlhMeyWa8lutlmLdiOPWzlaGdeylc05WlgszsVutBa9PqaLwzYxORdeJBjgtRfJ0yKdqGae5cTlcA5Xu5XJYzIuVpPVaDBxLgab2Wzim03EEs3JIp3ILvvGaLZxuDaGxczjmPhmk8HMtJutTDbHZrNYzlYuf3FjWlgMu-Vasptt1qLdyONWjlbGtWxlc44WFotzsRutRa-P6eKwTUzOhb8xGy4Hu81sOdg3ZsPlYLeZLQf7Dp3hu_qcjcpyNeMRSoSql9dqcxoULoPF-z1YpNFpZ2f0uQwXi2ps2jkmVqHf7_f7_X6_3-_3bswGj8FgOEmsuZ9Uty1npuXOxnswKmKJ4CKdiJyex-vzFh1dntPDbnJYToajRSxRmi7SiV708hj9msVoM5pthpO90O97ayzPw-nvFhydnqPL8nlrTi-H2a2xPA-nv1v3MJtdps9daHqbLWKJ4HSRTkQv4-mi_qOHGGzmktVorlht5pLNYpUAAAAAAAAAACzBJNNNAAAAAJwMZDIajlbrdBCj4WIxWS0XQMTbli5gEAAAAAAAgGKNPUZBTs_j9XmLji7P6WE3OSwnw9HKAB6cFplt9hlBrNVqWQMAABDABgAAEMBNN94EYDFx_____-MAAADIyKEHAAAgvg8AAAAAAAAAgF9BDIbDyf4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.160.230 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-53-160-230.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sg-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 11 Jul 2023 11:08:13 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2

200

/ Show response
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 47B4
Redirect Chain

https://us-u.openx.net/w/1.0/cm?gdpr=0&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1...
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=eb95b52b-fe58-4b13-9331-5d88a549b9a9

0
230 B

4ms
4ms

Document
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=eb95b52b-fe58-4b13-9331-5d88a549b9a9
Requested by: Host: sg-match.taboola.com
URL: https://sg-match.taboola.com/sync?dast=V8C68CLAaEfsfjOLQBvxEI_Y7HcWgDfisAAABgYED8AMkYZo7JYuVya1zO1Vo0Mm3WEtdyuFYMZi7fwrZajUwOIyAZw8wxWaxcbo3LuVqLRqbNWuJaDteKwczlW9hWq5HJ4QZraDodPte9Xu2wO80Oz-lhNzksJ7vcZfqLXh6jX7MYbUazzXCyF_p9b43leTj93YKj03N0WT5vzenlMLs1lufh9HfrHmazy_S5C01vs391evs7f9fl43LPHB6Xxe_32gEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AwBwS5mn3OQx_y8sfAAAAAEAAAAAAkAAYcGsqAWCRWXri_________z_GAH3mjYz_____Gww9AB58ADwIAQAAeBiCm65skQuj1Uek4KQIIwAAAABn_pnnRybpBBWLKv____1WAK4AAAQkEo2m_GXRHZR4CwMAADAwZoEeFr_f7LBr_G6X-f________8383_mH83PqStFGqFnVHs1v4AAAGt-AQEA2KgbAIA3AXCCTgCsTkDMDgAAAMCd____fz0gMZptHK6NYTHzOCa-2WQwM-1mK5PNsdkslrOVy3vYYeTMMRYI8PxM2GK0mkw2y-FsuZgMhqPhaLQ_A7EYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYLBjWlhMeyWa8lutlmLdiOPWzlaGdeylc05WlgszsVutBa9PqaLwzYxORdeJBjgtRfJ0yKdqGae5cTlcA5Xu5XJYzIuVpPVaDBxLgab2Wzim03EEs3JIp3ILvvGaLZxuDaGxczjmPhmk8HMtJutTDbHZrNYzlYuf3FjWlgMu-Vasptt1qLdyONWjlbGtWxlc44WFotzsRutRa-P6eKwTUzOhb8xGy4Hu81sOdg3ZsPlYLeZLQf7Dp3hu_qcjcpyNeMRSoSql9dqcxoULoPF-z1YpNFpZ2f0uQwXi2ps2jkmVqHf7_f7_X6_3-_3bswGj8FgOEmsuZ9Uty1npuXOxnswKmKJ4CKdiJyex-vzFh1dntPDbnJYToajRSxRmi7SiV708hj9msVoM5pthpO90O97ayzPw-nvFhydnqPL8nlrTi-H2a2xPA-nv1v3MJtdps9daHqbLWKJ4HSRTkQv4-mi_qOHGGzmktVorlht5pLNYpUAAAAAAAAAACzBJNNNAAAAAJwMZDIajlbrdBCj4WIxWS0XQMTbli5gEAAAAAAAgGKNPUZBTs_j9XmLji7P6WE3OSwnw9HKAB6cFplt9hlBrNVqWQMAABDABgAAEMBNN94EYDFx_____-MAAADIyKEHAAAgvg8AAAAAAAAAgF9BDIbDyf4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sg-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
date: Tue, 11 Jul 2023 11:08:13 GMT
server: nginx
x-fastly-to-nlb-rtt: 11094

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 0
content-type: text/html
date: Tue, 11 Jul 2023 11:08:13 GMT
location: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=eb95b52b-fe58-4b13-9331-5d88a549b9a9
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 916D 34 KB
10 KB 4ms
4ms Script
text/html 23.53.160.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.160.230 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-53-160-230.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0af62ad2d6b087928deebb44ad550d485617ea9350362fdfc4b7ce239f88b419

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 11 Jul 2023 11:08:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 10:15:18 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=83234
Connection: keep-alive
Content-Length: 10153
Expires: Wed, 12 Jul 2023 10:15:27 GMT

GET
H2

200

rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame 44CC
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=taboola
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZK04HMCo5sEAAH20FP8AAAAA

0
230 B

4ms
4ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZK04HMCo5sEAAH20FP8AAAAA
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12744

Redirect headers

Date: Tue, 11 Jul 2023 11:08:13 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.231","key":"ZK04HMCo5sEAAH20FP8AAAAA","privacy_sensitive":false,"uid":"ZK04HMCo5sEAAH20FP8AAAAA","upstream_id":"m-ad222"}
X-SO-Key: ZK04HMCo5sEAAH20FP8AAAAA
X-SO-Upstream-ID: m-ad222
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad222.dc4p.scaleout.jp
X-SO-UID: ZK04HMCo5sEAAH20FP8AAAAA
Connection: keep-alive
Content-Length: 0
X-SO-IP: 103.254.153.231
X-SO-Cluster-ID: 0
Server: nginx
Location: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZK04HMCo5sEAAH20FP8AAAAA
Cache-Control: private
X-SO-Ads-Time: 2
X-SO-LB-Hostname: a-tgng40003.dc2p.scaleout.jp

GET su
ih.adscale.de/ Frame 44CC 0
0

GET sync
ssbsync.smartadserver.com/api/ Frame 44CC 0
0

GET
H2

200

/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 44CC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=16698
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJY6V6I0-21-6NDA

0
229 B

4ms
3ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJY6V6I0-21-6NDA
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9125

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJY6V6I0-21-6NDA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c80248407eff6cf595ce43a76c04e23f
Expires: 0

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 44CC
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a?gdpr=0&gdpr_consent=&us_privacy=
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2.YgeK5E2oQJZLlNiiWq6vG5cBQQyAwP9Q48hg--~A

0
229 B

4ms
4ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2.YgeK5E2oQJZLlNiiWq6vG5cBQQyAwP9Q48hg--~A
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8311

Redirect headers

date: Tue, 11 Jul 2023 11:08:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2.YgeK5E2oQJZLlNiiWq6vG5cBQQyAwP9Q48hg--~A
content-length: 0

GET taboola
trace.mediago.io/ju/cs/ Frame 44CC 0
0

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 44CC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEMW7mYrkNjeFLyS4X-2FxRM&google_cver=1

0
71 B

360ms
359ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEMW7mYrkNjeFLyS4X-2FxRM&google_cver=1
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 173
date: Tue, 11 Jul 2023 11:08:13 GMT
via: 1.1 varnish
x-served-by: cache-bur-kbur8200024-BUR
server: nginx
x-timer: S1689073694.644788,VS0,VE173
x-fastly-to-nlb-rtt: 172246
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEMW7mYrkNjeFLyS4X-2FxRM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 44CC 42 B
245 B 21ms
4ms Image
image/gif 207.65.33.82

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a:$UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.82 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 11 Jul 2023 11:08:13 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44CC
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a

170 B
188 B

63ms
62ms

Image
image/png

142.251.220.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a

Protocol

Server

142.251.220.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a
date: Tue, 11 Jul 2023 11:08:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 10059

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 44CC
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=76a3488d-5910-4058-9367-cee18d91ab73

0
280 B

356ms
356ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=76a3488d-5910-4058-9367-cee18d91ab73
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 170
date: Tue, 11 Jul 2023 11:08:13 GMT
via: 1.1 varnish
x-served-by: cache-bur-kbur8200024-BUR
server: nginx
x-timer: S1689073694.587930,VS0,VE170
x-fastly-to-nlb-rtt: 168560
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:13 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=76a3488d-5910-4058-9367-cee18d91ab73
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET merge
ce.lijit.com/ Frame 44CC 0
0

GET rtset
bh.contextweb.com/bh/ Frame 44CC 0
0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 44CC 43 B
697 B 198ms
3ms Image
image/gif 23.106.127.39

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.39 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 11 Jul 2023 11:08:13 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 44CC
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=e626290a-07f4-434b-9a46-ab0547ce4adb

0
229 B

4ms
4ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=e626290a-07f4-434b-9a46-ab0547ce4adb
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 7608

Redirect headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:12 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=e626290a-07f4-434b-9a46-ab0547ce4adb
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 734088
content-length: 0
expires: Tue, 11 Jul 2023 00:00:00 GMT

GET 9.gif
id5-sync.com/s/464/ Frame 44CC 0
0

GET

send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 44CC
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola

0
0

GET sync
rtb.mfadsrvr.com/ Frame 44CC 0
0

GET
H2 200 sd
u.openx.net/w/1.0/ Frame 44CC 43 B
106 B 12ms
6ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 11:08:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 44CC
Redirect Chain

https://eb2.3lift.com/xuid?mid=7772&xuid=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy=
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

7ms
7ms

Image
image/gif

35.71.178.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 35.71.178.8 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 11 Jul 2023 11:08:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7772&xuid=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date: Tue, 11 Jul 2023 11:08:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET sync
sync.srv.stackadapt.com/ Frame 44CC 0
0

GET sync
t.adx.opera.com/ Frame 44CC 0
0

GET
H2

200

/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 44CC
Redirect Chain

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=eb95b52b-fe58-4b13-9331-5d88a549b9a9

0
230 B

4ms
4ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=eb95b52b-fe58-4b13-9331-5d88a549b9a9
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:08:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 11506

Redirect headers

date: Tue, 11 Jul 2023 11:08:13 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=eb95b52b-fe58-4b13-9331-5d88a549b9a9
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 70B8 3 KB
2 KB 190ms
188ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230709-18-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Jul 2023 11:08:13 GMT
x-amz-request-id: K5F2B6QCVN4T2TJT
age: 1144
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: EL2i9pMPcivnVWql1HI8kyGGSVLMwXK8pQxh+/Py9ykoNAIwNqwBygSuBfEa4DQg6UJRGCYXT08=
x-served-by: cache-bur-kbur8200024-BUR
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1689073694.582486,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 42
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 336

GET
H2 200 fraud-detect.js Show response
cdn.taboola.com/scripts/ Frame 70B8 121 B
442 B 190ms
188ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/fraud-detect.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230709-18-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Jul 2023 11:08:13 GMT
x-amz-request-id: CDYKFK00G4S536WW
age: 2381
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 125
x-amz-id-2: 5lxipPi4M7Z2tlEsn75zwDETZhxP/ZyciN8ijogbXZGNf0P8SyRXWA1ix/LcbXoXPxjizQNiy7k=
x-served-by: cache-bur-kbur8200024-BUR
last-modified: Thu, 15 Dec 2022 16:50:08 GMT
server: AmazonS3
x-timer: S1689073694.582487,VS0,VE0
etag: "f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary: Accept-Encoding
content-type: application/javascript
abp: 30
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 431

GET
H2 200 eidf.es5.js Show response
cdn.taboola.com/scripts/ Frame 70B8 17 KB
7 KB 189ms
187ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eidf.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230709-18-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 3979WkHCSLO5cQCJAWoE4w7tW4Dv40AW
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Jul 2023 11:08:13 GMT
x-amz-request-id: AK5QQTHWRK480279
age: 18972
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 6467
x-amz-id-2: uf5mAS9xT/qJrWfVFKrPNWxo2n6ov8uJaP7eU3PAJTwFXIgqBBQ3Z2oE2om3D5in8kgNOIO2SHA=
x-served-by: cache-bur-kbur8200024-BUR
last-modified: Sun, 02 Apr 2023 13:49:08 GMT
server: AmazonS3
x-timer: S1689073694.582552,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 29
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 8713

GET
H2 200 / Show response
pips.taboola.com/ Frame 70B8 4 B
124 B 185ms
181ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: cache-sna10751-LGB
date: Tue, 11 Jul 2023 11:08:13 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://manilastandard.net
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET /
cds.taboola.com/ Frame 70B8 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: live.rezync.com
URL: https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1975461768353436235&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dc8cvin272rsqtdt%26_%3D1689073693.6216023

Domain: live.rezync.com
URL: https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1975461768353436235&referrer={encSite}&forward=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D1975461768353436235

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t

Domain: sync-dsp.ad-m.asia
URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola

Domain: ih.adscale.de
URL: https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=4

Domain: trace.mediago.io
URL: https://trace.mediago.io/ju/cs/taboola

Domain: ce.lijit.com
URL: https://ce.lijit.com/merge?pid=42&3pid=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a&us_privacy=&gdpr=0&gdpr_consent=

Domain: bh.contextweb.com
URL: https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a

Domain: id5-sync.com
URL: https://id5-sync.com/s/464/9.gif?puid=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D

Domain: sync-dsp.ad-m.asia
URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola

Domain: rtb.mfadsrvr.com
URL: https://rtb.mfadsrvr.com/sync?ssp=taboola

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=140

Domain: t.adx.opera.com
URL: https://t.adx.opera.com/sync?vendor=60151&uid=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a

Domain: cds.taboola.com
URL: https://cds.taboola.com/?uid=8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a&mbl=ZmFsc2U=

Verdicts & Comments Add Verdict or Comment

219 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/disqus-thestandardph/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_146ca5c01fc1b7620f476edf133196ee_8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a_1689073690_1689073690_CNawjgYQ295FGPDPjKWUMSABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaID5nOTn69f49gFwAQ
kas.pr/	1970-01-20 13:11:14	Name: XSRF-TOKEN Value: eyJpdiI6IitaMXIyRkhUall4K2JoV0g5V3NvRnc9PSIsInZhbHVlIjoiekQ2UGpkU3NqQVkydDdwU1M3bDBvZ3Q2aGNDNUh1NjIxaWk3dGxLZ2g2UHc3MUF1SEw0SEdvXC9tMnYyV1NEVUpaK1hRNWdhVWhaTVhmVG84ZTR5Y2FnVURcL1pcLytEbSt6aWtkSDlaNEZScUFYekVBVThwT2hVVkhRbm9CR2NyY3giLCJtYWMiOiIyMWZlOTMyZGY5YjNhYjc1NjFmMDI2NTViYTM4NGVjMWNmMDg5NTJkZTA2MjRhMzExMDNlZWU4MzRkMmViMzVmIn0%3D
kas.pr/	1970-01-20 13:11:14	Name: laravel_session Value: eyJpdiI6IithR1dcLzRuekRZaEVFNFRTWENGWUl3PT0iLCJ2YWx1ZSI6ImVBNlJTOEVKSGNNa1NTZGk2ZGhUQUVBeGNWTkRuKzJRUlZVeURUQWVCWXJPSDZrMmFtK3Y2ZzhBaStNRitFVU5PYmRzbkY5eURRWWNacjFEWXErQ0R4d0tcL1YxVGF1QXdIdFVKTnBuVmVaeE9ReDFFbllldUg1VEZcLzFVV2w3dEgiLCJtYWMiOiIwZGNjMzk4OTg5YTJmOTAzYTZiODY5ZGQ1YTY5ZjExM2QzODkyMGFiZTkxMDkyYmYxMDkxYWIxNjk2ZmIwMWNjIn0%3D
.kas.pr/	1969-12-31 23:59:59	Name: ClientRouteKasPr Value: 317f69d2429369cbc0ee3f831498ee5d73647e9af31be7075bcbfe347673857d
.manilastandard.net/	1970-01-20 22:47:13	Name: _ga_7YMB3580ZZ Value: GS1.1.1689073687.1.0.1689073687.60.0.0
.manilastandard.net/	1970-01-20 22:47:13	Name: _ga Value: GA1.1.12579241.1689073688
.criteo.com/	1970-01-20 22:32:49	Name: uid Value: e626290a-07f4-434b-9a46-ab0547ce4adb
manilastandard.net/	1970-01-20 13:12:40	Name: pvc_visits[0] Value: 1689160088b314346382
.manilastandard.net/	1970-01-20 22:32:49	Name: cto_bundle Value: yuhX7V9sVkdhTTV6bUJ3T29OJTJGcFVhUFBteGNsUFo3b2lQJTJCOCUyQjZiQ1E3OUwyJTJCVCUyQk04UzRTYkJaUmlCZjIlMkJabHVCWU8lMkZUTEJqZ25wbXFGNWhSQjd6MzdINnVJQTIlMkI1cUxkYjNkbzlidlNBRlJZRUFOJTJGaDN1eHlhd2wlMkZ2NU9JUHhWQ09EZExvTiUyRmdjYmtRJTJCQzE1U3RqRFdxckhhV1AwZmpNQTUlMkJleXpDMGJ6b2JqRSUzRA
.crwdcntrl.net/	1970-01-20 19:40:01	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 19:40:01	Name: _cc_id Value: f333c8a571418985a858c2c13f7696c4
.manilastandard.net/	1970-01-20 19:40:01	Name: _cc_id Value: f333c8a571418985a858c2c13f7696c4
.manilastandard.net/	1970-01-20 13:21:18	Name: panoramaId_expiry Value: 1689678488178
.manilastandard.net/	1970-01-20 13:21:18	Name: panoramaId Value: fac3bd15822902beb58721e0cb0b16d53938a8cef298d51faab7e2f79fe12516
.manilastandard.net/	1970-01-20 13:21:18	Name: panoramaIdType Value: panoIndiv
.openx.net/	1970-01-20 21:56:49	Name: i Value: bf036951-bdde-45b3-bb49-94e660132ee0\|1689073688
.manilastandard.net/	1970-01-20 22:32:49	Name: __gads Value: ID=e53727da0cd51760:T=1689073688:RT=1689073688:S=ALNI_MZyOhzYlfMiV-e2vwkFoYwUumhbAg
.manilastandard.net/	1970-01-20 22:32:49	Name: __gpi Value: UID=00000c1fc73a391b:T=1689073688:RT=1689073688:S=ALNI_MbPlmFkZ_a_Ux97sDX1nwzPGU6Ztg
.openx.net/	1970-01-20 13:32:49	Name: pd Value: v2\|1689073688\|jElYiuvOhI
.adsrvr.org/	1970-01-20 21:58:16	Name: TDID Value: 76a3488d-5910-4058-9367-cee18d91ab73
.openx.net/	1970-01-20 13:32:49	Name: univ_id Value: 537072971\|76a3488d-5910-4058-9367-cee18d91ab73\|1689073688777725
.doubleclick.net/	1970-01-20 22:47:13	Name: IDE Value: AHWqTUmlMkRQixFb-mgmxeKWKxtmg1Ms16B0eFTLkJnBOnxl5OEzaq5zH0K3klF_1zY
.doubleclick.net/	1970-01-20 13:11:17	Name: DSID Value: NO_DATA
.socdm.com/	1970-01-20 22:47:13	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNjg5MDczNjg4fQ
.ladsp.com/	1970-01-20 13:11:17	Name: cr Value: 1
.ladsp.com/	1970-01-20 22:47:13	Name: smn_uid Value: GLRBxpHzt4Qn0BOogWY1qA-yJePdXwE
.ladsp.com/	1970-01-20 22:47:13	Name: lum Value: CIrGjKWUMRIFCAMQ0AU
.disqus.com/	1970-01-20 21:56:49	Name: disqus_unique Value: 8cvin272rsqtdt
disqus.com/	1970-01-20 13:11:15	Name: __jid Value: 8d1d8as2dbov8l
.taboola.com/	1970-01-20 21:56:49	Name: t_gid Value: 8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a
manilastandard.net/	1970-01-20 21:56:49	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D8c4ab079-2763-47dc-94e8-6ef94abb9174-tuctba6bd9a
io.narrative.io/	1970-01-20 22:47:13	Name: io.narrative.guid.v2 Value: 3994b550-1fdb-11ee-9c84-0a2d04f6ac5a
.yahoo.com/	1970-01-20 21:57:11	Name: A3 Value: d=AQABBBw4rWQCEJAuON3QYnOocg8QpX-H9GMFEgEBAQGJrmS3ZAAAAAAA_eMAAA&S=AQAAAgY917cXkSnK9_c0MwJ007Q
.socdm.com/	1970-01-20 22:47:13	Name: SOC Value: ZK04HMCo5sEAAH20FP8AAAAA
.analytics.yahoo.com/	1970-01-20 21:56:49	Name: IDSYNC Value: 19cx~2cpn
.rezync.com/	1970-01-20 22:32:49	Name: zync-uuid Value: b37aa6a8-a27f-4c88-baed-d3ed87dc8989:1689073692.457179
live.rezync.com/	1970-01-20 22:32:49	Name: sd-session-id Value: .eJwNyUEOwiAQQNG7zLoYC5UZuExDmTEhUbQMddP07rL7L_-E9SvtnarUDrG3QybIrzKkEE_govsxCjLlX6kWbdO9c4drAhXV8qlr4fE3hyn5RCZZfJolE5ktCRt2woScKVCIs6dwR-eDvS0PnDHA9QfzqSf9.ZK04HA.pRxBIuXFEaLdmB22RJvovrduQWw
.tapad.com/	1970-01-20 14:37:37	Name: TapAd_TS Value: 1689073692623
.tapad.com/	1970-01-20 14:37:37	Name: TapAd_DID Value: 4b9c544f-2dd2-4c84-8b2c-8fa53ade6a8b
.tapad.com/	1970-01-20 14:37:37	Name: TapAd_3WAY_SYNCS Value: 1!4619
.bidswitch.net/	1970-01-20 21:56:49	Name: tuuid Value: c57b8eb2-e1c9-47a2-9873-97ccf7106a21
.bidswitch.net/	1970-01-20 21:56:49	Name: c Value: 1689073692
.bidswitch.net/	1970-01-20 21:56:49	Name: tuuid_lu Value: 1689073692
.rubiconproject.com/	1970-01-20 21:56:49	Name: khaos Value: LJY6V6I0-21-6NDA
.adsrvr.org/	1970-01-20 21:58:16	Name: TDCPM Value: CAESFAoFdGFwYWQSCwiGmrPopIKBPBAFEhYKB3J1Ymljb24SCwjWjezqpIKBPBAFGAEgAigCMgsIhpK2lbuCgTwQBTgBWgV0YXBhZGAC
.adform.net/	1970-01-20 13:55:52	Name: C Value: 1
.rubiconproject.com/	1970-01-20 21:56:49	Name: audit Value: 1\|qktCHkQ2NpC5o1G6nOExpLCa8lHf5nIJmS3ZfaFINhTE50xgAul76bgm39Amn+OJa5En5OFjO/DqFTrNE4+z9k1id1yxWjzFQL6tE+uyZ7k4R0ZTzlIE6sR35sLwbc3o0t4i1Iq21d0=
.adform.net/	1970-01-20 14:37:37	Name: uid Value: 8269748334659375202

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://manilastandard.net/?ajax-request=jnews Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://thestandardph.disqus.com/embed.js(Line 46) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://pippio.com/api/sync?pid=1391&ref=https%3A%2F%2Fmanilastandard.net%2Ftech%2F314346382%2Fhow-crypto-phishers-steal-crypto-wallets.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dapac_PRpost_ab0218%26utm_content%3Dlink%26utm_term%3Dapac_facebook_organic_218dddepibkx73r&it=1&iv=c8cvin272rsqtdt Message: Failed to load resource: the server responded with a status of 451 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271804&client=ca-pub-7821547671837563&fa=4&ifi=7&uci=a!7&btvi=1&xpc=9UKubVyT8u&p=https%3A//manilastandard.net Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
accounts.google.com
adservice.google.com
analytics.google.com
apis.google.com
bcp.crwdcntrl.net
bh.contextweb.com
c.disquscdn.com
c1.adform.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
cr-p3.ladsp.com
dis.criteo.com
disqus.com
ea4623aa1fbc00427a66df067b84b892.safeframe.googlesyndication.com
eb2.3lift.com
ecp.yusercontent.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
glitter.services.disqus.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
ih.adscale.de
images.taboola.com
imprsgmp.taboola.com
io.narrative.io
jp-u.openx.net
kas.pr
live.rezync.com
manilastandard.net
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
referrer.disqus.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
sg-match.taboola.com
sg-trc-events.taboola.com
sg-vid-events.taboola.com
sg-wf.taboola.com
simage2.pubmatic.com
ssbsync.smartadserver.com
static.criteo.net
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync-t1.taboola.com
sync.srv.stackadapt.com
sync.taboola.com
t.adx.opera.com
tags.crwdcntrl.net
tempest.services.disqus.com
tg.socdm.com
thestandardph.disqus.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
vidstat.taboola.com
vidstatb.taboola.com
www.facebook.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
aax-eu.amazon-adsystem.com
bh.contextweb.com
cds.taboola.com
ce.lijit.com
id5-sync.com
ih.adscale.de
live.rezync.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
ssbsync.smartadserver.com
sync-dsp.ad-m.asia
sync.srv.stackadapt.com
t.adx.opera.com
trace.mediago.io
107.178.254.65
13.228.126.19
13.32.127.59
13.32.127.93
141.226.229.48
142.251.220.226
151.101.129.44
151.101.193.229
151.101.193.44
151.101.64.134
162.19.138.118
18.136.175.78
182.161.73.136
182.161.73.146
185.84.60.29
185.85.15.34
199.232.196.134
199.232.196.64
202.241.208.52
207.65.33.82
23.106.127.39
23.53.160.230
2404:6800:4003:c00::9a
2404:6800:4003:c05::61
2404:6800:4003:c0f::5f
2404:6800:4003:c0f::84
2404:6800:4017:800::2001
2404:6800:4017:800::2002
2404:6800:4017:802::2001
2404:6800:4017:802::2002
2404:6800:4017:803::2003
2404:6800:4017:803::2004
2404:6800:4017:803::200e
2404:6800:4017:804::2002
2404:6800:4017:804::2003
2404:6800:4017:805::2002
2404:6800:4017:805::200d
2404:6800:4017:805::200e
2406:2000:98:804::3000
2406:2600:7:100::1
2406:2600:7:100::9
2406:da18:929:5a03:6501:163c:2f11:2df9
2600:9000:2084:4000:6:8656:f5c0:93a1
2600:9000:223b:fc00:a:e047:753:be1
2606:4700:10::ac43:266a
2606:4700:3035::6815:5efb
2620:1ec:21::14
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
34.102.146.192
34.111.113.62
34.120.135.53
34.247.143.248
35.213.12.39
35.244.159.8
35.71.131.137
35.71.178.8
54.179.25.195
54.192.150.110
69.173.151.100
69.173.158.64
009f125d9969e0f3882a4132f2ef6f67ae95cf3f4c0ad88cfdfda9f33e49644a
01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
02d3cc9d6f4313b616281d72c155ee4f8c1d5e5b3fa7ecb1023c6cc2ab16aa32
02da548af92a70dd132fb15ae5529ff83f7fd832cf3f7a45a4c8343cc3b1d44d
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
05f2884caa7dc429a87e2930236f7a30a34750723c0c3abd1c4a97f93093f86a
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
0998c67d7ab2394a2223299e4371481a4620fe997945c0c03f72ab716989a835
0af62ad2d6b087928deebb44ad550d485617ea9350362fdfc4b7ce239f88b419
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0966cfd51c57ef6c213b1ec5bcc82a3abe350f9ace2632ce6418837e9c0c48
0efb4ac8cbc76073c40311e7da442abac29db40f56ba9f8f1acd0d8d1119e87d
11c401a81e32b086bea3798c033009907b429fb601411da6ffc266b78184898a
123d292c62dc7d5cb5ea4b726cd4c85ea5ca98a2e42cad1aecc64b7019c7432f
12475fdd5d48640d7ad60670a2342f02cf560b8cd977cf8e7e624e6a22576f82
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
14b4acd7dad1f0b6ddf02809d49f2262f5f76ecdc26ce20884bac52e0b99342f
159cb86d8dbba60fdc7d88ec7dc8375a964e0d253a857fcb3a22bd51a4fa6f01
171f620f6a522f773d9c34939859566bb18192021eade1801bca6f6837971520
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1c468f25c66a9aeaa637ca5244f64ec7f967734b2dc2aa92b667cf5316155e81
2033a5bde77f79d3b830b0afd5d8737e654db778ca0ee56d5e0a927261255545
20a91bd509668238b6af8e16475c5e2611bcd2861d0eec2e0d4f6815e81449bd
20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26751c8bb34e5e0e830f8e57f8f3f843ba4e7f3951fffcd4626b027f2f82c7b8
26ca894b53ec74899a22bcddf9db088ba9d35403bcc9a72cebb50a88c81f6992
28bb10ad395d322e68196f832c6bd13db2a751fefa28639ebf2b356327ffd937
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32011d788c00421face369de4aab7fb0b93b020bd61474d1a3deee3272c82dc0
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
35ec5cdf7832d22366300f45f5b296d2c5a4ae7e507a0760d2c7a539c138c0fc
370870752701110a3b786e01042da739d8fae427aa8a46c3b2b233587f0d8ac4
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fadf99638094a841349a5bc82be83289b9b7c795838626f5ab8462763bad224
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717
417412fab0fb1f36d3771b208b38a4342dcef4f9c2fdd9287d7bd7e51d63bd74
45f9524e2b8183b9f93df7cbc301ba05f03dd4047dc4482de3eced1f61af8ff2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47c0fdc683768eec072172fcbafca5d4fed05896d8703ca31a6644381a6549d3
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a5566a499a0f62b47373450a2eeac6214ce7448937efc6c3ae543f14e63b2df
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e14ce1bd0d4433eee84cbb16196a7a051126f07af888ef7f9d252120f32f907
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba
52c96c26a60020129df5270c7684da43450cfc8a3caf4c0b54d2d3d82c857126
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5847707988b0ee28c7b583abaabd6c203ad910326e5b9fe12149a0bc8ac43e5c
5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54
5be96c62d1f3004c4d4fd00d8d9892ca74d41d720ab629a1e9864e28bb63fbe4
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6392f534bd48c7a1bff5a562a8bad25235244cd256849e218c44d5a7bf7c052b
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66ee6c589382813970064be808cc234d706233bdace425e13218c50ce995d4f9
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
73eff7a5aa229193a1f6255c29130984d857447a1accb89667e53d883aefb90e
76d84718b6dc9d6ee2ff92b1cc74ebf5dbaf03964d17644a6fa559d67e459e4d
786ba42fe37c22ff6786070c5c37bf1782f29e826cb4ce4a7267a6b1a1c90f96
79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3
7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049
8185ba013316af651152338bf554fb729d3f1d86a3cdb8545dfe98d664863eda
8187dcb05ebcfc94502aeec0524c23c7d22afbafe17aff1d39acc1d59a3a52db
819b2cc873a2e72c4d9d0d546aa0e0f310a782375e174348d32c9256eff91e64
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8955564991d0c68c27f319d073fb417247be127bde854a32c714c62a5cc71690
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cd39abf3ded77522d5de8a7b00257adca60248fabe28ea7148908d24dff84cd
8d6f9a64816ed389a494d2fc7ebe73af9031d9a513625e582bf4c3a3de123c14
8e855d9e6f5f92d817bd3949ded0debcb80d184b19b349279085724f8bc2d520
8f70fccf4e42cdd1bb1c710d1e21ab32efbb07e042ebb1fbc085456f9e1929b1
9081319f88452046a6e53e84f199761ef783983ba456f9362a2493e1278cb96a
918b064a56a07a9515714c34770a190fd7b2ba88289814c6edcfc28c2461b91e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9352ee17d1b033923f7498f10a8bbd9f6d374090321e3ffb9774983913018dd8
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
99153ceee48d4f50a6313e8a839fff4f277de97fffa0846255f2667c3f5ae239
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9eae45081f842d49d56d697729af8670d13263c77315b961f4fb70573092fc4f
a1241d49d2e8af6ca0cc6489c640ee0fcfe24cbbeb5b6e7452361c750795df09
a278d9459c8a7c717423ad4989df1b5097095b847a9c1a4549d1cd5dac3aca15
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f
a85ef6aa5e0512bdd5835bb4d2f753215bc6422cd57260d32f64a0158f5c9454
a9374de123126424cc9576c36c508f12954bb9c1da8a23d035bf8a0131f7113f
aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ada0f7945a338645894de9cb0295f6f9031e87eb957eb0c2f25f773c1848bfe8
adce9367fc6d28d7e748532f79c0a66007fea4a9169e93f674fc55327cdb9918
ae05b8f9cd0f5597f74764396a6e173dccbea0204340a1dc1ce1a5faf1277612
ae63276d13de5376dd9d5d0dd2d330cb131ace6ab96008ddcad724acff553cea
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b089590c437316f3b53a6ea8abd412e6f4f6677b316592ebc7e2c033e4442348
b08dbe7fc6744e613d23468470d9aa59ab0fa0fb53c4587ef84f6c65a6f0ced8
b112bc72ac7ba4479e43c603a4a0c60f5a1a9f3f215119c65d90ea11f0c3e787
b52f068e4f0896a47cc1402f3417df031040d96324b64a163bb63cfc7d4fd08d
b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608
b6cf40195f73f471ce1dfe84ca3b389c9eb8f46dacf76e1e2d63f5427d6c58a4
b75d2577cd88096501b503e07a4e30813204e28dad2a968693ccb05f7c2231b9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c30f8933e695a2f6a782b54f0bec3ee4044b205b149ec6b60faff14966562486
c393ae264be2c895ae0a808f0b457afab85feb56de3915943b975b7017ba5226
c489134cd8282e379ab7e6aa10e0292038bd696b17554fd03251b59d1a840bdd
c517c83a9b04320c95fc1d275a35d262067c47910921f0835498311952393c6a
c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32
c639fdc87ae6f3ceebc57af081c0792a2bd7f49c22ffe5d27899ac4bf825b1cf
cad3e00e1a59cc6975f8d7d3c8721145d60c19b9a70171a98bcf2a55a033b184
cbc0d8932b192ccbbe736cd2cf378762886587a8cadb021aff9878f8d63313b9
cbda2f722018b322d309f8392f0d2112a9b8b265c93705d3bc26cac47958727d
cd00c79e4bbf06794b0851af6b891c002601933c8b9d0cef5bf18427c62c699c
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d23fd6a13b657ba55789f4a8b098f72d86e253917a83af15a2e4e6ed23a9e5c9
d87c2fedac29b7103d7b6b3cba3f23547ae3fdb319eded5937d23c10154dacc1
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
db865c8f3642f3485829c0ee0008fe04a32cc66af70867b39f60395a7fed3984
dbe3183f2153d77db47d962b3bfd36cb1e54694ec78ffc19425637a5146b434d
dc050af21f6b85119f68ad7b7938f52ad1dc24fe4a30830f7ded6a92a7a5abe9
dc94cdb615afa42fd7a8eb13d13a54841e9f722da84de4719a635ec9cf007cdd
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dd7f6a2d10f7be5395cd5d30fb4c13c1a94111a51d093183c6bd8ff2eed612c3
ddc6aec4144b67f0a2a12d687f3c4b8a9faf7c445847d0e25dcb5bd1a9ba9018
e13f289b75979ed6c3eaad910506e43dc36308caa1d486d2029e1ac3f778a0c6
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e225b87b0c526d17c34ac378c5f38d4e704ed042c82c460c8b0521a22b11a5e7
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422b07ca1550e55cd90a518e910fd3cfb4d9337ea6092357f9761aa77ac9e33
e4bd594de99b4aa8ec06290b0aa857e6b359fdc2b47a212418d70fb4072b4bab
e98d1974691c07006329aa5a3f39fe78ffafae80fd4e364c09bc85b42a43d5eb
ecda587e4172abad0c0325e5aae7b5959d1e1b01fab9278425415adeafb3372a
ed5014fe838baf69d45ecf4a0c69cba27cebb3302d27b352df29a05be3a9a650
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ed70c2cf61d0f24d03299ffc5896c7abd86bb858501987dc10e3afec086c01df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ae296f5c19db047491f1311d621ff18960b34cfa9cb07b69932a02ec298366
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5cf395888d15d8ef490feed69ad59e30626e3598ea946f5f2deccc3905257c3
f5e7565bd65ff0c3ddf27671643876c70552ac2bf61553f6a8e9874c29eb2a37
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1
f888b7486eb50ffa7d2a63aece0ab443ca47e86ac37f5576985998750243de1e
fa0afe1a6ead5ceed27551b552622055c89ae430c86a1bdc30430fe891d50dcd
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
fffeca646555545c8fb0fb9fc1d08b6e9481509b0f0fb78b4243807ca076410c

manilastandard.net Open in urlscan Pro 2606:4700:3035::6815:5efb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

269 Requests

83 %HTTPS

44 %IPv6

51 Domains

92 Subdomains

51 IPs

8 Countries

4960 kBTransfer

12740 kBSize

48 Cookies

14 Outgoing links

Page URL History

Redirected requests

269 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

manilastandard.net Open in urlscan Pro
2606:4700:3035::6815:5efb Public Scan

Screenshot
Live screenshot

Full Image

269
Requests

83 %
HTTPS

44 %
IPv6

51
Domains

92
Subdomains

51
IPs

8
Countries

4960 kB
Transfer

12740 kB
Size

48
Cookies

269 HTTP transactions
4 data transactions